qa.aly2um.com Open in urlscan Pro
2606:4700:3030::6815:3954 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://powahtoys.com/
Effective URL:
https://qa.aly2um.com/9991/learn-5-important-and-useful-information-about-pets
Submission: On September 08 via api (September 8th 2022, 1:02:44 pm UTC) from US — Scanned from DE

Summary HTTP 122 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 29 IPs in 7 countries across 25 domains to perform 122 HTTP transactions. The main IP is 2606:4700:3030::6815:3954, located in United States and belongs to CLOUDFLARENET, US. The main domain is qa.aly2um.com.
TLS certificate: Issued by E1 on July 31st 2022. Valid for: 3 months.

This is the only time qa.aly2um.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	122.128.105.117 122.128.105.117	133380 (LAYER-AS ...) (LAYER-AS Layerstack Limited)
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a06:98c1:312... 2a06:98c1:3121::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
16	2606:4700:303... 2606:4700:3030::6815:3954	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:800::200a	15169 (GOOGLE) (GOOGLE)
3 13	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
4 6	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1 2	52.17.188.115 52.17.188.115	16509 (AMAZON-02) (AMAZON-02)
20	2a00:1450:400... 2a00:1450:4001:800::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
4 4	23.7.201.234 23.7.201.234	16625 (AKAMAI-AS) (AKAMAI-AS)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	52.211.246.129 52.211.246.129	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223f:1e00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:1f13:800... 2600:1f13:800:7782:ef30:5aef:8f46:e8d3	16509 (AMAZON-02) (AMAZON-02)
122	29

1 122.128.105.117 (Central, Hong Kong) 1 redirects

ASN133380 (LAYER-AS Layerstack Limited, HK)

powahtoys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)

ois.is	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:3030::6815:3954 (United States)

ASN13335 (CLOUDFLARENET, US)

qa.aly2um.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:800::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.184.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.19.126 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.22 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.188.115 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-188-115.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.7.201.234 (Vienna, Austria) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-7-201-234.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.246.129 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-246-129.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:1e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f13:800:7782:ef30:5aef:8f46:e8d3 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 174	343 KB
23	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 73 cm.g.doubleclick.net — Cisco Umbrella Rank: 303 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 373	93 KB
20	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 350	291 KB
16	aly2um.com qa.aly2um.com	112 KB
8	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1021 static.adsafeprotected.com — Cisco Umbrella Rank: 791 dt.adsafeprotected.com — Cisco Umbrella Rank: 735	94 KB
6	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 904 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 709	5 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	56 KB
5	google.com www.google.com — Cisco Umbrella Rank: 19 adservice.google.com — Cisco Umbrella Rank: 142 mts0.google.com — Cisco Umbrella Rank: 6622	53 KB
4	addthis.com 4 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 3095	3 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 329	4 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 494	913 B
2	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 891	207 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 2282	485 B
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1531	925 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 234	88 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
1	everesttech.net 1 redirects pixel.everesttech.net — Cisco Umbrella Rank: 5042	376 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 885	98 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 120	1 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 5202	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 972	644 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	41 KB
1	ois.is ois.is	872 B
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 4581	230 B
1	powahtoys.com 1 redirects powahtoys.com	250 B
122	25

	Domain	Requested by
20	s0.2mdn.net	ois.is s0.2mdn.net googleads.g.doubleclick.net
18	pagead2.googlesyndication.com	qa.aly2um.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.gstatic.com s0.2mdn.net www.googletagservices.com
16	qa.aly2um.com	www.google.com qa.aly2um.com ois.is
13	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net qa.aly2um.com
12	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	dt.adsafeprotected.com	googleads.g.doubleclick.net
4	e.dlx.addthis.com	4 redirects
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
3	www.google.com	ois.is googleads.g.doubleclick.net tpc.googlesyndication.com
2	static.adsafeprotected.com	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	ois.is
2	ssum-sec.casalemedia.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	image6.pubmatic.com	googleads.g.doubleclick.net
2	rtb.openx.net	googleads.g.doubleclick.net
2	cms.quantserve.com	googleads.g.doubleclick.net
2	fw.adsafeprotected.com	1 redirects ois.is
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	pixel.everesttech.net	1 redirects
1	id.rlcdn.com	googleads.g.doubleclick.net
1	fonts.gstatic.com	fonts.googleapis.com
1	mts0.google.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	qa.aly2um.com
1	ois.is
1	bit.ly	1 redirects
1	powahtoys.com	1 redirects
122	34

This site contains links to these domains. Also see Links.

Domain
www.q2amarket.com
www.question2answer.org

Subject Issuer	Validity	Valid
*.ois.is E1	`2022-08-31` - `2022-11-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.aly2um.com E1	`2022-07-31` - `2022-10-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://qa.aly2um.com/9991/learn-5-important-and-useful-information-about-pets
Frame ID: 07958E2E048BFC44DA3DB399BA49605E
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220901/r20190131/zrt_lookup.html
Frame ID: FD29325637F273EC274087224F684D13
Requests: 1 HTTP requests in this frame

Frame: https://qa.aly2um.com/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=7477e132e9ee9b69
Frame ID: 439259EB88685F9234BB7EF88E006D40
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&adk=1812271804&adf=3025194257&lmt=1662642159&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fqa.aly2um.com%2F9991%2Flearn-5-important-and-useful-information-about-pets&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662642159536&bpp=4&bdt=142&idt=237&shv=r20220901&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1573041347052&frm=20&pv=2&ga_vid=1215402833.1662642160&ga_sid=1662642160&ga_hid=1594853769&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069396&oid=2&pvsid=2663326108875024&tmod=230140013&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=253
Frame ID: DC74965CCD8A9D0E34543AADEA41DC2F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=640&slotname=2365019599&adk=931938384&adf=3674521187&pi=t.ma~as.2365019599&w=320&lmt=1662642159&psa=0&format=320x640&url=https%3A%2F%2Fqa.aly2um.com%2F9991%2Flearn-5-important-and-useful-information-about-pets&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662642159540&bpp=2&bdt=146&idt=256&shv=r20220901&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1573041347052&frm=20&pv=1&ga_vid=1215402833.1662642160&ga_sid=1662642160&ga_hid=1594853769&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069396&oid=2&pvsid=2663326108875024&tmod=230140013&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfnEr%7C&abl=NF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=KilZxgq3HN&p=https%3A//qa.aly2um.com&dtd=261
Frame ID: 05367F82C132C035EC8DD3547FB739A8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=4620684285&adk=2125970011&adf=1528403788&pi=t.ma~as.4620684285&w=748&fwrn=4&fwrnh=100&lmt=1662642160&rafmt=1&psa=0&format=748x280&url=https%3A%2F%2Fqa.aly2um.com%2F9991%2Flearn-5-important-and-useful-information-about-pets&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662642159542&bpp=2&bdt=149&idt=593&shv=r20220901&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=1573041347052&frm=20&pv=1&ga_vid=1215402833.1662642160&ga_sid=1662642160&ga_hid=1594853769&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069396&oid=2&pvsid=2663326108875024&tmod=230140013&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gOez3t620N&p=https%3A//qa.aly2um.com&dtd=596
Frame ID: 08A2F8E29514B1499BFA04A10CD92853
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=600&slotname=3796409979&adk=491331604&adf=318908456&pi=t.ma~as.3796409979&w=300&lmt=1662642160&psa=0&format=300x600&url=https%3A%2F%2Fqa.aly2um.com%2F9991%2Flearn-5-important-and-useful-information-about-pets&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662642159544&bpp=1&bdt=151&idt=605&shv=r20220901&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=1573041347052&frm=20&pv=1&ga_vid=1215402833.1662642160&ga_sid=1662642160&ga_hid=1594853769&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=3966&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069396&oid=2&pvsid=2663326108875024&tmod=230140013&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ayEwhCr2yR&p=https%3A//qa.aly2um.com&dtd=608
Frame ID: E6CBF7F631CA58D4D02A33C974630D82
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY0-aZyAEwAQ&v=APEucNWbJsz22ZUlG-AHt38Aj1Q7MhvMV7m5Wo4dP0lTVgIEmmBhTESIPJR8dcXvawPPlQLCbcFrLq2cIbZE2g2i6P2S6RSpB9ciW3aRf6lhOatswj0IVXHzgOlprkFb_yjWW1i7UE5tWN7TtK4Q_Kuf55Zk8IuJfjMMmv8gy317IqcvpKFY3qI
Frame ID: 6AD933040CB250EA64CCEB6F06B3E38A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C62BCC7FCD587748AEFFE5B36CC7443A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 53C8D87FC257AE494E96A6E93F48E5C0
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D23464B611E8681FC67224D6667E4589
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=hIl20mnxr9&t=1&renderingType=2&ev=01_247
Frame ID: F899A338F6635565667667723A7DF013
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Frame ID: 76D4A5F96AA4C565E91EAC3AC1E7513C
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: C0BF34ECCA0A52B096B27B47839EF819
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Frame ID: 413E9E1FF046F456361EB5F753F8FFC7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0B21E75A1BC6BD7A8E77D4BFF8C7950C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FBD717F6BB1B4A3FF617D19198299F39
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Learn 5 important and useful information about pets - Questions Aly2um

Page URL History Show full URLs

http://powahtoys.com/ HTTP 302
https://bit.ly/3AAXYh6 HTTP 301
https://ois.is/rr/page-1.php Page URL
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwjK1N_Slff5... Page URL
https://qa.aly2um.com/9991/learn-5-important-and-useful-information-about-pets Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

122
Requests

90 %
HTTPS

58 %
IPv6

25
Domains

34
Subdomains

29
IPs

7
Countries

1198 kB
Transfer

2916 kB
Size

28
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.q2amarket.com/
Title: Q2A Market

Search URL Search Domain Scan URL

URL: http://www.question2answer.org/
Title: Question2Answer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://powahtoys.com/ HTTP 302
https://bit.ly/3AAXYh6 HTTP 301
https://ois.is/rr/page-1.php Page URL
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwjK1N_Slff5AhXY_7sIHR1-CcQQFnoECAIQAQ&url=https%3A%2F%2Fqa.aly2um.com%2F9991%2Flearn-5-important-and-useful-information-about-pets&usg=AOvVaw0CQ1qMTVN7MPuAo64zOnWj Page URL
https://qa.aly2um.com/9991/learn-5-important-and-useful-information-about-pets Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://powahtoys.com/ HTTP 302
https://bit.ly/3AAXYh6 HTTP 301
https://ois.is/rr/page-1.php

Request Chain 47

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhnlOdzJq3ScAXTDwz6ex8&google_cver=1

Request Chain 48

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yxnn8czJp5dqOzAziuVRXQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhnlOdzJq3ScAXTDwz6ex8&google_cver=1

Request Chain 49

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECSsGCGIBGvEB-jdLjm7LSw&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECSsGCGIBGvEB-jdLjm7LSw%26google_cver%3D1

Request Chain 50

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUxNzU2NzU2NzEzOTc0MDYxOA%3D%3D

Request Chain 66

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4Dk3QIU4RNaWzVocezai-XIQEsgUDWGv0_KuyUViyPnel26Ivl55aOOVASwCgeswljnfDyzy6p_vAFNBLR65mF6V5PmU2Qs&google_gid=CAESEAQmMV-pR4k0cuAkPsdnJ5A&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4Dk3QIU4RNaWzVocezai-XIQEsgUDWGv0_KuyUViyPnel26Ivl55aOOVASwCgeswljnfDyzy6p_vAFNBLR65mF6V5PmU2Qs&google_gid=CAESEAQmMV-pR4k0cuAkPsdnJ5A&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MDgxMzAyNDIwMDA2MTk4MTkwMTQ4NA%3D%3D&google_push=AehlK4Dk3QIU4RNaWzVocezai-XIQEsgUDWGv0_KuyUViyPnel26Ivl55aOOVASwCgeswljnfDyzy6p_vAFNBLR65mF6V5PmU2Qs

Request Chain 69

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHX8C8WQvtaJRBLeAvGF-5A&google_cver=1&google_push=AehlK4CHfk6WeRiyPzFOYOYnKydyXivkNeGL0nXqDovKV384a5tAbLMxbcbvdI1KnNMEEVTnsbPLdgW5nc3wfOlPhUVMCMc0wvRZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdUMjdROTgtUS1BMTlF&google_push=AehlK4CHfk6WeRiyPzFOYOYnKydyXivkNeGL0nXqDovKV384a5tAbLMxbcbvdI1KnNMEEVTnsbPLdgW5nc3wfOlPhUVMCMc0wvRZ

Request Chain 70

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEE8ksRc7n7MNZytIyw7e7uY&google_cver=1&google_push=AehlK4BsH_Hy504XBOP-DRx8LRMulIyIqH4iM6U1CADc_5CT2Q7n7XYgUyI07JBiHIUMXK0zTJo_nqMHiqhaR2Er3w_VAbajuoDA HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEE8ksRc7n7MNZytIyw7e7uY&google_hm=Yxnn8czJp5dqOzAziuVRXQAAFBIAAAAB&google_nid=index&google_push=AehlK4BsH_Hy504XBOP-DRx8LRMulIyIqH4iM6U1CADc_5CT2Q7n7XYgUyI07JBiHIUMXK0zTJo_nqMHiqhaR2Er3w_VAbajuoDA

Request Chain 77

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4CP_p8fjnonXSdrrvsS8OhjuQewf2zpTSvOY0qNE-YWxGn-WqAXxVbKNvyjJ5WlOATfr-snqkLErl8jescjOfZCZcQavJfd&google_gid=CAESEOBxH4F1R0_ZWOAImuI7dbE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXhubjhRQUFCV0xmWEJvVQ&google_push=AehlK4CP_p8fjnonXSdrrvsS8OhjuQewf2zpTSvOY0qNE-YWxGn-WqAXxVbKNvyjJ5WlOATfr-snqkLErl8jescjOfZCZcQavJfd

Request Chain 78

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4DCbOdUyJ2wnbgPZSnRc4NG5lWHwT_2dAtbk-x9oC-EIFXxfkh0lbLT0MATlNIHgkwAuDuG_-caTtJbXtefTDJRILvSXCDH&google_gid=CAESEJaMpixqLra15L5lzG8uoPg&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4DCbOdUyJ2wnbgPZSnRc4NG5lWHwT_2dAtbk-x9oC-EIFXxfkh0lbLT0MATlNIHgkwAuDuG_-caTtJbXtefTDJRILvSXCDH&google_gid=CAESEJaMpixqLra15L5lzG8uoPg&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MDgxMzAyNDIwMDA4MDM5NDk1NjA4NA%3D%3D&google_push=AehlK4DCbOdUyJ2wnbgPZSnRc4NG5lWHwT_2dAtbk-x9oC-EIFXxfkh0lbLT0MATlNIHgkwAuDuG_-caTtJbXtefTDJRILvSXCDH

Request Chain 81

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEG8jCXCsNEB7y5gJo18i6Sg&google_cver=1&google_push=AehlK4D8L1XoM183o7qd3QGlqCHu5Rg6T5ibUGzu8yWmmazDpGxhVk2zymGVikCVRydAMVJtAls5hu0TpkIKuUH_FENP3LuoiTs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdUMjdROU8tSi1GNElU&google_push=AehlK4D8L1XoM183o7qd3QGlqCHu5Rg6T5ibUGzu8yWmmazDpGxhVk2zymGVikCVRydAMVJtAls5hu0TpkIKuUH_FENP3LuoiTs

Request Chain 82

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEePYS8dvYCMwbVk4MzVj2s&google_cver=1&google_push=AehlK4BHX5oWv3hlTozsYTEa8x16mLlEFm_xe8bSvkbKnsqaVCPEtah1vLLYTY7y-QyNn7vcQEXWUufnon5QA7JQWEXT2AUXcIua HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEePYS8dvYCMwbVk4MzVj2s&google_hm=Yxnn8czJp5dqOzAziuVRXQAAFBIAAAAB&google_nid=index&google_push=AehlK4BHX5oWv3hlTozsYTEa8x16mLlEFm_xe8bSvkbKnsqaVCPEtah1vLLYTY7y-QyNn7vcQEXWUufnon5QA7JQWEXT2AUXcIua

Request Chain 97

https://fw.adsafeprotected.com/rfw/st/886862/62195779/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_8ecZY-DoBdqy3gOWopnYDA&cbFunctionName=goog_wrapCb_8ecZY-DoBdqy3gOWopnYDA&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x600.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fqa.aly2um.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8128055623790566%26output%3Dhtml%26h%3D600%26slotname%3D3796409979%26adk%3D491331604%26adf%3D318908456%26pi%3Dt.ma~as.3796409979%26w%3D300%26lmt%3D1662642160%26psa%3D0%26format%3D300x600%26url%3Dhttps%253A%252F%252Fqa.aly2um.com%252F9991%252Flearn-5-important-and-useful-information-about-pets%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1662642159544%26bpp%3D1%26bdt%3D151%26idt%3D605%26shv%3Dr20220901%26mjsv%3Dm202209060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C320x640%252C748x280%26nras%3D1%26correlator%3D1573041347052%26frm%3D20%26pv%3D1%26ga_vid%3D1215402833.1662642160%26ga_sid%3D1662642160%26ga_hid%3D1594853769%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D318%26ady%3D3966%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C31069396%26oid%3D2%26pvsid%3D2663326108875024%26tmod%3D230140013%26uas%3D0%26nvt%3D1%26ref%3Dhttps%253A%252F%252Fwww.google.com%252F%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257Co%257CeEbr%257C%26abl%3DNS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26fsb%3D1%26xpc%3DayEwhCr2yR%26p%3Dhttps%253A%2F%2Fqa.aly2um.com%26dtd%3D608&adsafe_type=d&adsafe_jsinfo=,id:58cf3b2e-4945-c340-8657-f142e69165d8,c:nCYryk,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-585d8b8594-82cbz,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,scm:grpm1,mtim:2,mot:0,app:0,maw:0,fm:tgQB4kc+11%7C12%7C13%7C14%7C151%7C152%7C16*.886862-62195779%7C161%7C162%7C1631%7C164,idMap:16*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:17,oid:85aa4b9f-2f76-11ed-9698-befb5ccb2ca7,v:19.8.347,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

122 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

page-1.php
ois.is/rr/
Redirect Chain

http://powahtoys.com/
https://bit.ly/3AAXYh6
https://ois.is/rr/page-1.php

520 B
872 B

76ms
36ms

Document
text/html

2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ois.is/rr/page-1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7477e131cc679c10-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 08 Sep 2022 13:02:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rLMGWdcfBunZeq1Htz4AsQHkfxhsRc22z77pvzknGKDvtbr9%2FcGXt%2FcaTJlLT5XFSxV%2BI%2B4AFRfXCEWBqC1mB%2BydOYtH3pRVBy8etTRvOLYa6vKgPzZe7WNc9y6SUkkCX5mMXWs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=90
content-length: 115
content-type: text/html; charset=utf-8
date: Thu, 08 Sep 2022 13:02:38 GMT
location: https://ois.is/rr/page-1.php
server: nginx
via: 1.1 google

GET
H2 200 url
www.google.com/ 1 KB
1 KB 56ms
31ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwjK1N_Slff5AhXY_7sIHR1-CcQQFnoECAIQAQ&url=https%3A%2F%2Fqa.aly2um.com%2F9991%2Flearn-5-important-and-useful-information-about-pets&usg=AOvVaw0CQ1qMTVN7MPuAo64zOnWj

Requested by

Host: ois.is
URL: https://ois.is/rr/page-1.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Referer: https://ois.is/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bfcache-opt-in: unload
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 495
content-type: text/html; charset=UTF-8
date: Thu, 08 Sep 2022 13:02:38 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
server: gws
strict-transport-security: max-age=31536000
x-xss-protection: 0

GET
H2 200 Primary Request learn-5-important-and-useful-information-about-pets Show response
qa.aly2um.com/9991/ 42 KB
11 KB 889ms
850ms Document
text/html 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.aly2um.com/9991/learn-5-important-and-useful-information-about-pets
Requested by: Host: www.google.com
URL: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwjK1N_Slff5AhXY_7sIHR1-CcQQFnoECAIQAQ&url=https%3A%2F%2Fqa.aly2um.com%2F9991%2Flearn-5-important-and-useful-information-about-pets&usg=AOvVaw0CQ1qMTVN7MPuAo64zOnWj
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6e1982854b798d9fd7eee3bfb6100889d0cef4befe64d4a8d1a6f42e3c2e216

Request headers

Referer: https://www.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7477e132e9ee9b69-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 08 Sep 2022 13:02:39 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98tE%2FgeHQrPifqLa4cJrSlBt04nq5i9pmRY10hS%2FuMVN1aWM%2BVnq48Cwli1ckjhNaCY7Zl9Eh29YpFx0Zt%2B4olC%2BxcN1A9QNBeQ5S6MDavFx4FEZQ5KTnncGObJ%2BiMdv3wONM7o0fwOrBs6x"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 qa-styles.css
qa.aly2um.com/qa-theme/SnowFlat/ 56 KB
11 KB 19ms
17ms Stylesheet
text/css 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Requested by: Host: qa.aly2um.com
URL: https://qa.aly2um.com/9991/learn-5-important-and-useful-information-about-pets
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1650a2bc457aa28b1f50c92cd2a2cbf1158664b717627f4cca2c9748a8eb8b5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.aly2um.com/9991/learn-5-important-and-useful-information-about-pets
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:02:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 20 Apr 2021 23:34:58 GMT
server: cloudflare
age: 1910
cf-polished: origSize=71322
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ByTYsway7V%2FGNgb%2FB0pboxJli8SNTkglBQYLveZZnvJs9JKL6wAjjLlpsv0GHHc1mhyGMuMI7krX8%2FbMlf68xlke3C6UYrUoEHU%2FDFoRGaGk2z%2BcKsCLCGdXfX%2FXMVqYzpNylT27%2BU30gwXf"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7477e1383ba49b69-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify

GET
H2 200 jquery-3.5.1.min.js Show response
qa.aly2um.com/qa-content/ 87 KB
31 KB 20ms
19ms Script
application/javascript 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.aly2um.com/qa-content/jquery-3.5.1.min.js
Requested by: Host: qa.aly2um.com
URL: https://qa.aly2um.com/9991/learn-5-important-and-useful-information-about-pets
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.aly2um.com/9991/learn-5-important-and-useful-information-about-pets
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:02:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 20 Apr 2021 23:34:56 GMT
server: cloudflare
age: 3173
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YA7A2JATcQdldz6PAeROdpgD9NZp5U1wOUbkc40y0pZ5b8MJDdpBaD4e8AeaJlYTibaNzECt0zCJ0pyhjJakM76z0xAJMvVu1luV8SLb%2F392rVeJygku6upJR4OW2Yxb65ys%2Fwz1JvYy6nKi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7477e1383ba79b69-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 qa-global.js Show response
qa.aly2um.com/qa-content/ 15 KB
4 KB 17ms
16ms Script
application/javascript 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.aly2um.com/qa-content/qa-global.js?1.8.6
Requested by: Host: qa.aly2um.com
URL: https://qa.aly2um.com/9991/learn-5-important-and-useful-information-about-pets
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf6704fe652abeeafd5333fd67102d36f4e31e77361e1da78ff68db899cc5e6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.aly2um.com/9991/learn-5-important-and-useful-information-about-pets
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:02:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 20 Apr 2021 23:34:56 GMT
server: cloudflare
age: 3173
cf-polished: origSize=20550
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WjnPNlZKGC0kDidBpRXsoYtfT7g%2Fe8ETtnRZnf0cP7vnkEK7bYZhbHOwl2%2Fbmc%2BqXhqKV9FTblw4mX2mVhSl2v7isQLNIMrvqlgv1sc2C2OkdRe%2FzGE30Wxk3x3noAGcMXdtB3oNJFl3JW8R"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7477e1383ba99b69-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify

GET
H2 200 snow-core.js Show response
qa.aly2um.com/qa-theme/SnowFlat/js/ 1 KB
722 B 22ms
21ms Script
application/javascript 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.aly2um.com/qa-theme/SnowFlat/js/snow-core.js?1.8.6
Requested by: Host: qa.aly2um.com
URL: https://qa.aly2um.com/9991/learn-5-important-and-useful-information-about-pets
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cac5f3269aef806bc9112e8868357bfb9dbb4530a028dc0fb7c4508b2eea8d84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.aly2um.com/9991/learn-5-important-and-useful-information-about-pets
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:02:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 20 Apr 2021 23:34:58 GMT
server: cloudflare
age: 2833
cf-polished: origSize=2383
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BfciK%2FCpaPLoPJAF99cPFbEnqOOwVxp8L2pyTWO5mS%2F5dXjggPjArKxCndcqsMsU%2FzVnseQMORclCMR4LCnhHUT5xGVweY0UaCMliHu%2F1gzgl0FmbCILo1TyeM6MexlZ6v3XuYdiE%2F2%2B8lbv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7477e1383bac9b69-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 164 KB
57 KB 83ms
60ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8128055623790566

Requested by

Host: qa.aly2um.com
URL: https://qa.aly2um.com/9991/learn-5-important-and-useful-information-about-pets

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5274190adf363a0500f3b127838936373d5fbd4c717d60c58d974318d1acc2bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.aly2um.com/
Origin: https://qa.aly2um.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:02:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57434
x-xss-protection: 0
server: cafe
etag: 15033034893881702501
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 13:02:39 GMT

GET
H3 200 vote-buttons-3.png
qa.aly2um.com/qa-theme/SnowFlat/images/ 1 KB
2 KB 16ms
16ms Image
image/png 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.aly2um.com/qa-theme/SnowFlat/images/vote-buttons-3.png
Requested by: Host: qa.aly2um.com
URL: https://qa.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:02:39 GMT
cf-cache-status: HIT
last-modified: Sat, 01 Aug 2020 00:22:10 GMT
server: cloudflare
age: 914
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2YQaoWXnLlEhHrXtEeUvCLbpVYWcrIs06NSTihoqWUjLmxMfdcSrGTK3EQ563s2poiSfa7U1ZPH%2BzixzYytm6RYYIN70UpvtaITg6XqlyIWyc193UQ2silBPY43V%2FXx1Xe%2Bd%2Fgd6ug68A4w"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7477e138794b915e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1457

GET
H3 200 fontello.woff
qa.aly2um.com/qa-theme/SnowFlat/fonts/ 7 KB
7 KB 18ms
18ms Font
font/woff 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.aly2um.com/qa-theme/SnowFlat/fonts/fontello.woff?70015067
Requested by: Host: qa.aly2um.com
URL: https://qa.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d

Request headers

Referer: https://qa.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Origin: https://qa.aly2um.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:02:39 GMT
cf-cache-status: HIT
last-modified: Tue, 26 Jul 2016 03:01:58 GMT
server: cloudflare
age: 1642
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JVRi0CUeLqLaXF8QnhHJ9vxexTpTDHRzAvvdeko9VITucpl2Cu8ZHWYvKj8XOSPL%2FSp5Ky%2F0Hp1aknqsXBWqtgRWLB3IqhTuLR5qfInZThcwj10%2B1tbcCV11u%2FvdCR4I0Gzo4j7jOmDEKKUR"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7477e138794c915e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7200

GET
H3 200 answer-white.png
qa.aly2um.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 15ms
15ms Image
image/png 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.aly2um.com/qa-theme/SnowFlat/images/icons/answer-white.png
Requested by: Host: qa.aly2um.com
URL: https://qa.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:02:39 GMT
cf-cache-status: HIT
last-modified: Tue, 15 Jan 2019 00:38:24 GMT
server: cloudflare
age: 1769
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hFjfJ0RCh%2FMadGifccXlef9Ii3XEFwrusLwFA5sR%2BT7b34dVvg4Ltm84khRJsP4Wqh6w55AepjSSpxsTdV%2FKy%2FdXJ4VmJTOup%2B6oeGItVbTz8tbAXW6AZwkt5QvPtAVsG3tpDn%2BOPESDW52"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7477e138fa38915e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2867

GET
H3 200 answer-select.png
qa.aly2um.com/qa-theme/SnowFlat/images/ 2 KB
2 KB 16ms
15ms Image
image/png 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.aly2um.com/qa-theme/SnowFlat/images/answer-select.png
Requested by: Host: qa.aly2um.com
URL: https://qa.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 824de40e353f2eaaf4828f927a03331984b995bf7fc59edc4ff08f9e178822db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:02:39 GMT
cf-cache-status: HIT
last-modified: Tue, 15 Jan 2019 00:38:24 GMT
server: cloudflare
age: 1769
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R4xZDNk9mqdtO16gXK2pgCVHkbfeNYITomBUJECeRywV9Bn5NUHFTpkwvKmjnoGlRrGFHkkbt%2BkMwmuNjm3ivaxy9vm7iSoY3n0XkwwxPiwRkW8y5KhuiDKpDfkvRi99sUK1DXIbT4tBpAXc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7477e138fa3a915e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1831

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/ 345 KB
121 KB 84ms
68ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8128055623790566&plah=qa.aly2um.com&bust=31069396

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8128055623790566

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29e95cc356a091a7843c1a459efa0ebbfa5256601adf4d5396a3df030f13f6f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:02:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124232
x-xss-protection: 0
server: cafe
etag: 1536877374559932320
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 13:02:39 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220901/r20190131/ Frame FD29 10 KB
5 KB 32ms
8ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220901/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8128055623790566

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 10253
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 10:11:46 GMT
etag: 8616628553774171045
expires: Thu, 22 Sep 2022 10:11:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 link-white.png
qa.aly2um.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 14ms
14ms Image
image/png 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.aly2um.com/qa-theme/SnowFlat/images/icons/link-white.png
Requested by: Host: qa.aly2um.com
URL: https://qa.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:02:39 GMT
cf-cache-status: HIT
last-modified: Tue, 15 Jan 2019 00:38:24 GMT
server: cloudflare
age: 1769
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2Ba7XyFWxzZw48CYUB1Kl%2BwG5v%2B5zSp%2FrEFA52jQOaMznp4pZiI9fEWQ76vM5HId%2F000wPKsfo0dcIVY5a2ZVHrjiya7ptPhsQD9y%2Bdi06zM%2Fm503rlzypB%2BagrkorNf39uIYTDBWQsJFQRz"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7477e139ab6f915e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3026

GET
H3 200 comment-white.png
qa.aly2um.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 25ms
24ms Image
image/png 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.aly2um.com/qa-theme/SnowFlat/images/icons/comment-white.png
Requested by: Host: qa.aly2um.com
URL: https://qa.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:02:39 GMT
cf-cache-status: HIT
last-modified: Tue, 15 Jan 2019 00:38:24 GMT
server: cloudflare
age: 2185
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5KY%2BTtIsq2Eg386t3Ps8GcfsMR0FbgXIItn%2BRNNfCVqfuYg8RcxPuoiHHFuNhEDD%2F2ZL2jZjDBaisZynapsBZzAQ1%2FPXgY%2BB%2Fl7WnBhvG2iLOrhca3o9deNY4Rs4woBS1G5D%2B2OA34qtZExT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7477e139ab74915e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2906

GET
H3 200 search-icon-white.png
qa.aly2um.com/qa-theme/SnowFlat/images/ 1 KB
2 KB 20ms
18ms Image
image/png 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.aly2um.com/qa-theme/SnowFlat/images/search-icon-white.png
Requested by: Host: qa.aly2um.com
URL: https://qa.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:02:39 GMT
cf-cache-status: HIT
last-modified: Tue, 15 Jan 2019 00:38:24 GMT
server: cloudflare
age: 5849
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tDiJkFGaZfmM27hGp5T9ZFmk7Kq%2Fv0qp2oLCHw17Ql4eLpkTN1nZsucWXeBilcWhowh9uLTSsxgVYzAYOTItJzcep6c970oDcYgbmYyW8Aj%2BRLhHzaIYCq2LsCqwEhrpA6nBWmXK%2FueSr0m3"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7477e139ab76915e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1412

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 47ms
24ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-237003713-1

Requested by

Host: qa.aly2um.com
URL: https://qa.aly2um.com/9991/learn-5-important-and-useful-information-about-pets

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e6eeaa5674c18d7848c4d9957dafc977af013b9633a624f3b14112047c73bce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:02:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41871
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 08 Sep 2022 13:02:39 GMT

GET
H3 200 spinner-icon-14x14.gif
qa.aly2um.com/qa-theme/SnowFlat/images/ 8 KB
8 KB 16ms
15ms Image
image/gif 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.aly2um.com/qa-theme/SnowFlat/images/spinner-icon-14x14.gif?1410117644
Requested by: Host: qa.aly2um.com
URL: https://qa.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:02:39 GMT
cf-cache-status: HIT
last-modified: Tue, 15 Jan 2019 00:38:24 GMT
server: cloudflare
age: 1769
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I8Cf%2BODkBenWwrUSkLUjkYihmkSJ1OG%2FWpywIhHtiw6NKD%2F7Fm13IbHVCB4RlnmetlYlYNEnmcHpDIDLKKulIvmHiSufWYpYcFwp0qWrTz7gyyQtEe%2FWcaPakPjxuR1iLaU65SoU5Q57F1yB"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7477e139bb93915e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7781

GET
H3 200 invisible.js Show response
qa.aly2um.com/cdn-cgi/challenge-platform/h/b/scripts/cb/ Frame 4392 39 KB
14 KB 13ms
13ms Script
application/javascript 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.aly2um.com/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=7477e132e9ee9b69
Requested by: Host: ois.is
URL: https://ois.is/rr/page-1.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f7c46aab0f042d4e5ca4a2be0ceb31b12c3670dda99d41d57e789fcb028963d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:02:39 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2FLdkXXCcV0sv%2B%2BcEHbfk1v8XiU99mVMmDSaZjKVI3JQo38tyIkCf%2BGUPrZ3qem0NU5e0IN9Ukz6si0prKlEmc2eZsDNFAQ9NJQ0eWgIhzQqoLw3B3HS%2FkM%2B3vPVWIYgYVRwFPFKAPTobLKm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7477e139bb97915e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
qa.aly2um.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 4392 21 KB
8 KB 12ms
12ms Other
application/javascript 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.aly2um.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: qa.aly2um.com
URL: https://qa.aly2um.com/9991/learn-5-important-and-useful-information-about-pets
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69886818ed38cb023e049fe78461dbf8f38b87784498d6ffb87b8933932e5907

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:02:39 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ab4oYfR5fy3JKkqo8UkqObWRCh6jHBK5qHyFPt7PEIaXpDtSPx4MxPHjIptnJIbpqJ1FKBuIssIuP8t3VruGLGzkYaqvOEvvcWJNoNZ8%2FZJLxyuytw4EFO%2BBZSRcRts%2BvcYIUmuFJlU2ed3g"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7477e139ebd6915e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-237003713-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 39
date: Thu, 08 Sep 2022 13:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 08 Sep 2022 15:02:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 44ms
16ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1594853769&t=pageview&_s=1&dl=https%3A%2F%2Fqa.aly2um.com%2F9991%2Flearn-5-important-and-useful-information-about-pets&dr=https%3A%2F%2Fwww.google.com%2F&ul=en-us&de=UTF-8&dt=Learn%205%20important%20and%20useful%20information%20about%20pets%20-%20Questions%20Aly2um&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=292783674&gjid=238040704&cid=1215402833.1662642160&tid=UA-237003713-1&_gid=1403626847.1662642160&_r=1&gtm=2ou8v0&z=584835559

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://qa.aly2um.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 13:02:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://qa.aly2um.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 214 B
644 B 41ms
17ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=qa.aly2um.com&callback=_gfp_s_&client=ca-pub-8128055623790566

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8128055623790566&plah=qa.aly2um.com&bust=31069396

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

277261cce4cf3ecea81b535dab0f81d27a9df3f8c02170f49237e3437fe76765

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:02:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 57ms
19ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=qa.aly2um.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Sep 2022 13:02:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 57ms
18ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=qa.aly2um.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Sep 2022 13:02:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DC74 0
19 B 77ms
60ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&adk=1812271804&adf=3025194257&lmt=1662642159&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fqa.aly2um.com%2F9991%2Flearn-5-important-and-useful-information-about-pets&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662642159536&bpp=4&bdt=142&idt=237&shv=r20220901&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1573041347052&frm=20&pv=2&ga_vid=1215402833.1662642160&ga_sid=1662642160&ga_hid=1594853769&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069396&oid=2&pvsid=2663326108875024&tmod=230140013&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=253

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 13:02:39 GMT
expires: Thu, 08 Sep 2022 13:02:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0536 430 B
232 B 628ms
623ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=640&slotname=2365019599&adk=931938384&adf=3674521187&pi=t.ma~as.2365019599&w=320&lmt=1662642159&psa=0&format=320x640&url=https%3A%2F%2Fqa.aly2um.com%2F9991%2Flearn-5-important-and-useful-information-about-pets&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662642159540&bpp=2&bdt=146&idt=256&shv=r20220901&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1573041347052&frm=20&pv=1&ga_vid=1215402833.1662642160&ga_sid=1662642160&ga_hid=1594853769&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069396&oid=2&pvsid=2663326108875024&tmod=230140013&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfnEr%7C&abl=NF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=KilZxgq3HN&p=https%3A//qa.aly2um.com&dtd=261

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5474df3e5c7c308555d215a3678fd756ced7ceded39063c36587f529955695e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 13:02:40 GMT
expires: Thu, 08 Sep 2022 13:02:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 7477e132e9ee9b69 Show response
qa.aly2um.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 4392 2 B
654 B 34ms
33ms XHR
text/plain 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.aly2um.com/cdn-cgi/challenge-platform/h/b/cv/result/7477e132e9ee9b69
Requested by: Host: qa.aly2um.com
URL: https://qa.aly2um.com/cdn-cgi/challenge-platform/h/b/scripts/cb/invisible.js?cb=7477e132e9ee9b69
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 08 Sep 2022 13:02:40 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ojFkUR%2FF6lXdT%2B%2FzwXemjKbmfvShVMKX20m2vcheoRgJMbGX%2FHTj9NeFMyDmH2tG80pDE4Eunlxf7nzA%2Bb1Jgi7rOG6Vp3GgdFDvKb0ZPVRPS79h%2BhMZ5ev%2FMTf5Reowypkks7rubgYAeDo"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7477e13cd9e1915e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 08A2 121 KB
38 KB 956ms
956ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=4620684285&adk=2125970011&adf=1528403788&pi=t.ma~as.4620684285&w=748&fwrn=4&fwrnh=100&lmt=1662642160&rafmt=1&psa=0&format=748x280&url=https%3A%2F%2Fqa.aly2um.com%2F9991%2Flearn-5-important-and-useful-information-about-pets&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662642159542&bpp=2&bdt=149&idt=593&shv=r20220901&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=1573041347052&frm=20&pv=1&ga_vid=1215402833.1662642160&ga_sid=1662642160&ga_hid=1594853769&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069396&oid=2&pvsid=2663326108875024&tmod=230140013&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gOez3t620N&p=https%3A//qa.aly2um.com&dtd=596

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38435f666054cc73e68ed24f7c1d0582533c58beb3daeac9c2353b9e3b70bb46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 38972
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 13:02:41 GMT
expires: Thu, 08 Sep 2022 13:02:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E6CB 18 KB
10 KB 909ms
908ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=600&slotname=3796409979&adk=491331604&adf=318908456&pi=t.ma~as.3796409979&w=300&lmt=1662642160&psa=0&format=300x600&url=https%3A%2F%2Fqa.aly2um.com%2F9991%2Flearn-5-important-and-useful-information-about-pets&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662642159544&bpp=1&bdt=151&idt=605&shv=r20220901&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=1573041347052&frm=20&pv=1&ga_vid=1215402833.1662642160&ga_sid=1662642160&ga_hid=1594853769&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=3966&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069396&oid=2&pvsid=2663326108875024&tmod=230140013&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ayEwhCr2yR&p=https%3A//qa.aly2um.com&dtd=608

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e508d201accb5600e414e6e700aa56eb05d8c572a82f708cfc156834caa442e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 10021
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 13:02:41 GMT
expires: Thu, 08 Sep 2022 13:02:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E6CB 42 B
63 B 41ms
41ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dq6CsodX1wuqFRc5ZUaTEtAJxqeVGOcNEoGprD4IhyxfzQcDlLnUza7J8Qq5CsPD1c_V-aR7h4sSRZkviARZr6Su3hhMwjEGpVJfZNn47Ze2dvZ_o

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=600&slotname=3796409979&adk=491331604&adf=318908456&pi=t.ma~as.3796409979&w=300&lmt=1662642160&psa=0&format=300x600&url=https%3A%2F%2Fqa.aly2um.com%2F9991%2Flearn-5-important-and-useful-information-about-pets&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662642159544&bpp=1&bdt=151&idt=605&shv=r20220901&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=1573041347052&frm=20&pv=1&ga_vid=1215402833.1662642160&ga_sid=1662642160&ga_hid=1594853769&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=3966&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069396&oid=2&pvsid=2663326108875024&tmod=230140013&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ayEwhCr2yR&p=https%3A//qa.aly2um.com&dtd=608

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 13:02:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame E6CB 3 KB
1 KB 35ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:57:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Sep 2022 12:57:56 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame E6CB 17 KB
8 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

223699d3b640bd75dd3c7615cbbf5c37bfead5c28bfcf807c5ada05d021cbdf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7602
x-xss-protection: 0
server: cafe
etag: 8484125879011292595
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Sep 2022 12:59:35 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E6CB 0
0 35ms
15ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTNUYIChFqFE3SIfNRg680wYIusbiVIOWIRYpzCy3pgpFVpq2sGSY_VgramuWYp7zQzLzQpJBhYK1B08shxhnr88hwZhQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=600&slotname=3796409979&adk=491331604&adf=318908456&pi=t.ma~as.3796409979&w=300&lmt=1662642160&psa=0&format=300x600&url=https%3A%2F%2Fqa.aly2um.com%2F9991%2Flearn-5-important-and-useful-information-about-pets&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662642159544&bpp=1&bdt=151&idt=605&shv=r20220901&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=1573041347052&frm=20&pv=1&ga_vid=1215402833.1662642160&ga_sid=1662642160&ga_hid=1594853769&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=3966&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069396&oid=2&pvsid=2663326108875024&tmod=230140013&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ayEwhCr2yR&p=https%3A//qa.aly2um.com&dtd=608
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E6CB 141 KB
44 KB 66ms
30ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44740
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662550240112033"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 08 Sep 2022 13:02:41 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6AD9 624 B
297 B 46ms
46ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY0-aZyAEwAQ&v=APEucNWbJsz22ZUlG-AHt38Aj1Q7MhvMV7m5Wo4dP0lTVgIEmmBhTESIPJR8dcXvawPPlQLCbcFrLq2cIbZE2g2i6P2S6RSpB9ciW3aRf6lhOatswj0IVXHzgOlprkFb_yjWW1i7UE5tWN7TtK4Q_Kuf55Zk8IuJfjMMmv8gy317IqcvpKFY3qI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=600&slotname=3796409979&adk=491331604&adf=318908456&pi=t.ma~as.3796409979&w=300&lmt=1662642160&psa=0&format=300x600&url=https%3A%2F%2Fqa.aly2um.com%2F9991%2Flearn-5-important-and-useful-information-about-pets&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662642159544&bpp=1&bdt=151&idt=605&shv=r20220901&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=1573041347052&frm=20&pv=1&ga_vid=1215402833.1662642160&ga_sid=1662642160&ga_hid=1594853769&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=3966&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069396&oid=2&pvsid=2663326108875024&tmod=230140013&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ayEwhCr2yR&p=https%3A//qa.aly2um.com&dtd=608
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 13:02:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E6CB 100 KB
37 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AECpN8zFkuJRarMCFxjnv_EczF10rSwM23lIxoEvBk30sfXSalW_Q8exHft-FOX1LnoWNGFm1hba9ql0UgqdRbKRYBYSpCEAX5a2ywHiZrruSOVieSsGGbNxydn56ucjwjRXZ7JqvJiwotreUYLzJ9S1xzBg&dbm_d=AKAmf-AwqrKiqKKtf_w7MVkiuHA7u96f_MA8rInPGZXmLvCgH0Nhdo3AgxVZvkuAaiABYV5PjlJ9-H0eY2uqcpZRdhpWklGtCkTu5CFv5Z1qH8IzFPiS4Yvpaf2RNs8vmMBOyHJSKxCnB_MQUW1arak_UF5eyTMmXhQbmzgzsrs8bg11OLSbsSUFlXZdG3iboPAhOl5ty6YkSu5hlB08nj2xjhOAOTZ_4Bor-3h5oWRv0kkU7HbzoQ6nDnxmYNMOgc5iof3evdEg6aUcbBzKlJM3XzIxeFRXsPpC_JbjCcCNnI0WHhe8hYQGMAamKRm1SJM1KfWahXrfa1B90fnGAKtk_HIJkoZ9rgLcZfw9LD2JCBXbnbdQ17qXtzC_4PzWfrXqIGuGQ33TqdRsgskqXg2wd7WtQibpnenzLgZ1EDs5CaCCLWnwq-EucBxbV2aJ7k5kvMy--b8rlWdGV4XRsdIb6MWr5Ck3Z_6f24I-lJCTTNDi5RpTcJv6kal5WNH1cUkoSYbZbCnoIlgFUPkQqWuWrj-SpL_eLHTlxMlHva_SudF6sMDab8nYG9XaDMcfEcE61a6syonR2sJ3v4Lwyd7sCSem_2c_ykYTFD5E-1c1jgXAlADciQHqf386m9EDLmviywCY8H83u6ymk5WO1eRbFgmgBGM9LCNoC1KcfOZtBZ_lz-CsT55wJiUPI2YPZArPS1dKdmthyJY1Wanoc61g8tY3siEdUgLbCmROLgkRJ2kxwFl9fcRiDnE2V_omNiu-aGKpRWc_GjJp4kTZkjtljAG6ElFuBfrbb28Jc455TI9X9SHv7Zj8GQ5BYKkL-lep2HXHyJRTR3WpxU4XsaJt-Rk28VzA-1AKyAm9-UY_qn_DQoKRvlhv27ngFp02jRM_wfQTq6iuj819BW35aqoEaXcGoAAfTRcKL64AeqMSuY7FXfVeZWOkZ8LVdpzodFKE1tv2pblrZQhqPWBhf3RNcewkPH2ntADYn8uzByG-XvLzimqObXseEvAVb0fKSISzU-QUA7hH49ui2u9iM1_bOXPt7mzRYcK7DKvyYbT3RZkSZD-xArrcZBRXEIudf_l16lMhV2t1W7vvyUvgUQZ3u_IiKSLNQnpWVPbybokeTSVrxmUiOw06OOvl-S6x8SwiK1Ws-edqM3ZB2aOGVTU_ixhXdz_N9Odra_hagwTAVwoCfxGKSt4SdR51bvxrxeaebYxPB-OK1FH9QB614Y-48OJWjOqlS66DAzjo2494AdlpsWCv-oJYK8KKHwTLCcMedBTteFNik7S-UTv6qlzmsG2tv1tqc_-CbhYnX8fJDY0KD6gor1VDhRXnYK8saADXYq6uYLxBDwb2RxHz7359kd62fYkJh7FYNYhgr84Eb6medSFeubKpJp3tLofaCiVRaxvZupRDrg1uA1Oteak5val4mSGBzJo0Ij-pWc1rCafi_SPeWfjSNlh2__QR-80wKqMBh0LflkOfOC9X27wDei7Qg1lYBLxk6Pd53DgC9uYVXeKkCXXn2cRU5j5gjyPovJNcttcCVM71wL_30GIB4RLRtDaDF8ZqIyH-FxmF6TSowFH45t9UD39LYb1ot1-LBb-b2wG7TL8IScGkNFUl7yAunextBicd_-1iiXvxtswHgQZMjeHJ1j53kVqaGBE45keBQ3su7WiLkircgUn4k7tZTvwuGc0D3-o9R39Dh4C5sRHLGh27gzH06aBwNwcJDgR49RztQecVDX159Hu_hu7k_IfPU8GiAQRiGhVUXSV8yV6ueqaUhBHzkUcB48iIUlIxnVodcsZmjOq3hlj0rXOjo4pxQIDO-9SeU6eURffl2SM65TaCrRlPYsHuTqMG0gVombkg8xrVNlgrURCRyVkk-W2_v5_RdEsjfaOokXz4CxzF-hIUXd0rS69mfjeDDjPZx3--Q7cPljSWwq5qMKHeQ12rOtxeKV322JmxirOoG4vc15g3SzO3VnXU8QoJ4lsEOjkGTxLkm1z92Cmr68oyFOXKLKoOIZNkci55AoeNXtxR110qhipiiRC5VksSEiFrBLEcJw4QmhDSBvbn19jm6C1q1vMg2gZxs2iCTe3strtLrDRZyXBvcxlUncXyqBiHFIvkp1ciyUe2_JNH7VdUP-mUTLwCJI-EfJZsJyOB9EIR8D75Uj96SJftxTF0Q14cLqDUY3g7gnNegm6vSGMEsJ7Ag3iLz9AEno_ZPFCGsu42GPDht7n_qk70WflgwUqUlvD785b6-ZHrEKgwhUFhtHGFINNvTJhqvtjYAh5I59f-vkKdxBBk3MAaN-E3ETKaIx5LjkMJdUIaeAYybs6R_2u7XuPCDIyqQf-p8sIOpSPyd_rZ96kGrfTapl7IVFo9Y8VZfINjLaZrS08Ll3O4EARzpp7f8FWxe9MKofJaqb-US7VJIj-kUonbvct5-RiLtELfieuPUlflT39M_izUxbcHV4sxhmo60wRpUT_zpRksWMdUTk4_lcRrO6rlti8NZ6OyXUyBG6pT21N7OCeUNfuAMpoOUUEHlHYugdFiahkr8t5dmxf41TxL-e-fDpt0zUhrQ7dR6h-vnMKpRVVsWryhfUKtUhxl22hC_adE1bPrY4JWyHeqzfsYfLWAqBRslYmDJRJ9NI1nfPJdsUScVIwqFJTwOdnFgGnKlbaka5pF9A81xNQXezuS_aFq9TtlwtpRZ77tXMX1Hg2GdGAG-fFG-SOBuBSY9fykUFzMvTJ0dho_pxSc5nNR2R7HHavymX-j8vYiTah1zSrGPgsRj0LcYoy7UXm8nLz-HCy56JDCBTNNFszjyPNRwDS7Dny4ZoVz6GhBU6dZJ-sbComeEaXAFyVwDz_3uSCSFXj4TgHjiiPX6kl8v5MOWnOUFnPSqyGdIZTDR0io8h-0yT2dITbsLiib1O-04tvHDn3-m-sA3D-veiFryTEwEiTzcJNFt5c5rgJZFA8vA7OtYKA5uQGTYAUd0cBJ0-E3OFirtHLhiNdDqtPD4_H_XJt9Mhf2TULf8M7uzQXcCI_vvIalHRz_ZX3Bnnfei9pyX7TDUivnMR-3zyfptzDnPBvhCp3thwzSly-wVkKOHFPcBScX91Hrgl_L5vTaCOjZxnZkvFH1LtP9Zg36gviEE_kvfHjwbXMOHznmPY9RxYGvVPBzZgU0kYwauOH-MCV0yBW4J7144ZeE2v0TgYc3VSvks8K-ydqs7hh9Fg97UV7oRbeIUPohAx0_KrDjH_68KPMY3oHb4KA1AJo0DYDyHLHeSOCZCv0SD7XL2DUbxrBrkgIl_9DPPsGIoLi9hMPLUtPK-0lZfBbVI6o66xXwEIbQLOOBRqERf1O5Jh2bWsgDc6jzzR5kLOW9itpW58FHbO2Ue2adpHg&cid=CAASEuRo1Vd7coS5aUiGWKkH1IMZ_A&rfl=1%2Chttps%253A%252F%252Fqa.aly2um.com%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

adf3df81d4eee382cd842b483a71d4b87c94eca18449341fdeda719346aba1df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=600&slotname=3796409979&adk=491331604&adf=318908456&pi=t.ma~as.3796409979&w=300&lmt=1662642160&psa=0&format=300x600&url=https%3A%2F%2Fqa.aly2um.com%2F9991%2Flearn-5-important-and-useful-information-about-pets&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662642159544&bpp=1&bdt=151&idt=605&shv=r20220901&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=1573041347052&frm=20&pv=1&ga_vid=1215402833.1662642160&ga_sid=1662642160&ga_hid=1594853769&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=3966&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069396&oid=2&pvsid=2663326108875024&tmod=230140013&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ayEwhCr2yR&p=https%3A//qa.aly2um.com&dtd=608
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 13:02:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37679
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 d9c3feb5dbeb38b81847ec1386e6162f.js Show response
www.gstatic.com/mysidia/ Frame 08A2 10 KB
5 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d9c3feb5dbeb38b81847ec1386e6162f.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=4620684285&adk=2125970011&adf=1528403788&pi=t.ma~as.4620684285&w=748&fwrn=4&fwrnh=100&lmt=1662642160&rafmt=1&psa=0&format=748x280&url=https%3A%2F%2Fqa.aly2um.com%2F9991%2Flearn-5-important-and-useful-information-about-pets&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662642159542&bpp=2&bdt=149&idt=593&shv=r20220901&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=1573041347052&frm=20&pv=1&ga_vid=1215402833.1662642160&ga_sid=1662642160&ga_hid=1594853769&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069396&oid=2&pvsid=2663326108875024&tmod=230140013&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gOez3t620N&p=https%3A//qa.aly2um.com&dtd=596

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5cd3351a343011cbc0046d12c2b8bc8d7a968a09009ddb117fb1dc49fd1333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 08:19:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4500
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 00:50:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 07 Dec 2022 08:19:39 GMT

GET
H2 200 06063cd58e45168da559108c95181079.js Show response
www.gstatic.com/mysidia/ Frame 08A2 19 KB
8 KB 34ms
10ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/06063cd58e45168da559108c95181079.js?tag=pingback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

436075fc0dda8a11aac078f6e27aedde578c04ea9a9dd02134a1a2d00343018b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 02:22:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38396
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7726
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 00:50:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 07 Dec 2022 02:22:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 08A2 8 KB
1 KB 62ms
25ms Stylesheet
text/css 2a00:1450:400e:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:800::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 12:03:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 08 Sep 2022 13:02:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Sep 2022 13:02:41 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame 08A2 2 KB
902 B 14ms
11ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:48:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 833
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Sep 2022 12:48:48 GMT

GET
H2 200 a44a0b8f447061e92ca19622c4392a02.js Show response
www.gstatic.com/mysidia/ Frame 08A2 6 KB
2 KB 33ms
9ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a44a0b8f447061e92ca19622c4392a02.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 16:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245234
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2233
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 00:50:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 04 Dec 2022 16:55:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/ Frame 08A2 23 KB
9 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d3f0c278eba7ca4904ef08e954e5d21231a363ddf14d74592de748ec54aa299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:01:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9663
x-xss-protection: 0
server: cafe
etag: 5256006603266553849
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Sep 2022 13:01:51 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame 08A2 3 KB
1 KB 15ms
12ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:57:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Sep 2022 12:57:56 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/ Frame 08A2 17 KB
7 KB 35ms
12ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220901/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

223699d3b640bd75dd3c7615cbbf5c37bfead5c28bfcf807c5ada05d021cbdf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:59:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7602
x-xss-protection: 0
server: cafe
etag: 8484125879011292595
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Sep 2022 12:59:35 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 08A2 141 KB
44 KB 26ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44740
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662550240112033"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 08 Sep 2022 13:02:41 GMT

GET
H3 200 8e474446b56ed6ef0feeec2d987f1a60.js Show response
www.gstatic.com/mysidia/ Frame 08A2 33 KB
13 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8e474446b56ed6ef0feeec2d987f1a60.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c84c1026e0a4c60ec0ee85c8b41c1904144aa63184260c95840924b42bd32d33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 08:19:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13628
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 00:50:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 07 Dec 2022 08:19:42 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6AD9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhnlOdzJq3ScAXTDwz6ex8&google_cver=1

43 B
876 B

50ms
38ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhnlOdzJq3ScAXTDwz6ex8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY0-aZyAEwAQ&v=APEucNWbJsz22ZUlG-AHt38Aj1Q7MhvMV7m5Wo4dP0lTVgIEmmBhTESIPJR8dcXvawPPlQLCbcFrLq2cIbZE2g2i6P2S6RSpB9ciW3aRf6lhOatswj0IVXHzgOlprkFb_yjWW1i7UE5tWN7TtK4Q_Kuf55Zk8IuJfjMMmv8gy317IqcvpKFY3qI
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7477e143b82e9237-FRA
pragma: no-cache
date: Thu, 08 Sep 2022 13:02:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ERhRdKWiXsjeo9pRgTSutrn550nsfr7eX3EMBBEQffuAEDmAD3cTktpE9O0z832EylAk8XbBL0VquvY3YE75AYVW0HLbg4dfP4ys4Dn7TF16j5JlREnIWuts4LBZiA7vzi%2F6tCJ%2F0R%2BeGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 08 Sep 2022 13:02:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhnlOdzJq3ScAXTDwz6ex8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6AD9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yxnn8czJp5dqOzAziuVRXQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhnlOdzJq3ScAXTDwz6ex8&google_cver=1

43 B
842 B

22ms
22ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhnlOdzJq3ScAXTDwz6ex8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY0-aZyAEwAQ&v=APEucNWbJsz22ZUlG-AHt38Aj1Q7MhvMV7m5Wo4dP0lTVgIEmmBhTESIPJR8dcXvawPPlQLCbcFrLq2cIbZE2g2i6P2S6RSpB9ciW3aRf6lhOatswj0IVXHzgOlprkFb_yjWW1i7UE5tWN7TtK4Q_Kuf55Zk8IuJfjMMmv8gy317IqcvpKFY3qI
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7477e14438b89237-FRA
pragma: no-cache
date: Thu, 08 Sep 2022 13:02:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xgugVmnokYQuZ9lO9FiKuKCyJLJM%2BJ2P0fuUqFBXfVaUFNIJRVCmU4cZ2pJy5RDgtU0Lm%2BAx%2FsYMlHAlreQU9jLo8g9v7e1hrvWjKdoEGmLYBG81MzhzmAgGQ7SXMaGEENjmrwy3amKhew%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 08 Sep 2022 13:02:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDhnlOdzJq3ScAXTDwz6ex8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 6AD9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECSsGCGIBGvEB-jdLjm7LSw&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECSsGCGIBGvEB-jdLjm7LSw%26google_cver%3D1

43 B
1 KB

8ms
8ms

Image
image/gif

37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECSsGCGIBGvEB-jdLjm7LSw%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY0-aZyAEwAQ&v=APEucNWbJsz22ZUlG-AHt38Aj1Q7MhvMV7m5Wo4dP0lTVgIEmmBhTESIPJR8dcXvawPPlQLCbcFrLq2cIbZE2g2i6P2S6RSpB9ciW3aRf6lhOatswj0IVXHzgOlprkFb_yjWW1i7UE5tWN7TtK4Q_Kuf55Zk8IuJfjMMmv8gy317IqcvpKFY3qI

Protocol

HTTP/1.1

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 13:02:41 GMT
X-Proxy-Origin: 81.95.5.40; 81.95.5.40; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: e4531470-9b27-4e93-9719-92960b50a3cd
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 13:02:41 GMT
X-Proxy-Origin: 81.95.5.40; 81.95.5.40; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 93334ea1-59f9-4870-b496-df65c5bb06cb
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECSsGCGIBGvEB-jdLjm7LSw%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6AD9
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUxNzU2NzU2NzEzOTc0MDYxOA%3D%3D

170 B
188 B

20ms
19ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUxNzU2NzU2NzEzOTc0MDYxOA%3D%3D

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 13:02:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 08 Sep 2022 13:02:41 GMT
X-Proxy-Origin: 81.95.5.40; 81.95.5.40; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1fcda096-1160-4d4d-ab9b-7aaec17a6152
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUxNzU2NzU2NzEzOTc0MDYxOA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 data=xtjc3Vr-F3-B-dlNSo5wUkJqJFMFduoc8zw3fT8G4ikZDMWQfHUa3vU5nsKYd60Nvy1nmc-sbSP0mDYPjNJe9A
mts0.google.com/vt/ Frame 08A2 50 KB
51 KB 185ms
133ms Image
image/png 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=xtjc3Vr-F3-B-dlNSo5wUkJqJFMFduoc8zw3fT8G4ikZDMWQfHUa3vU5nsKYd60Nvy1nmc-sbSP0mDYPjNJe9A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca03d153db387c54be71a973201bf9e461a5546ecd43a8fc9919c8297caa5218

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
age: 0
date: Thu, 08 Sep 2022 13:02:41 GMT
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=125
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51359
x-xss-protection: 0
x-server-version-bin: CggIBBCWk+GYBg==
server: scaffolding on HTTPServer2
etag: 0a50ccb0ebe987e75
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
expires: Thu, 08 Sep 2022 14:02:41 GMT

GET
DATA 200
OK truncated
/ Frame 08A2 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 08A2 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 08A2 462 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 08A2 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 08A2 0
0 49ms
49ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CF8Ux8OcZY93tCpeV-cAP2q-J6Abt3Pzpauah4pCvEMCNtwEQASCM-eR_YJX68IGMB6AB9IWTzQHIAQmpAuXmy7lSxrA-qAMByAPLBKoElQJP0EDVCjwbEsLdwG0e3deLIMxdnyifmQpSGRq8oARgf8FbHihIhFbdytRo3OI2kAIRULgjaxRnL_QMSmLzIvdwsHGlOLjRZbMIY7slt8D5W9QPiMjwdQMWOtYG4tVk21AVcG44t5QLRZldrZMJbzuqEQiYUbNZZ2UFr4SG6A_U2jx7nJc3FK_5yMtA7fwqfO3X7bBg3UNNG8cCfjd6cryUXjqMoKUbqi0jxMRYYNfdzKAHr8aGGtlYdw6uHge8mYhPpfLUT1OMfBxWUBPF0ChXkkpF4einpnSaq6mlNb0SrQtYFOwgOpOgx1OTExGKqr1-sc13BiVxpDNS3doZWrK6KqkiBrU4zaw9HCQupFrJHBggRsIxwATohqLPhASSBQQIBBgBkgUECAUYBKAGLoAH9PnssgKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC1uSXSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgTiATYEwrQFQGAFwGyFxwKGggAEhRwdWItODEyODA1NTYyMzc5MDU2NhgA&sigh=BxnzMz9KoJc&uach_m=[UACH]&template_id=520

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=4620684285&adk=2125970011&adf=1528403788&pi=t.ma~as.4620684285&w=748&fwrn=4&fwrnh=100&lmt=1662642160&rafmt=1&psa=0&format=748x280&url=https%3A%2F%2Fqa.aly2um.com%2F9991%2Flearn-5-important-and-useful-information-about-pets&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662642159542&bpp=2&bdt=149&idt=593&shv=r20220901&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=1573041347052&frm=20&pv=1&ga_vid=1215402833.1662642160&ga_sid=1662642160&ga_hid=1594853769&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069396&oid=2&pvsid=2663326108875024&tmod=230140013&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gOez3t620N&p=https%3A//qa.aly2um.com&dtd=596
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 08 Sep 2022 13:02:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C62B 1 KB
749 B 9ms
8ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14081
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 09:08:00 GMT
etag: 48472445140208031
expires: Fri, 09 Sep 2022 09:08:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 08A2 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed0a8602e62121e2c945e3190cd25cb00877c41b1483d66541a49486c4d928b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/886862/62195779/ Frame E6CB 236 KB
70 KB 152ms
34ms Script
application/javascript 52.17.188.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/886862/62195779/skeleton.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=
Requested by: Host: ois.is
URL: https://ois.is/rr/page-1.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.188.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-188-115.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2c335ea063e90161b55fa600cf469c4652a2663733dd7549511af291504d3916

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 13:02:41 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame E6CB 170 KB
59 KB 72ms
8ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: ois.is
URL: https://ois.is/rr/page-1.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 16:51:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72669
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Sep 2022 16:51:32 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/elements/html/ Frame E6CB 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AECpN8zFkuJRarMCFxjnv_EczF10rSwM23lIxoEvBk30sfXSalW_Q8exHft-FOX1LnoWNGFm1hba9ql0UgqdRbKRYBYSpCEAX5a2ywHiZrruSOVieSsGGbNxydn56ucjwjRXZ7JqvJiwotreUYLzJ9S1xzBg&dbm_d=AKAmf-AwqrKiqKKtf_w7MVkiuHA7u96f_MA8rInPGZXmLvCgH0Nhdo3AgxVZvkuAaiABYV5PjlJ9-H0eY2uqcpZRdhpWklGtCkTu5CFv5Z1qH8IzFPiS4Yvpaf2RNs8vmMBOyHJSKxCnB_MQUW1arak_UF5eyTMmXhQbmzgzsrs8bg11OLSbsSUFlXZdG3iboPAhOl5ty6YkSu5hlB08nj2xjhOAOTZ_4Bor-3h5oWRv0kkU7HbzoQ6nDnxmYNMOgc5iof3evdEg6aUcbBzKlJM3XzIxeFRXsPpC_JbjCcCNnI0WHhe8hYQGMAamKRm1SJM1KfWahXrfa1B90fnGAKtk_HIJkoZ9rgLcZfw9LD2JCBXbnbdQ17qXtzC_4PzWfrXqIGuGQ33TqdRsgskqXg2wd7WtQibpnenzLgZ1EDs5CaCCLWnwq-EucBxbV2aJ7k5kvMy--b8rlWdGV4XRsdIb6MWr5Ck3Z_6f24I-lJCTTNDi5RpTcJv6kal5WNH1cUkoSYbZbCnoIlgFUPkQqWuWrj-SpL_eLHTlxMlHva_SudF6sMDab8nYG9XaDMcfEcE61a6syonR2sJ3v4Lwyd7sCSem_2c_ykYTFD5E-1c1jgXAlADciQHqf386m9EDLmviywCY8H83u6ymk5WO1eRbFgmgBGM9LCNoC1KcfOZtBZ_lz-CsT55wJiUPI2YPZArPS1dKdmthyJY1Wanoc61g8tY3siEdUgLbCmROLgkRJ2kxwFl9fcRiDnE2V_omNiu-aGKpRWc_GjJp4kTZkjtljAG6ElFuBfrbb28Jc455TI9X9SHv7Zj8GQ5BYKkL-lep2HXHyJRTR3WpxU4XsaJt-Rk28VzA-1AKyAm9-UY_qn_DQoKRvlhv27ngFp02jRM_wfQTq6iuj819BW35aqoEaXcGoAAfTRcKL64AeqMSuY7FXfVeZWOkZ8LVdpzodFKE1tv2pblrZQhqPWBhf3RNcewkPH2ntADYn8uzByG-XvLzimqObXseEvAVb0fKSISzU-QUA7hH49ui2u9iM1_bOXPt7mzRYcK7DKvyYbT3RZkSZD-xArrcZBRXEIudf_l16lMhV2t1W7vvyUvgUQZ3u_IiKSLNQnpWVPbybokeTSVrxmUiOw06OOvl-S6x8SwiK1Ws-edqM3ZB2aOGVTU_ixhXdz_N9Odra_hagwTAVwoCfxGKSt4SdR51bvxrxeaebYxPB-OK1FH9QB614Y-48OJWjOqlS66DAzjo2494AdlpsWCv-oJYK8KKHwTLCcMedBTteFNik7S-UTv6qlzmsG2tv1tqc_-CbhYnX8fJDY0KD6gor1VDhRXnYK8saADXYq6uYLxBDwb2RxHz7359kd62fYkJh7FYNYhgr84Eb6medSFeubKpJp3tLofaCiVRaxvZupRDrg1uA1Oteak5val4mSGBzJo0Ij-pWc1rCafi_SPeWfjSNlh2__QR-80wKqMBh0LflkOfOC9X27wDei7Qg1lYBLxk6Pd53DgC9uYVXeKkCXXn2cRU5j5gjyPovJNcttcCVM71wL_30GIB4RLRtDaDF8ZqIyH-FxmF6TSowFH45t9UD39LYb1ot1-LBb-b2wG7TL8IScGkNFUl7yAunextBicd_-1iiXvxtswHgQZMjeHJ1j53kVqaGBE45keBQ3su7WiLkircgUn4k7tZTvwuGc0D3-o9R39Dh4C5sRHLGh27gzH06aBwNwcJDgR49RztQecVDX159Hu_hu7k_IfPU8GiAQRiGhVUXSV8yV6ueqaUhBHzkUcB48iIUlIxnVodcsZmjOq3hlj0rXOjo4pxQIDO-9SeU6eURffl2SM65TaCrRlPYsHuTqMG0gVombkg8xrVNlgrURCRyVkk-W2_v5_RdEsjfaOokXz4CxzF-hIUXd0rS69mfjeDDjPZx3--Q7cPljSWwq5qMKHeQ12rOtxeKV322JmxirOoG4vc15g3SzO3VnXU8QoJ4lsEOjkGTxLkm1z92Cmr68oyFOXKLKoOIZNkci55AoeNXtxR110qhipiiRC5VksSEiFrBLEcJw4QmhDSBvbn19jm6C1q1vMg2gZxs2iCTe3strtLrDRZyXBvcxlUncXyqBiHFIvkp1ciyUe2_JNH7VdUP-mUTLwCJI-EfJZsJyOB9EIR8D75Uj96SJftxTF0Q14cLqDUY3g7gnNegm6vSGMEsJ7Ag3iLz9AEno_ZPFCGsu42GPDht7n_qk70WflgwUqUlvD785b6-ZHrEKgwhUFhtHGFINNvTJhqvtjYAh5I59f-vkKdxBBk3MAaN-E3ETKaIx5LjkMJdUIaeAYybs6R_2u7XuPCDIyqQf-p8sIOpSPyd_rZ96kGrfTapl7IVFo9Y8VZfINjLaZrS08Ll3O4EARzpp7f8FWxe9MKofJaqb-US7VJIj-kUonbvct5-RiLtELfieuPUlflT39M_izUxbcHV4sxhmo60wRpUT_zpRksWMdUTk4_lcRrO6rlti8NZ6OyXUyBG6pT21N7OCeUNfuAMpoOUUEHlHYugdFiahkr8t5dmxf41TxL-e-fDpt0zUhrQ7dR6h-vnMKpRVVsWryhfUKtUhxl22hC_adE1bPrY4JWyHeqzfsYfLWAqBRslYmDJRJ9NI1nfPJdsUScVIwqFJTwOdnFgGnKlbaka5pF9A81xNQXezuS_aFq9TtlwtpRZ77tXMX1Hg2GdGAG-fFG-SOBuBSY9fykUFzMvTJ0dho_pxSc5nNR2R7HHavymX-j8vYiTah1zSrGPgsRj0LcYoy7UXm8nLz-HCy56JDCBTNNFszjyPNRwDS7Dny4ZoVz6GhBU6dZJ-sbComeEaXAFyVwDz_3uSCSFXj4TgHjiiPX6kl8v5MOWnOUFnPSqyGdIZTDR0io8h-0yT2dITbsLiib1O-04tvHDn3-m-sA3D-veiFryTEwEiTzcJNFt5c5rgJZFA8vA7OtYKA5uQGTYAUd0cBJ0-E3OFirtHLhiNdDqtPD4_H_XJt9Mhf2TULf8M7uzQXcCI_vvIalHRz_ZX3Bnnfei9pyX7TDUivnMR-3zyfptzDnPBvhCp3thwzSly-wVkKOHFPcBScX91Hrgl_L5vTaCOjZxnZkvFH1LtP9Zg36gviEE_kvfHjwbXMOHznmPY9RxYGvVPBzZgU0kYwauOH-MCV0yBW4J7144ZeE2v0TgYc3VSvks8K-ydqs7hh9Fg97UV7oRbeIUPohAx0_KrDjH_68KPMY3oHb4KA1AJo0DYDyHLHeSOCZCv0SD7XL2DUbxrBrkgIl_9DPPsGIoLi9hMPLUtPK-0lZfBbVI6o66xXwEIbQLOOBRqERf1O5Jh2bWsgDc6jzzR5kLOW9itpW58FHbO2Ue2adpHg&cid=CAASEuRo1Vd7coS5aUiGWKkH1IMZ_A&rfl=1%2Chttps%253A%252F%252Fqa.aly2um.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 266
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Sep 2022 12:58:15 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/ Frame E6CB 30 KB
12 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220901/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e370c81321b940bfffa16037e9e0c265b2256ff4d545d9768dba9ee441392588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:57:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 291
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11802
x-xss-protection: 0
server: cafe
etag: 16304758110791105277
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 22 Sep 2022 12:57:50 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 08A2 28 KB
28 KB 34ms
8ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:44:44 GMT
x-content-type-options: nosniff
age: 101877
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 08:44:44 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame C62B 35 B
463 B 47ms
12ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENHvWN5gcfCrN9wnjBF--pw&google_cver=1&google_push=AehlK4AFbOoO_FdQbvU15kx02RC6GFH6NiFTo7hhzFy_CvIINkF4Y03X4qKy2hKzhv6Bm17BnZQgiY33B8BpLbRaGMSoZ_crx9q6

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 13:02:41 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame C62B 0
98 B 49ms
18ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4DYg-t_5BkYhtk90VbOPtSUafSsNenV4uNMp48cfwqYa9_j20Mr2Tyrq7SAhoaMJx0CMn2sjI2gTZlm0YJZdHJdS7BTmeao&google_gid=CAESEAVunluCsykiRXoAryZ7R2w&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=4620684285&adk=2125970011&adf=1528403788&pi=t.ma~as.4620684285&w=748&fwrn=4&fwrnh=100&lmt=1662642160&rafmt=1&psa=0&format=748x280&url=https%3A%2F%2Fqa.aly2um.com%2F9991%2Flearn-5-important-and-useful-information-about-pets&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662642159542&bpp=2&bdt=149&idt=593&shv=r20220901&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=1573041347052&frm=20&pv=1&ga_vid=1215402833.1662642160&ga_sid=1662642160&ga_hid=1594853769&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069396&oid=2&pvsid=2663326108875024&tmod=230140013&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gOez3t620N&p=https%3A//qa.aly2um.com&dtd=596
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:02:41 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C62B
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4Dk3QIU...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4Dk3QIU...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MDgxMzAyNDIwMDA2MTk4MTkwMTQ4NA%3D%3D&google_push=AehlK4Dk3QIU4RNaWzVocezai-XIQEsgUDWGv0_KuyUViyPnel26Ivl55aOOVASwCgeswl...

170 B
188 B

19ms
18ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MDgxMzAyNDIwMDA2MTk4MTkwMTQ4NA%3D%3D&google_push=AehlK4Dk3QIU4RNaWzVocezai-XIQEsgUDWGv0_KuyUViyPnel26Ivl55aOOVASwCgeswljnfDyzy6p_vAFNBLR65mF6V5PmU2Qs

Requested by

Host: qa.aly2um.com
URL: https://qa.aly2um.com/9991/learn-5-important-and-useful-information-about-pets

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 13:02:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MDgxMzAyNDIwMDA2MTk4MTkwMTQ4NA%3D%3D&google_push=AehlK4Dk3QIU4RNaWzVocezai-XIQEsgUDWGv0_KuyUViyPnel26Ivl55aOOVASwCgeswljnfDyzy6p_vAFNBLR65mF6V5PmU2Qs
pragma: no-cache
date: Thu, 08 Sep 2022 13:02:42 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Thu, 08 Sep 2022 13:02:42 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame C62B 43 B
351 B 78ms
19ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEH8e3muNojLbo8BdvQo08UE&google_cver=1&google_push=AehlK4D4cnff-VbU8DQY0r1IhDhrFy0FXLlUFS_GJ2f9dpWxga2L2CbSMKkXj60wpqYCi7nuoSr30g6KTQtIzaS8Yznb2i4Q0ow
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=4620684285&adk=2125970011&adf=1528403788&pi=t.ma~as.4620684285&w=748&fwrn=4&fwrnh=100&lmt=1662642160&rafmt=1&psa=0&format=748x280&url=https%3A%2F%2Fqa.aly2um.com%2F9991%2Flearn-5-important-and-useful-information-about-pets&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662642159542&bpp=2&bdt=149&idt=593&shv=r20220901&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=1573041347052&frm=20&pv=1&ga_vid=1215402833.1662642160&ga_sid=1662642160&ga_hid=1594853769&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069396&oid=2&pvsid=2663326108875024&tmod=230140013&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gOez3t620N&p=https%3A//qa.aly2um.com&dtd=596
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 13:02:40 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: vbhh39oveblutq9mbljtsqng3ubr3ne2

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame C62B 0
41 B 122ms
19ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEC9hs8xM02rXG1VipJ-4p_s&google_cver=1&google_push=AehlK4CCK4LjxLR39qqH0RAHikLUVq2vLCgJo85x2VF2DH4g1d6z7yl3lwZrl0BOL7M1HmLjVAJanc8jbev48PvFc9O43dyLr-xI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=4620684285&adk=2125970011&adf=1528403788&pi=t.ma~as.4620684285&w=748&fwrn=4&fwrnh=100&lmt=1662642160&rafmt=1&psa=0&format=748x280&url=https%3A%2F%2Fqa.aly2um.com%2F9991%2Flearn-5-important-and-useful-information-about-pets&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662642159542&bpp=2&bdt=149&idt=593&shv=r20220901&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=1573041347052&frm=20&pv=1&ga_vid=1215402833.1662642160&ga_sid=1662642160&ga_hid=1594853769&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069396&oid=2&pvsid=2663326108875024&tmod=230140013&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gOez3t620N&p=https%3A//qa.aly2um.com&dtd=596
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:02:41 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C62B
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHX8C8WQvtaJRBLeAvGF-5A&google_cver=1&google_push=AehlK4CHfk6WeRiyPzFOYOYnKydyXivkNeGL0nXqDovKV384a5tAbLMxbcbvdI1KnNMEEVTnsbP...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdUMjdROTgtUS1BMTlF&google_push=AehlK4CHfk6WeRiyPzFOYOYnKydyXivkNeGL0nXqDovKV384a5tAbLMxbcbvdI1KnNMEEVTnsbPLdgW5nc3wfOlPhUVMCMc0wvRZ

170 B
188 B

22ms
22ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdUMjdROTgtUS1BMTlF&google_push=AehlK4CHfk6WeRiyPzFOYOYnKydyXivkNeGL0nXqDovKV384a5tAbLMxbcbvdI1KnNMEEVTnsbPLdgW5nc3wfOlPhUVMCMc0wvRZ

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 13:02:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdUMjdROTgtUS1BMTlF&google_push=AehlK4CHfk6WeRiyPzFOYOYnKydyXivkNeGL0nXqDovKV384a5tAbLMxbcbvdI1KnNMEEVTnsbPLdgW5nc3wfOlPhUVMCMc0wvRZ
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C62B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEE8ksRc7n7MNZytIyw7e7uY&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEE8ksRc7n7MNZytIyw7e7uY&google_hm=Yxnn8czJp5dqOzAziuVRXQAAFBIAAAAB&google_nid=index&google_push=AehlK4BsH_Hy504XBOP-DRx8LRMulIyIqH4iM...

170 B
188 B

20ms
20ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEE8ksRc7n7MNZytIyw7e7uY&google_hm=Yxnn8czJp5dqOzAziuVRXQAAFBIAAAAB&google_nid=index&google_push=AehlK4BsH_Hy504XBOP-DRx8LRMulIyIqH4iM6U1CADc_5CT2Q7n7XYgUyI07JBiHIUMXK0zTJo_nqMHiqhaR2Er3w_VAbajuoDA

Requested by

Host: qa.aly2um.com
URL: https://qa.aly2um.com/9991/learn-5-important-and-useful-information-about-pets

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 13:02:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Sep 2022 13:02:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ulsHpwPTb1gWckwJHITpVTrvSQiNbmPgR%2FdDEU6LRX5vC%2BCZAPq%2F4O%2FvPIr4JfussIwxF4P%2Fp2PsE4wZ5kys%2BS8ezfKjb1toF1akLsx%2F5Wx648yWQScmoxBVD0i6YLmgFZL7VGe2SqJmnw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEE8ksRc7n7MNZytIyw7e7uY&google_hm=Yxnn8czJp5dqOzAziuVRXQAAFBIAAAAB&google_nid=index&google_push=AehlK4BsH_Hy504XBOP-DRx8LRMulIyIqH4iM6U1CADc_5CT2Q7n7XYgUyI07JBiHIUMXK0zTJo_nqMHiqhaR2Er3w_VAbajuoDA
cache-control: no-cache
cf-ray: 7477e1443bce9267-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C62B 0
12 B 32ms
15ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JoJYJGrOD1t8zomdSixGl8tfQqyiY6D5nNcE1LJjdbjNoad5Q30cWs8_ikUFE0lAqAGkLe

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:02:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E6CB 41 KB
15 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 11:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179731
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Sep 2023 11:07:10 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 53C8 1 KB
749 B 7ms
7ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14081
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 09:08:00 GMT
etag: 48472445140208031
expires: Fri, 09 Sep 2022 09:08:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E6CB 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 761cf86e47c25878fc2eaca46854bf0cdadfa30ea2202d034b9ef74b57840ec0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D234 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 179731
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 11:07:10 GMT
expires: Wed, 06 Sep 2023 11:07:10 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 53C8 35 B
462 B 15ms
9ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEF4qRH9Tezo3Q-yWJI1T6oE&google_cver=1&google_push=AehlK4DFDQJRtaEiJvqX_yFX1n-3xVAD1rozGma_MWaYsq6khjt9vpmB72-rxYvGPSmEODsDkk5CLJBxP2Z-aUHRGx9QNEtYnduY

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 13:02:41 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 53C8
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4CP_p8fjnonXSdrrvsS8OhjuQewf2zpTSvOY0q...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXhubjhRQUFCV0xmWEJvVQ&google_push=AehlK4CP_p8fjnonXSdrrvsS8OhjuQewf2zpTSvOY0qNE-YWxGn-WqAXxVbKNvyjJ5WlOATfr-snqkLErl8jescjOfZCZcQavJfd

170 B
188 B

20ms
19ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXhubjhRQUFCV0xmWEJvVQ&google_push=AehlK4CP_p8fjnonXSdrrvsS8OhjuQewf2zpTSvOY0qNE-YWxGn-WqAXxVbKNvyjJ5WlOATfr-snqkLErl8jescjOfZCZcQavJfd

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 13:02:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXhubjhRQUFCV0xmWEJvVQ&google_push=AehlK4CP_p8fjnonXSdrrvsS8OhjuQewf2zpTSvOY0qNE-YWxGn-WqAXxVbKNvyjJ5WlOATfr-snqkLErl8jescjOfZCZcQavJfd
Date: Thu, 08 Sep 2022 13:02:41 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 53C8
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4DCbOdU...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4DCbOdU...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MDgxMzAyNDIwMDA4MDM5NDk1NjA4NA%3D%3D&google_push=AehlK4DCbOdUyJ2wnbgPZSnRc4NG5lWHwT_2dAtbk-x9oC-EIFXxfkh0lbLT0MATlNIHgk...

170 B
188 B

19ms
18ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MDgxMzAyNDIwMDA4MDM5NDk1NjA4NA%3D%3D&google_push=AehlK4DCbOdUyJ2wnbgPZSnRc4NG5lWHwT_2dAtbk-x9oC-EIFXxfkh0lbLT0MATlNIHgkwAuDuG_-caTtJbXtefTDJRILvSXCDH

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 13:02:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MDgxMzAyNDIwMDA4MDM5NDk1NjA4NA%3D%3D&google_push=AehlK4DCbOdUyJ2wnbgPZSnRc4NG5lWHwT_2dAtbk-x9oC-EIFXxfkh0lbLT0MATlNIHgkwAuDuG_-caTtJbXtefTDJRILvSXCDH
pragma: no-cache
date: Thu, 08 Sep 2022 13:02:42 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Thu, 08 Sep 2022 13:02:42 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 53C8 43 B
134 B 33ms
20ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECiN4rjoqnAcIqf62SWr2kQ&google_cver=1&google_push=AehlK4Ajhzchj3VmmSAlrojKzqvRKo3L4CvEdX1ZmLK7-qkr-6qITKQQUu0bRObOlz2S5vyBqx6QpNP6to5uZ-6-oxAIyZJj1Ntd
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=600&slotname=3796409979&adk=491331604&adf=318908456&pi=t.ma~as.3796409979&w=300&lmt=1662642160&psa=0&format=300x600&url=https%3A%2F%2Fqa.aly2um.com%2F9991%2Flearn-5-important-and-useful-information-about-pets&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662642159544&bpp=1&bdt=151&idt=605&shv=r20220901&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=1573041347052&frm=20&pv=1&ga_vid=1215402833.1662642160&ga_sid=1662642160&ga_hid=1594853769&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=3966&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069396&oid=2&pvsid=2663326108875024&tmod=230140013&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ayEwhCr2yR&p=https%3A//qa.aly2um.com&dtd=608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 13:02:41 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: lhen5cp70hkdcjt99bksfkc3neeedco4

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 53C8 0
166 B 75ms
18ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENdfY1_AOkgAuTjGhkjmubE&google_cver=1&google_push=AehlK4DJgJehlBpa92_klU2Va9F_VWJ-wbKKS-lbZX2fWvwwDXupLZVBXijZAb9hK65hd5dUtlQiQXQ3YEN6acBJ2hePcIohnHAS
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=600&slotname=3796409979&adk=491331604&adf=318908456&pi=t.ma~as.3796409979&w=300&lmt=1662642160&psa=0&format=300x600&url=https%3A%2F%2Fqa.aly2um.com%2F9991%2Flearn-5-important-and-useful-information-about-pets&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662642159544&bpp=1&bdt=151&idt=605&shv=r20220901&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=1573041347052&frm=20&pv=1&ga_vid=1215402833.1662642160&ga_sid=1662642160&ga_hid=1594853769&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=3966&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069396&oid=2&pvsid=2663326108875024&tmod=230140013&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ayEwhCr2yR&p=https%3A//qa.aly2um.com&dtd=608
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:02:41 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 53C8
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEG8jCXCsNEB7y5gJo18i6Sg&google_cver=1&google_push=AehlK4D8L1XoM183o7qd3QGlqCHu5Rg6T5ibUGzu8yWmmazDpGxhVk2zymGVikCVRydAMVJtAls...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdUMjdROU8tSi1GNElU&google_push=AehlK4D8L1XoM183o7qd3QGlqCHu5Rg6T5ibUGzu8yWmmazDpGxhVk2zymGVikCVRydAMVJtAls5hu0TpkIKuUH_FENP3LuoiTs

170 B
188 B

19ms
18ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdUMjdROU8tSi1GNElU&google_push=AehlK4D8L1XoM183o7qd3QGlqCHu5Rg6T5ibUGzu8yWmmazDpGxhVk2zymGVikCVRydAMVJtAls5hu0TpkIKuUH_FENP3LuoiTs

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 13:02:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdUMjdROU8tSi1GNElU&google_push=AehlK4D8L1XoM183o7qd3QGlqCHu5Rg6T5ibUGzu8yWmmazDpGxhVk2zymGVikCVRydAMVJtAls5hu0TpkIKuUH_FENP3LuoiTs
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 53C8
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEePYS8dvYCMwbVk4MzVj2s&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEePYS8dvYCMwbVk4MzVj2s&google_hm=Yxnn8czJp5dqOzAziuVRXQAAFBIAAAAB&google_nid=index&google_push=AehlK4BHX5oWv3hlTozsYTEa8x16mLlEFm_xe...

170 B
188 B

19ms
19ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEePYS8dvYCMwbVk4MzVj2s&google_hm=Yxnn8czJp5dqOzAziuVRXQAAFBIAAAAB&google_nid=index&google_push=AehlK4BHX5oWv3hlTozsYTEa8x16mLlEFm_xe8bSvkbKnsqaVCPEtah1vLLYTY7y-QyNn7vcQEXWUufnon5QA7JQWEXT2AUXcIua

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 13:02:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Sep 2022 13:02:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ty5B2Z%2BwBnVkDVTKEq3CET0ROTFYRqQ%2FiAEm%2BoE89sz2My4Ls17tG1JuOkQdpoyYgiyZ%2FS3HlEGAhD9SnhYgkw7nK2zcxEFBt7vdBc5XRHrkbuZzHanT%2B3QJZVJCnWJ69naltVtYM4r6nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEePYS8dvYCMwbVk4MzVj2s&google_hm=Yxnn8czJp5dqOzAziuVRXQAAFBIAAAAB&google_nid=index&google_push=AehlK4BHX5oWv3hlTozsYTEa8x16mLlEFm_xe8bSvkbKnsqaVCPEtah1vLLYTY7y-QyNn7vcQEXWUufnon5QA7JQWEXT2AUXcIua
cache-control: no-cache
cf-ray: 7477e1443bd19267-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 53C8 0
12 B 20ms
16ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L5WPUnxoB0QqABd_bO4Gr2k7R94bYFCWBkxFEzH6bJYoUrxs82ml00ZKpNlDp8EpMwIDGZ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:02:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/ Frame F899 20 KB
4 KB 42ms
18ms Document
text/html 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=hIl20mnxr9&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03432474ec9f60ee729e17904a239e0b37cd07468e2c9809e5cc2a166e1a8e9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 13:02:41 GMT
expires: Fri, 08 Sep 2023 13:02:41 GMT
last-modified: Tue, 10 May 2022 13:01:44 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E6CB 0
622 B 94ms
53ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuhplMmOg4WeUh7kZA98y1FvnZ0ndoBzkT2fZoWM95k6T_1hZh3n9ijlOMlFcvaMKn1cnA0VojtPe-wlRTmo8nuVt_AEHmF9Zg2LQMNDdv0KGNaYMsr6jBinSjcBURFlarsNqLtMS-XJvZgfBxXyUdDSoAMFVV93oDtP5LQBdK6xyQLX4TBAI6JvYg40fhhnQv-_u4II7P5JTKMF4LyT6ogiUKd5MeJQcXb1HacIEdLRpgVxWeG0htaG99VNZ44EMeoqGecrJ4k5oipteeNc8kQb-rEFBE0V_4cghxoeg4a_EDppDs80e-5eIjE60ofWiWoRBsOTNzx1Hvfxs3MUAL-SzC8bG3g7xnO45UdKz66cuBNIUQSExLlVJlx38F1YIQCq4iPhJztRquGkNnfVeyEsT77mbfdzGzJxJ_d3EPOdmXgMaiHA49pWmzbThRVaKT8EGq_gocCEIynn8rxOga4bq16INKQGfqpb5TNS8WkowfEUbIfIN_PDUjQZtJqJ3102yCQEiH1fd7p6ArVw67IRQhMmoOOcYdI1DLA-IPbEh3IbcrLnorHeTul8LryHh98pVR_MB4Ee3WOli_xoe1JExQUOz1O81Mx0jfked1z-878eCDv_5tUq3DSb-0qU4VQMoEGfKxfbrkEpYDbVRXeqoA15YgrIujt4g2Zpr4Jnqj5RE8pSRf5eUSAdKZINQt88qlX8_wTWsRo6lcPKOO9ljpIagN8-fem-pKW-5f9E1PcifgRwqafT5O_FsWOovnMd-H4UgyPqS3I7NlYjP6k17GWLkSdgOnLo51x4c_KuCAIsw0-T7hlJ0-kbVwC558fW-iVq0PXYC6yCkIKAgImzCXzA417Pmq9ntoMkJ_3Z1Qu8hRdfG8lb8ESPIaLu4zlS4mfCdOaFOWQRCmgveR8qptac9MhgzLxZzj6FVAEDTD4lTlRv5yCaDls-jxnBcheYoqs4orCPZ4LowOwAX8mSLsneMA3J8hnM8zgkA2X-i6HS2mk_Puz27u-jQX5aH1Wxarv6oIJpFxmkKG_vNk4wXnPb6wvTTE6slGZ-jzC-AMcBX2f880w-zzRsXwchbgshROdxB7PfpCAsKhvb_ZLr6mP1rh8MszM0ybD0MGNC8KIsSrAfDX79ghN10u4vGkjjrz5fl8CkARkrP5i4ahBc85xxiwbSq4j0RccPBNHehPrAWrtKDvDAZ7YCJ_jjzVkY1EdPG0vy862J1QyyMhdy-uwuIWUDJbPwAzwWHPfUBno&sai=AMfl-YSuoC_7m61CWHR6ihu1bg6llsmKHyWl870grttT_YsDMQRHT8shAzST4NfojVBnhAUNNemSsNoZMQN-EGEk8l9OT6T7UprNf9w-Q5Wq97IkKt7_EehJ_ScKf1v29We28bUTowPmrYrYKKFRPMYNVPJS__l6bg&sig=Cg0ArKJSzMk757RanBpeEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=109&cbvp=1&cstd=104&cisv=r20220901.22761&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: ois.is
URL: https://ois.is/rr/page-1.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 08 Sep 2022 13:02:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js Show response
pagead2.googlesyndication.com/bg/ Frame D234 36 KB
16 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 12:19:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89009
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15954
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 12:19:12 GMT

GET
H3 200 PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js Show response
pagead2.googlesyndication.com/bg/ Frame 76D4 36 KB
16 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 12:19:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89009
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15954
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 12:19:12 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 08A2 0
20 B 43ms
43ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoPCAEqC2JsdWUtc3F1YXJlCgoIAioGc2VydmVyChoIBCoWbXlzaWRpYV9hbmFseXRpY3NfZXhwMwoNECshAAAAAAAAHEAwBAoNEAMhAAAAnJmpj0AwBAoNEAohAAAAgGbmN0AwBAoNEA0hAAAAAAAAAAAwBAoNEB4qBzc0OHgyODAwBAoNEBkqBzc0OHgyODAwBAoNEA4hAAAAAICZuT8wBAoNEAQhAAAAZmY4kEAwBAoNEA8hAAAAAAAAAAAwBAoNECshAAAAAAAAQUAwBAoNEAUhAAAAmpk5kEAwBAoNEBAhAAAAAAAt40AwBAoNEBEhAAAAAEBy0UAwBAoNEBIhAAAAAAAAFEAwBAoNEBMhAAAAAAAACEAwBAoNEBchAAAAAADOkEAwBAoNEBQhAAAAAABI6UAwBAoNEBUhAAAAAAAALEAwBAoNEBYhAAAAAAAAGEAwBAoNEBghAAAAzswSk0AwBAoNEDIhAAAAAICZuT8wBAoNEDMhAAAAAICZuT8wBAoNEDQhAAAAAICZuT8wBAoNEDUhAAAAAICZuT8wBAoNEDYhAAAAAICZuT8wBAoNEDchAAAAAICZuT8wBAoNEDghAAAAANDM7D8wBAoNEDkhAAAAaGbmjUAwBAoNEDohAAAANDMHjkAwBAoNEDshAAAANDPNkEAwBAoNEDwhAAAANDPNkEAwBAoNED0hAAAAAADOkEAwBAoNED4hAAAAZmbukkAwBAoNED8hAAAAZmbukkAwBAoNEEAhAAAAAAAik0AwBBIaQ04ybDR0cWdoZm9DRlpkS0hnSWQybGNDYlEiJmxvY2F0aW9uL2xvY2F0aW9uX2V4dGVuc2lvbl9hd3hfc3F1YXJlKBw=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/06063cd58e45168da559108c95181079.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 13:02:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adlib.css
s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/ Frame F899 5 KB
2 KB 12ms
10ms Stylesheet
text/css 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/adlib.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=hIl20mnxr9&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90ffe9c3c7fc061d72993059a62d15675b509f98a1da6dd20794d067bf482b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=hIl20mnxr9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 17:42:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69610
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1870
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Sep 2023 17:42:31 GMT

GET
H3 200 fonts.css
s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/ Frame F899 1002 B
256 B 13ms
12ms Stylesheet
text/css 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/fonts.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=hIl20mnxr9&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

400b356ca22f3e2283d3822a337d97c84c6c03c6ce51d79dae917a50d04f982d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=hIl20mnxr9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 16:49:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245609
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 227
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 05 Sep 2023 16:49:12 GMT

GET
H3 200 adStyle.css
s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/ Frame F899 5 KB
1 KB 12ms
11ms Stylesheet
text/css 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/adStyle.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=hIl20mnxr9&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

069b1d320215b1b841cdd04ec7cd4d8e7406bfa804b03231244ca95877ea0dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=hIl20mnxr9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 18:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1068
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Sep 2023 18:14:27 GMT

GET
H3 200 Enabler_01_248.js Show response
s0.2mdn.net/879366/ Frame F899 118 KB
40 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_248.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=hIl20mnxr9&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=hIl20mnxr9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 21:45:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55022
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41094
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:45:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Sep 2022 21:45:39 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame F899 57 KB
23 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=hIl20mnxr9&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=hIl20mnxr9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Sep 2022 13:02:41 GMT

GET
H3 200 SplitText.min.js Show response
s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/ Frame F899 9 KB
4 KB 18ms
17ms Script
application/x-javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/SplitText.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=hIl20mnxr9&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=hIl20mnxr9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 18:14:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67694
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3818
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Sep 2023 18:14:27 GMT

GET
H3 200 adlibUtils-v3.js Show response
s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/ Frame F899 25 KB
10 KB 15ms
14ms Script
application/x-javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/adlibUtils-v3.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=hIl20mnxr9&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6aed3a238eccdba51ccad99da44ae89e563a5e561cff593bdaa35982b8cc16f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=hIl20mnxr9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 18:14:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67692
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10657
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Sep 2023 18:14:29 GMT

GET
H3 200 animation.js Show response
s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/ Frame F899 18 KB
3 KB 17ms
16ms Script
application/x-javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/animation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=hIl20mnxr9&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

476e4379a0ef1b75a78f9d8df86027b89ace5ec01d16bc3e15f7d851b362529d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=hIl20mnxr9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 17:42:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69610
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2731
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Sep 2023 17:42:31 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame E6CB
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/886862/62195779/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_8ecZY-...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

31ms
12ms

Script
application/javascript

2600:9000:223f:1e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=600&slotname=3796409979&adk=491331604&adf=318908456&pi=t.ma~as.3796409979&w=300&lmt=1662642160&psa=0&format=300x600&url=https%3A%2F%2Fqa.aly2um.com%2F9991%2Flearn-5-important-and-useful-information-about-pets&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662642159544&bpp=1&bdt=151&idt=605&shv=r20220901&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=1573041347052&frm=20&pv=1&ga_vid=1215402833.1662642160&ga_sid=1662642160&ga_hid=1594853769&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=3966&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069396&oid=2&pvsid=2663326108875024&tmod=230140013&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ayEwhCr2yR&p=https%3A//qa.aly2um.com&dtd=608
Protocol: H2
Server: 2600:9000:223f:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:07:55 GMT
content-encoding: gzip
age: 161686
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Tue, 06 Sep 2022 16:07:48 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
x-amz-version-id: EIole.IHkiDJxKVfO1S7cyRYWKsHRRtd
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: XhtKdoJxFHo6gvVUklSgSApgJcCrArwO5DLKubLyvX675_qwb_OjQA==

Redirect headers

pragma: no-cache
date: Thu, 08 Sep 2022 13:02:41 GMT
x-server-name: app08.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame C0BF 80 KB
21 KB 62ms
11ms Script
application/javascript 2600:9000:223f:1e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=600&slotname=3796409979&adk=491331604&adf=318908456&pi=t.ma~as.3796409979&w=300&lmt=1662642160&psa=0&format=300x600&url=https%3A%2F%2Fqa.aly2um.com%2F9991%2Flearn-5-important-and-useful-information-about-pets&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662642159544&bpp=1&bdt=151&idt=605&shv=r20220901&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=1573041347052&frm=20&pv=1&ga_vid=1215402833.1662642160&ga_sid=1662642160&ga_hid=1594853769&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=3966&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069396&oid=2&pvsid=2663326108875024&tmod=230140013&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ayEwhCr2yR&p=https%3A//qa.aly2um.com&dtd=608
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:34:34 GMT
content-encoding: gzip
age: 9952088
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: LbvIeV-bjbE14qfmtyjni__IYONjNvbPpwjKZZjEvcpgnut_DpD8KQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E6CB 43 B
216 B 557ms
162ms Image
image/gif 2600:1f13:800:7782:ef30:5aef:8f46:e8d3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=58cf3b2e-4945-c340-8657-f142e69165d8&tv=%7Bc:nCYryQ,pingTime:-3,time:48,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:49,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B44~0%5D,as:%5B44~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tgQB4kc+11%7C12%7C13%7C14%7C151%7C152%7C16*.886862-62195779%7C161%7C162%7C1631%7C164,idMap:16*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=600&slotname=3796409979&adk=491331604&adf=318908456&pi=t.ma~as.3796409979&w=300&lmt=1662642160&psa=0&format=300x600&url=https%3A%2F%2Fqa.aly2um.com%2F9991%2Flearn-5-important-and-useful-information-about-pets&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662642159544&bpp=1&bdt=151&idt=605&shv=r20220901&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=1573041347052&frm=20&pv=1&ga_vid=1215402833.1662642160&ga_sid=1662642160&ga_hid=1594853769&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=3966&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069396&oid=2&pvsid=2663326108875024&tmod=230140013&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ayEwhCr2yR&p=https%3A//qa.aly2um.com&dtd=608
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:ef30:5aef:8f46:e8d3 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 13:02:42 GMT
x-server-name: dt20.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E6CB 43 B
215 B 559ms
167ms Image
image/gif 2600:1f13:800:7782:ef30:5aef:8f46:e8d3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=58cf3b2e-4945-c340-8657-f142e69165d8&tv=%7Bc:nCYryS,pingTime:-6,time:50,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:50,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B45~0%5D,as:%5B45~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tgQB4kc+11%7C12%7C13%7C14%7C151%7C152%7C16*.886862-62195779%7C161%7C162%7C1631%7C164,idMap:16*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:qa.aly2um.com*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=600&slotname=3796409979&adk=491331604&adf=318908456&pi=t.ma~as.3796409979&w=300&lmt=1662642160&psa=0&format=300x600&url=https%3A%2F%2Fqa.aly2um.com%2F9991%2Flearn-5-important-and-useful-information-about-pets&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662642159544&bpp=1&bdt=151&idt=605&shv=r20220901&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=1573041347052&frm=20&pv=1&ga_vid=1215402833.1662642160&ga_sid=1662642160&ga_hid=1594853769&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=3966&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069396&oid=2&pvsid=2663326108875024&tmod=230140013&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ayEwhCr2yR&p=https%3A//qa.aly2um.com&dtd=608
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:ef30:5aef:8f46:e8d3 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 13:02:42 GMT
x-server-name: dt22.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E6CB 0
26 B 64ms
45ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuhplMmOg4WeUh7kZA98y1FvnZ0ndoBzkT2fZoWM95k6T_1hZh3n9ijlOMlFcvaMKn1cnA0VojtPe-wlRTmo8nuVt_AEHmF9Zg2LQMNDdv0KGNaYMsr6jBinSjcBURFlarsNqLtMS-XJvZgfBxXyUdDSoAMFVV93oDtP5LQBdK6xyQLX4TBAI6JvYg40fhhnQv-_u4II7P5JTKMF4LyT6ogiUKd5MeJQcXb1HacIEdLRpgVxWeG0htaG99VNZ44EMeoqGecrJ4k5oipteeNc8kQb-rEFBE0V_4cghxoeg4a_EDppDs80e-5eIjE60ofWiWoRBsOTNzx1Hvfxs3MUAL-SzC8bG3g7xnO45UdKz66cuBNIUQSExLlVJlx38F1YIQCq4iPhJztRquGkNnfVeyEsT77mbfdzGzJxJ_d3EPOdmXgMaiHA49pWmzbThRVaKT8EGq_gocCEIynn8rxOga4bq16INKQGfqpb5TNS8WkowfEUbIfIN_PDUjQZtJqJ3102yCQEiH1fd7p6ArVw67IRQhMmoOOcYdI1DLA-IPbEh3IbcrLnorHeTul8LryHh98pVR_MB4Ee3WOli_xoe1JExQUOz1O81Mx0jfked1z-878eCDv_5tUq3DSb-0qU4VQMoEGfKxfbrkEpYDbVRXeqoA15YgrIujt4g2Zpr4Jnqj5RE8pSRf5eUSAdKZINQt88qlX8_wTWsRo6lcPKOO9ljpIagN8-fem-pKW-5f9E1PcifgRwqafT5O_FsWOovnMd-H4UgyPqS3I7NlYjP6k17GWLkSdgOnLo51x4c_KuCAIsw0-T7hlJ0-kbVwC558fW-iVq0PXYC6yCkIKAgImzCXzA417Pmq9ntoMkJ_3Z1Qu8hRdfG8lb8ESPIaLu4zlS4mfCdOaFOWQRCmgveR8qptac9MhgzLxZzj6FVAEDTD4lTlRv5yCaDls-jxnBcheYoqs4orCPZ4LowOwAX8mSLsneMA3J8hnM8zgkA2X-i6HS2mk_Puz27u-jQX5aH1Wxarv6oIJpFxmkKG_vNk4wXnPb6wvTTE6slGZ-jzC-AMcBX2f880w-zzRsXwchbgshROdxB7PfpCAsKhvb_ZLr6mP1rh8MszM0ybD0MGNC8KIsSrAfDX79ghN10u4vGkjjrz5fl8CkARkrP5i4ahBc85xxiwbSq4j0RccPBNHehPrAWrtKDvDAZ7YCJ_jjzVkY1EdPG0vy862J1QyyMhdy-uwuIWUDJbPwAzwWHPfUBno&sai=AMfl-YSuoC_7m61CWHR6ihu1bg6llsmKHyWl870grttT_YsDMQRHT8shAzST4NfojVBnhAUNNemSsNoZMQN-EGEk8l9OT6T7UprNf9w-Q5Wq97IkKt7_EehJ_ScKf1v29We28bUTowPmrYrYKKFRPMYNVPJS__l6bg&sig=Cg0ArKJSzMk757RanBpeEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=324&vt=11&dtpt=215&dett=3&cstd=104&cisv=r20220901.22761&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: ois.is
URL: https://ois.is/rr/page-1.php

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Sep 2022 13:02:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E6CB 43 B
215 B 543ms
165ms Image
image/gif 2600:1f13:800:7782:ef30:5aef:8f46:e8d3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=58cf3b2e-4945-c340-8657-f142e69165d8&tv=%7Bc:nCYrz6,pingTime:-2,time:64,type:a,im:%7Bsf:0,pci:%7Btdr:51%7D,pom:1,prf:%7BbeA:1331,beZ:1332,mfA:1333,cmA:1334,inA:1334,inZ:1338,prA:1339,prZ:1343,si:1348,poA:1349,poZ:1368,cmZ:1368,mfZ:1368,loA:1381,loZ:1383,ltA:1395,ltZ:1395%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:64,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B59~0%5D,as:%5B59~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tgQB4kc+11%7C12%7C13%7C14%7C151%7C152%7C16*.886862-62195779%7C161%7C162%7C1631%7C164,idMap:16*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,sinceFw:46,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=600&slotname=3796409979&adk=491331604&adf=318908456&pi=t.ma~as.3796409979&w=300&lmt=1662642160&psa=0&format=300x600&url=https%3A%2F%2Fqa.aly2um.com%2F9991%2Flearn-5-important-and-useful-information-about-pets&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662642159544&bpp=1&bdt=151&idt=605&shv=r20220901&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=1573041347052&frm=20&pv=1&ga_vid=1215402833.1662642160&ga_sid=1662642160&ga_hid=1594853769&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=3966&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069396&oid=2&pvsid=2663326108875024&tmod=230140013&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ayEwhCr2yR&p=https%3A//qa.aly2um.com&dtd=608
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:ef30:5aef:8f46:e8d3 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 13:02:42 GMT
x-server-name: dt24.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F899 7 KB
6 KB 68ms
51ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_248&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a711420f555136caf18ad4466aed0f11e2da7b05961e62751954b660222cb92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Sep 2022 13:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5797
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D234 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BmSBs8ecZY-DoBdqy3gOWopnYDAAAAAA4AeAEAg&bg=!ubqluv7NAAZTikH4c4o7ACkAdvg8Wsnfz3sZ1Bc8aBcVPMRA3tp9OpIKC6tfgOuTO27I7WVoZNE01gIAAADbUgAAAAFoAQeZAs1iHA4TZtd6AOF9DOWAd3Ej3DlDaviejw8pi_8k-JFiKna_YvDT0QdmsimOfCK5IS2KYj1gnDypohW3hwtLybVDd2tCej01bzD06pxMT3_ZbUT_kYi-B3vLSm-kLkYWI7aADUrbefQuq2j7EiJIaSXTryJAAOxtE-x9sWsxztXC8uiwE9KkuMjNQiwwwP430UzfGvutqiPuh_yGfEZrDXpVlH0dPQDKYZflbVbm6kFWgBtulEQD298ThCyTAxXz4mUgvcttu-kwBIz5NHJQr9ILL-6gnEVh0x_bFuVBL-0BY0DPjsBHunF7elFwuhV6S3LJQ9gO5yMn4kTowakmzKRHkKcSHkgE_5B7IBmhwvo9H4kQ36p95-R-hX0tzmw5qX_Wz343OTL5MNXlxuvourMtiQ9pyziLS-ST1uF_NZvBDy6K6m-Ri_L9W5foeYn1do3jnzkg0ez_jLvTA97MDo10AuvFtpmJd8R3RS85DxES3tGMTuFhODMi0uLgmKR_hldAxjvra1F4Xb3qYgvLnD_axXdIUbvTZBVONbdle-NX6eQWy9md-rlbR1orv2YLSfGauY2_j3fNlDIBjWFB1yeaHmj7t_sC7JZFWezmaXxTobx-Fpp3Wfp_gblfGbntj1oZ5ws7MOdhyT85ueI9RSU-4Mu4Z4pZ0zHh_Ec8L_kopu-LDRoeSRd1KQ3dSxGJsN1C4PJe-Fu9fUaPQ88YHRyauWFyC8uYe49yADd4ZVqwGgRka2tQ2OFZVNubUnrDWjzDUyZcKTV143sc2MpBdX6ihl1GlWurNQapBTFjRkxYfxF3N98aQNlvpndLSAL3BXjTbdAqURVfDV2rITovBL7X0XyxaApP2tpL8_-JCpwGqF8fOB1aJaWCLFMomDk-qF3MrB2Hs4bM2JiJ6QDPzH7bd1ayJ0wNSDq0_2ONn2esVVCP7jjN3tT9v1y0j6Q

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 13:02:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F899 17 KB
6 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 08 Sep 2022 13:02:41 GMT

GET
H3 200 skyblue.png_1650378740125_skyblue.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d5c1f92367fde122afbc/original/ Frame F899 6 KB
6 KB 9ms
8ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d5c1f92367fde122afbc/original/skyblue.png_1650378740125_skyblue.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1904a820a1f4b161f319ff251a5b500ea177e6aaf15811e5ba06e4683083f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=hIl20mnxr9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:07:07 GMT
x-content-type-options: nosniff
age: 3334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5953
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Sep 2023 12:07:07 GMT

GET
H3 200 Pool-Boy_NoSmile_Ret_72dpi_834_-2_1.79.jpeg_1652778014080_Pool-Boy_NoSmile_Ret_72dpi_834_-2_1.79.jpeg
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/62751721d8cd7e2693d58e6d/original/ Frame F899 48 KB
48 KB 12ms
10ms Image
image/jpeg 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/62751721d8cd7e2693d58e6d/original/Pool-Boy_NoSmile_Ret_72dpi_834_-2_1.79.jpeg_1652778014080_Pool-Boy_NoSmile_Ret_72dpi_834_-2_1.79.jpeg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4bd8351a70f5ad258d6ff6ad69a39f7cf3e892621971a00a3e8ab2274b1c00d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=hIl20mnxr9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:07:21 GMT
x-content-type-options: nosniff
age: 3320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49355
x-xss-protection: 0
last-modified: Tue, 17 May 2022 09:00:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Sep 2023 12:07:21 GMT

GET
H3 200 vector.png_1650378740125_vector.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d585f92367126822adf8/original/ Frame F899 8 KB
8 KB 15ms
13ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d585f92367126822adf8/original/vector.png_1650378740125_vector.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

585aabd899edffe4cffa8c055e5b0ce9394022a443ddce7aaa29eb84a3d8a198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=hIl20mnxr9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:07:07 GMT
x-content-type-options: nosniff
age: 3334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7717
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Sep 2023 12:07:07 GMT

GET
H3 200 gradient.png_1650378740125_gradient.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d5a2f92367011222aeb0/original/ Frame F899 59 KB
59 KB 14ms
12ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d5a2f92367011222aeb0/original/gradient.png_1650378740125_gradient.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

034ae21739010d774ace7bbcaaf86ab1bf8c1f7af87eddb952a15345d4115154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=hIl20mnxr9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 12:07:07 GMT
x-content-type-options: nosniff
age: 3334
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60591
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Sep 2023 12:07:07 GMT

GET
H3 200 blank.png_1650378740125_blank.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6113a5288a7ab49328617a1f/original/ Frame F899 91 B
117 B 19ms
18ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6113a5288a7ab49328617a1f/original/blank.png_1650378740125_blank.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4df4f831ed5cdb639c42779819720daea3b9850e12cafe851ea4b242ccaa166e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=hIl20mnxr9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 08:00:04 GMT
x-content-type-options: nosniff
age: 450157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 08:00:04 GMT

GET
H3 200 icon1.png_1650378740125_icon1.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea121d029b4639aea044d/content/ Frame F899 7 KB
7 KB 15ms
13ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea121d029b4639aea044d/content/icon1.png_1650378740125_icon1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aada9922d43e2107b82a139dff7179ed9dddb86da040ec3e5e98e0f57e420d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=hIl20mnxr9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 08:00:49 GMT
x-content-type-options: nosniff
age: 450112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7071
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 08:00:49 GMT

GET
H3 200 icon2.png_1650378740125_icon2.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea121d029b4639aea044d/content/ Frame F899 6 KB
6 KB 15ms
14ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

829faafbb39055b06c83f4b6b208d52dc50e0119499f827d573888f5846d3a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=hIl20mnxr9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 08:00:49 GMT
x-content-type-options: nosniff
age: 450112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5901
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 08:00:49 GMT

GET
H3 200 icon3.png_1650378740125_icon3.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea121d029b4639aea044d/content/ Frame F899 6 KB
6 KB 18ms
17ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0836d2070d6754e9355c30c8b2c34174428c5e78e25b6668aba9d10fb7cd6d78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=hIl20mnxr9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 08:00:49 GMT
x-content-type-options: nosniff
age: 450112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6126
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 08:00:49 GMT

GET
H3 200 logo.png_1650378740125_logo.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea121d029b4639aea044d/content/ Frame F899 3 KB
3 KB 19ms
18ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94ae8e248d081ccb4096fb784379fac2dc61da4bba62eee5d920b5c89a142215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=hIl20mnxr9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:47:47 GMT
x-content-type-options: nosniff
age: 101694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3423
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 08:47:47 GMT

GET
H3 200 logo2.png_1650378740125_logo2.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea121d029b4639aea044d/content/ Frame F899 2 KB
2 KB 19ms
18ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff6db6c1dd0910b5619dafb5284abf59aa7bb8c6d3d0122c1ba5983cddaaa2a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=hIl20mnxr9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 08:00:49 GMT
x-content-type-options: nosniff
age: 450112
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1701
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 08:00:49 GMT

GET
H3 200 PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js Show response
pagead2.googlesyndication.com/bg/ Frame 413E 36 KB
16 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 12:19:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89009
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15954
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 12:19:12 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E6CB 43 B
215 B 206ms
163ms Image
image/gif 2600:1f13:800:7782:ef30:5aef:8f46:e8d3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=58cf3b2e-4945-c340-8657-f142e69165d8&tv=%7Bc:nCYrEw,pingTime:-10,time:400,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNS4wLjUxOTUuMTAyIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1662642161883%7C%7C29c7faeda3d2be941a5a51fd7c12857b%7C%7C56c24cb524127a0f41136c1e5c39617f%7C%7C0831741c0eb2a59169f68ccb00488230%7C%7C26faf3e672ce036fe98bff1141a1946f%7C%7Cdb3927b869c83d23bd16c1912ecce704%7C%7C14a1e4a601944cdffb60a02bad34dbe1%7C%7C504ed16f830440beedac159c3631d8c5%7C%7C1629390669%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=600&slotname=3796409979&adk=491331604&adf=318908456&pi=t.ma~as.3796409979&w=300&lmt=1662642160&psa=0&format=300x600&url=https%3A%2F%2Fqa.aly2um.com%2F9991%2Flearn-5-important-and-useful-information-about-pets&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662642159544&bpp=1&bdt=151&idt=605&shv=r20220901&mjsv=m202209060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=1573041347052&frm=20&pv=1&ga_vid=1215402833.1662642160&ga_sid=1662642160&ga_hid=1594853769&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=3966&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31069396&oid=2&pvsid=2663326108875024&tmod=230140013&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ayEwhCr2yR&p=https%3A//qa.aly2um.com&dtd=608
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:ef30:5aef:8f46:e8d3 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 13:02:42 GMT
x-server-name: dt23.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 55ms
55ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220901&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bfc613b5b1d126af6d5fb0ad87d9a6be84f4175c5ff1fa2a11fd9bfc2646eabf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Sep 2022 13:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11224
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 08 Sep 2022 13:02:42 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0B21 13 KB
5 KB 9ms
8ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 173
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 12:59:49 GMT
expires: Fri, 08 Sep 2023 12:59:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FBD7 783 B
536 B 19ms
19ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ce8d9891902e2f7c5bc2f0ef659444e23f1de3e07a7a17bcf715997385cfa60c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JjaL4fQ8oVvBPFfiIwd1zQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qa.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-JjaL4fQ8oVvBPFfiIwd1zQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 08 Sep 2022 13:02:42 GMT
expires: Thu, 08 Sep 2022 13:02:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js Show response
pagead2.googlesyndication.com/bg/ Frame 0B21 36 KB
16 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 12:19:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15954
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 12:19:12 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FBD7 0
0 42ms
41ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220901&jk=2663326108875024&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 08A2 42 B
64 B 50ms
50ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvhMFNm7HK2uX-yrceY8F-rz01xXrzOYlhkjptNQvjkzUFoW08o2PAH8GUHy9wyCwg6cg-cfqhMSDf4HVXvZmrdNNaPE_bjmiTD_xtPE5ne0fy9cJCLg8UwL1LSA6QW7OW3HXvbug&sai=AMfl-YQbSRMbwX-x1wlSG3sndtrc9nvGbIsKvasBzkX-UbTwwsQOKYtYHqxmOFV0WlnH0bvPs8pW0QuitVz6d5tqlmlHg_nGw9x5SQo&sig=Cg0ArKJSzKU7Ftx7_fYcEAE&cid=CAASF-RoGvGUqhQuGLvILckEZ7t6T_wozpsd&id=lidar2&mcvt=1002&p=0,0,280,748&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2125970011&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662642160140&rpt=1221&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Sep 2022 13:02:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0B21 0
10 B 9ms
8ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?290IFg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:02:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
44ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220901&jk=2663326108875024&bg=!t7SltPDNAAZTikH4c4o7ACkAdvg8WmzMWisTo1l4Y44ftb4rT-EH267POVwLKVjxZic4T63OSqHWwwIAAABWUgAAAAJoAQcKAKjdkMkEmi0shipC-jWimoXX7asYGH5xn0wChrZKGeJs-Ivlx4dJHihjagpmqCPxmdoXLy4jhYbNr9yBLp-gsQXyKs2xqMjLEaVLngTQ4eMoOVey6iUmOhrYlEhV1aWnmICCXUG-V3BUIrJwABodxNRqeAEunA_GqkyC9-QNJzcAtcJDQnZQqeRxQevnVaG6L3s7z9_8XwITlQFIrsZ8LXtfsc0MN5mlfnaZAqhuMOBaZYaCOnm0kRNXi6xUQzGc47pKzs2n-FjvpENf3AQ880JHTeb5WIUpAJkXkyjzPGXHTDyxq-Afl6vBCJTfEQMRa20H6Hb6jClJ54QpeQHe-bZuR52yvczyiqwrEossou9o-xL3NNCegjBFm3gDvJ9NGXgJAI8UAarNaslpmmo_fsAmU6gKu2_OGagMSGolD2zeb8-OH5unICyEHyEn3uFRBTht4UZfk0aIzDV7Zfrc2HjtTrqCjA_mj5x8GEav_lplyMXZIA4RxXWproYE8TAzQfd09wns-ToGMi2Cn_er7i1jSSr3goV3GFK7sbLl98a3VDY9fZYiCbVdkMPfrUaIiiHhFKm5iXNgz5Ih_wKxErYEa__OX-tfBFJw2NBYGcIvS4_82F3-GdhYzt9vmWBgeK2I0aAWe8JqUmHzHu9OM3bpfUKCi9ajtu6e6gUjUIvoDZVlL2LObB3EUsE7CkwE666dTrhihzwIR6csl2ZdX94EZjoF89RqNYFU5Sq6jzMTJNJIbLTvdqDxG6YIGC0t6vAn_BijREOYOwrJ6s4d1vYBsmnMKRBSXThJMUSZNzRgb_lCJ8f1Zh4NV0KlGRmClbjG3iHJGEJPERGP35LrT9DyO_vdmzmTl3YBhgqW74H_OwAloQ_PLsUNKNC6KQWwJC_pC_EKUnAwY62JjWdWeEvIS2gsEZcp_KgJvp85Git5xC8DvQZL7dTjfB1fWmIZgC0MAA-afIMgc8jPs39d9dr2APTaVe2yWQ5IejSWTCxkMxdF2MPzoqDQ6Ap2m-sgYfeQVpovhYIYAY0pQDQsogEVI6y64yt-OGwUlm4kVDKPigTYcTpV02hJ75pwVp9Zbso7nLR2OXEde98Joanj0BHKddQI5BbTRzwiwmzzGHlqa6ePWw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://qa.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-20 10:09:54	Name: _bit Value: m88d2C-0d5d5485b2024208fd-00N
.google.com/	1970-01-20 15:20:28	Name: __Secure-ENID Value: 6.SE=fjX6rjGRcvl_AHNvstrITNlWdlaod0aYtm6F73nin3zj6aET8-YXfGnw5xcFKjm_wmaSrip2ZZacMFSctttnVRtDDtCF6FBhKQ7TUwpouSbr-T4UmgPccgoCYDlo6NgtwfE2WgooJfI6RG7dF-2sfY0gKjZ3YL3GIUmysH-gQNY
.google.com/	1970-01-20 15:26:42	Name: CONSENT Value: PENDING+225
qa.aly2um.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 5594f9da0e3bbc4714aca7136b2040cf
qa.aly2um.com/	1970-01-20 05:53:34	Name: qa_key Value: qecl7wrru2rabseczh5zqo40lthdnza8
.aly2um.com/	1970-01-20 15:26:42	Name: _ga Value: GA1.2.1215402833.1662642160
.aly2um.com/	1970-01-20 05:52:08	Name: _gid Value: GA1.2.1403626847.1662642160
.aly2um.com/	1970-01-20 05:50:42	Name: _gat_gtag_UA_237003713_1 Value: 1
.aly2um.com/	1970-01-20 15:12:18	Name: __gads Value: ID=543d3b431dc67b05-2253f49415ce0042:T=1662642159:RT=1662642159:S=ALNI_Ma7eMYSOsC7Po1TvXqEQmDuFjdS0A
.aly2um.com/	1970-01-20 05:50:43	Name: __cf_bm Value: qYB6eGpWpnplXb_gKfEBUENpD4etsyk7aA5dg6xpr9w-1662642160-0-AaBy/HbTLf1qb7j6uQolsT7+vmQRWH4OJ8XGN8GFAfGl1Dg7xD/qIOVH95VLDM8sgC/QhcOqliyjpxMDgudYC/4Yw3CJxxArTdmbjMySwhCP6iYK2/AujlvFvrjMSrUiQA==
.doubleclick.net/	1970-01-20 15:12:18	Name: IDE Value: AHWqTUmyw_Hu1-z3h_6GKFQbqTmtK-5cENriUYq8TbqE6xJY5N752u07c3uJ70qh1zI
.casalemedia.com/	1970-01-20 14:36:18	Name: CMID Value: Yxnn8czJp5dqOzAziuVRXQAA
.casalemedia.com/	1970-01-20 08:00:18	Name: CMPS Value: 5138
.casalemedia.com/	1970-01-20 08:00:18	Name: CMPRO Value: 5138
.adnxs.com/	1970-01-20 08:00:18	Name: anj Value: dTM7k!M41.D>6NRF']wIg2IlewvZS=!]tbPl1M>e)ZlrFUfJ+tGXxoaI6`%bb?PoBVF+Rm@k3`V^1:BMaaU<[h^)MV3If)y3KL9D3I?+B*e'2r
.quantserve.com/	1970-01-20 08:00:18	Name: d Value: EDkBCQGGJ4EA
.quantserve.com/	1970-01-20 15:20:56	Name: mc Value: 6319e7f1-4b6ea-10d3f-0bcca
.casalemedia.com/	1970-01-20 08:00:18	Name: CMTS Value: 5145
.adnxs.com/	1970-01-20 08:00:18	Name: uuid2 Value: 1517567567139740618
.e.dlx.addthis.com/	1970-01-20 15:20:56	Name: na_tc Value: Y
.addthis.com/	1970-01-20 15:20:56	Name: na_tc Value: Y
.dlx.addthis.com/	1970-01-20 06:33:54	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 06:33:54	Name: na_sr Value: 20220908
.dlx.addthis.com/	1970-01-20 05:50:42	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 06:33:54	Name: na_sc_e Value: 0
.addthis.com/	1970-01-20 15:20:56	Name: na_id Value: 2022090813024200061981901484
.addthis.com/	1970-01-20 15:20:56	Name: uid Value: 6319e7f22fe469bb
.addthis.com/	1970-01-20 15:20:56	Name: ouid Value: 6319e7f200016c38cd49898a31cb269c86d3b70e6758e2809545

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4DYg-t_5BkYhtk90VbOPtSUafSsNenV4uNMp48cfwqYa9_j20Mr2Tyrq7SAhoaMJx0CMn2sjI2gTZlm0YJZdHJdS7BTmeao&google_gid=CAESEAVunluCsykiRXoAryZ7R2w&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
bit.ly
cm.g.doubleclick.net
cms.quantserve.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
mts0.google.com
ois.is
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
powahtoys.com
qa.aly2um.com
rtb.openx.net
s0.2mdn.net
ssum-sec.casalemedia.com
static.adsafeprotected.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.18.19.126
122.128.105.117
142.250.184.194
142.250.185.194
142.250.185.66
185.64.190.78
23.7.201.234
2600:1f13:800:7782:ef30:5aef:8f46:e8d3
2600:9000:223f:1e00:8:48e:53c0:93a1
2606:4700:3030::6815:3954
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:800::2006
2a00:1450:4001:801::2003
2a00:1450:4001:801::2008
2a00:1450:4001:801::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:831::2002
2a00:1450:400e:800::200a
2a06:98c1:3121::c
35.186.253.211
35.244.174.68
37.252.173.22
52.17.188.115
52.211.246.129
67.199.248.11
69.173.144.138
01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6
03432474ec9f60ee729e17904a239e0b37cd07468e2c9809e5cc2a166e1a8e9d
034ae21739010d774ace7bbcaaf86ab1bf8c1f7af87eddb952a15345d4115154
069b1d320215b1b841cdd04ec7cd4d8e7406bfa804b03231244ca95877ea0dba
075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce
0836d2070d6754e9355c30c8b2c34174428c5e78e25b6668aba9d10fb7cd6d78
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f7c46aab0f042d4e5ca4a2be0ceb31b12c3670dda99d41d57e789fcb028963d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1650a2bc457aa28b1f50c92cd2a2cbf1158664b717627f4cca2c9748a8eb8b5f
1aada9922d43e2107b82a139dff7179ed9dddb86da040ec3e5e98e0f57e420d3
223699d3b640bd75dd3c7615cbbf5c37bfead5c28bfcf807c5ada05d021cbdf7
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
277261cce4cf3ecea81b535dab0f81d27a9df3f8c02170f49237e3437fe76765
29e95cc356a091a7843c1a459efa0ebbfa5256601adf4d5396a3df030f13f6f7
2c335ea063e90161b55fa600cf469c4652a2663733dd7549511af291504d3916
38435f666054cc73e68ed24f7c1d0582533c58beb3daeac9c2353b9e3b70bb46
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
400b356ca22f3e2283d3822a337d97c84c6c03c6ce51d79dae917a50d04f982d
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040
436075fc0dda8a11aac078f6e27aedde578c04ea9a9dd02134a1a2d00343018b
4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38
476e4379a0ef1b75a78f9d8df86027b89ace5ec01d16bc3e15f7d851b362529d
4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4df4f831ed5cdb639c42779819720daea3b9850e12cafe851ea4b242ccaa166e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
5274190adf363a0500f3b127838936373d5fbd4c717d60c58d974318d1acc2bb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
585aabd899edffe4cffa8c055e5b0ce9394022a443ddce7aaa29eb84a3d8a198
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4
69886818ed38cb023e049fe78461dbf8f38b87784498d6ffb87b8933932e5907
6aed3a238eccdba51ccad99da44ae89e563a5e561cff593bdaa35982b8cc16f5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
761cf86e47c25878fc2eaca46854bf0cdadfa30ea2202d034b9ef74b57840ec0
7d3f0c278eba7ca4904ef08e954e5d21231a363ddf14d74592de748ec54aa299
7e508d201accb5600e414e6e700aa56eb05d8c572a82f708cfc156834caa442e
824de40e353f2eaaf4828f927a03331984b995bf7fc59edc4ff08f9e178822db
829faafbb39055b06c83f4b6b208d52dc50e0119499f827d573888f5846d3a15
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
90ffe9c3c7fc061d72993059a62d15675b509f98a1da6dd20794d067bf482b81
94ae8e248d081ccb4096fb784379fac2dc61da4bba62eee5d920b5c89a142215
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a711420f555136caf18ad4466aed0f11e2da7b05961e62751954b660222cb92
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c5cd3351a343011cbc0046d12c2b8bc8d7a968a09009ddb117fb1dc49fd1333
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c
aa3777d578531c63cb5b48a28d1f0135a9769ca2ee44ae916aadb341089140e1
adf3df81d4eee382cd842b483a71d4b87c94eca18449341fdeda719346aba1df
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
bfc613b5b1d126af6d5fb0ad87d9a6be84f4175c5ff1fa2a11fd9bfc2646eabf
c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d
c84c1026e0a4c60ec0ee85c8b41c1904144aa63184260c95840924b42bd32d33
ca03d153db387c54be71a973201bf9e461a5546ecd43a8fc9919c8297caa5218
cac5f3269aef806bc9112e8868357bfb9dbb4530a028dc0fb7c4508b2eea8d84
ce8d9891902e2f7c5bc2f0ef659444e23f1de3e07a7a17bcf715997385cfa60c
cf6704fe652abeeafd5333fd67102d36f4e31e77361e1da78ff68db899cc5e6a
dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e370c81321b940bfffa16037e9e0c265b2256ff4d545d9768dba9ee441392588
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bd8351a70f5ad258d6ff6ad69a39f7cf3e892621971a00a3e8ab2274b1c00d
e5474df3e5c7c308555d215a3678fd756ced7ceded39063c36587f529955695e
e6e1982854b798d9fd7eee3bfb6100889d0cef4befe64d4a8d1a6f42e3c2e216
e6eeaa5674c18d7848c4d9957dafc977af013b9633a624f3b14112047c73bce7
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d
ed0a8602e62121e2c945e3190cd25cb00877c41b1483d66541a49486c4d928b7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1904a820a1f4b161f319ff251a5b500ea177e6aaf15811e5ba06e4683083f20
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
ff6db6c1dd0910b5619dafb5284abf59aa7bb8c6d3d0122c1ba5983cddaaa2a3

qa.aly2um.com Open in urlscan Pro 2606:4700:3030::6815:3954 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

122 Requests

90 %HTTPS

58 %IPv6

25 Domains

34 Subdomains

29 IPs

7 Countries

1198 kBTransfer

2916 kBSize

28 Cookies

2 Outgoing links

Page URL History

Redirected requests

122 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

qa.aly2um.com Open in urlscan Pro
2606:4700:3030::6815:3954 Public Scan

Screenshot
Live screenshot

Full Image

122
Requests

90 %
HTTPS

58 %
IPv6

25
Domains

34
Subdomains

29
IPs

7
Countries

1198 kB
Transfer

2916 kB
Size

28
Cookies

122 HTTP transactions
6 data transactions