zin.aly2um.com Open in urlscan Pro
2606:4700:3030::6815:3954 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://upfasia.org/home/email/*
Effective URL:
https://zin.aly2um.com/282/what-are-the-ways-to-profit-from-the-internet?qa-rewrite=282/what-are-the-ways-to-profit-fro...
Submission: On December 13 via automatic, source openphish (December 13th 2022, 1:20:15 pm UTC) — Scanned from DE

Summary HTTP 146 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 33 IPs in 7 countries across 45 domains to perform 146 HTTP transactions. The main IP is 2606:4700:3030::6815:3954, located in United States and belongs to CLOUDFLARENET, US. The main domain is zin.aly2um.com.
TLS certificate: Issued by E1 on November 26th 2022. Valid for: 3 months.

This is the only time zin.aly2um.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	185.149.112.124 185.149.112.124	55293 (A2HOSTING) (A2HOSTING)
1	172.96.189.69 172.96.189.69	20068 (HAWKHOST) (HAWKHOST)
4	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1 6	2606:4700:303... 2606:4700:3030::6815:3954	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::6815:3a73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2606:4700:303... 2606:4700:3037::ac43:a190	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
14	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	2a05:d018:d29... 2a05:d018:d29:3602:2799:7e74:3a60:9ac2	16509 (AMAZON-02) (AMAZON-02)
1 21	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2 2	213.155.156.184 213.155.156.184	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1 1	2600:9000:20e... 2600:9000:20eb:9000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	52.209.22.234 52.209.22.234	16509 (AMAZON-02) (AMAZON-02)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2 2	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2 2	3.68.131.166 3.68.131.166	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
9	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
4 4	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
4 4	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2	88.99.63.132 88.99.63.132	24940 (HETZNER-AS) (HETZNER-AS)
1 1	95.100.75.47 95.100.75.47	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:7e05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 2	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
2	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:1f82:7aa0:f039:aca9	16509 (AMAZON-02) (AMAZON-02)
5 5	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
1	185.86.137.108 185.86.137.108	201081 (SMARTADSE...) (SMARTADSERVER)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
146	33

1 185.149.112.124 (United States)

ASN55293 (A2HOSTING, US)
PTR: server.jobtrendzdgtl.com

upfasia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.96.189.69 (United States)

ASN20068 (HAWKHOST, CA)
PTR: 172.96.189.69-static.reverse.arandomserver.com

qis.is	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3030::6815:3954 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

qa.aly2um.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zin.aly2um.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:3a73 (United States)

ASN13335 (CLOUDFLARENET, US)

document.show	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:3037::ac43:a190 (United States)

ASN13335 (CLOUDFLARENET, US)

zin.aly2um.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:2799:7e74:3a60:9ac2 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.185.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.184 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-184.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:9000:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.22.234 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-22-234.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.20 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.68.131.166 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-131-166.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.254 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.6 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.200.5.215 (Germany) 4 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.63.132 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads3.sunbonet.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.75.47 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-75-47.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7e05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:c5a4:625:6563:a5bb (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:1f82:7aa0:f039:aca9 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 213.19.147.44 (United Kingdom) 5 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.108 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 cm.g.doubleclick.net — Cisco Umbrella Rank: 215 ad.doubleclick.net — Cisco Umbrella Rank: 164	119 KB
35	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 tpc.googlesyndication.com — Cisco Umbrella Rank: 139	384 KB
17	aly2um.com 1 redirects qa.aly2um.com zin.aly2um.com	112 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 39598 ad4m.at — Cisco Umbrella Rank: 13213 assets.ad4m.at — Cisco Umbrella Rank: 53836	390 KB
12	gstatic.com www.gstatic.com fonts.gstatic.com	182 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	3 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	187 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 503	2 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28	20 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	128 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 795 s.tribalfusion.com — Cisco Umbrella Rank: 1875	1 KB
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 936	1 KB
2	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 951	417 B
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 644	798 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 743 r.turn.com — Cisco Umbrella Rank: 3406	869 B
2	lead-alliance.net 2 redirects www.lead-alliance.net — Cisco Umbrella Rank: 100007	681 B
2	telefonica-partner.de 2 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 102606	440 B
2	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 727	677 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 718	2 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 430	2 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 350	959 B
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2400	789 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5026	647 B
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 418	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 323	529 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 16255	556 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2681	104 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 803	75 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1505	296 B
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 83918	1 KB
1	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 16963	694 B
1	blau.de partner.blau.de — Cisco Umbrella Rank: 127691	1 KB
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 119303	1 KB
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1545	350 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1918	173 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 61397	612 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 447	863 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 677	442 B
1	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 129094
1	google.de adservice.google.de — Cisco Umbrella Rank: 11832	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 840	694 B
1	document.show document.show	713 B
1	qis.is qis.is	777 B
1	upfasia.org upfasia.org	813 B
146	45

	Domain	Requested by
21	cm.g.doubleclick.net	1 redirects zin.aly2um.com googleads.g.doubleclick.net
21	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
16	zin.aly2um.com	www.google.com zin.aly2um.com upfasia.org
14	pagead2.googlesyndication.com	zin.aly2um.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com upfasia.org googleads.g.doubleclick.net
9	fonts.gstatic.com	fonts.googleapis.com
6	assets.ad4m.at	as.ad4m.at
4	ad.doubleclick.net	4 redirects
4	ad4m.at	as.ad4m.at ad4m.at
4	www.googletagservices.com	googleads.g.doubleclick.net
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	www.google.com	qis.is googleads.g.doubleclick.net tpc.googlesyndication.com
3	sync.1rx.io	3 redirects
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	zin.aly2um.com document.show www.googletagmanager.com
2	sync.targeting.unrulymedia.com	2 redirects
2	odr.mookie1.com	googleads.g.doubleclick.net
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	www.lead-alliance.net	2 redirects
2	www.telefonica-partner.de	2 redirects
2	onetag-sys.com	2 redirects
2	pm.w55c.net	2 redirects
2	secure.adnxs.com	2 redirects
2	eb2.3lift.com	2 redirects
2	match.360yield.com	2 redirects
2	d5p.de17a.com	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	match.adsrvr.org	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	ssbsync.smartadserver.com	googleads.g.doubleclick.net
1	ag.innovid.com	googleads.g.doubleclick.net
1	r.turn.com
1	ad.turn.com	1 redirects
1	www.conrad.de	as.ad4m.at
1	www.awin1.com	1 redirects
1	partner.blau.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	rtb.openx.net	googleads.g.doubleclick.net
1	tr.blismedia.com	googleads.g.doubleclick.net
1	gcm.ctnsnet.com	1 redirects
1	sync.mathtag.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	prod-rtb.ad4mat.net	upfasia.org
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	document.show	zin.aly2um.com
1	qa.aly2um.com	1 redirects
1	qis.is	upfasia.org
1	upfasia.org
146	55

This site contains links to these domains. Also see Links.

Domain
www.q2amarket.com
www.question2answer.org

Subject Issuer	Validity	Valid
cutlinks.ca cPanel, Inc. Certification Authority	`2022-12-12` - `2023-03-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.aly2um.com E1	`2022-11-26` - `2023-02-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.document.show GTS CA 1P5	`2022-10-15` - `2023-01-13`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-10-15` - `2023-01-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-10-16` - `2023-01-14`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://zin.aly2um.com/282/what-are-the-ways-to-profit-from-the-internet?qa-rewrite=282/what-are-the-ways-to-profit-from-the-internet&show=283
Frame ID: 802BC6B53EAB9D5C23112B643BE53349
Requests: 31 HTTP requests in this frame

Frame: https://zin.aly2um.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1670932800
Frame ID: 1976F62A3B68A390E8B6FA7EC5DE88A6
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: E755EFE94D56DD3A029F68138EFCF30B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&adk=1812271804&adf=3025194257&lmt=1670937610&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610061&bpp=4&bdt=243&idt=190&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1374757132781&frm=20&pv=2&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=212
Frame ID: B086AC41CC414AC7C8FBA9B2F4F8D172
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=640&slotname=2365019599&adk=931938384&adf=3674521187&pi=t.ma~as.2365019599&w=320&lmt=1670937610&format=320x640&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610065&bpp=1&bdt=246&idt=423&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfnEr%7C&abl=NF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YAkMvPlUZD&p=https%3A//zin.aly2um.com&dtd=428
Frame ID: 4C32EA9DC651B292E45EFA397D999939
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=748x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610066&bpp=2&bdt=248&idt=436&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=dM6szvdXjl&p=https%3A//zin.aly2um.com&dtd=442
Frame ID: 9BCCCC8CE04AAF80EF8B9FB8225B598D
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=1494116191&adf=318908456&pi=t.ma~as.8056121513&w=708&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=708x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610068&bpp=1&bdt=250&idt=447&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=2613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=rKEU3RRVTo&p=https%3A//zin.aly2um.com&dtd=451
Frame ID: D79776C48E1AD8B17EFBE79AAD241B65
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=488872744&adf=1056458448&pi=t.ma~as.8056121513&w=1004&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=1004x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610069&bpp=1&bdt=251&idt=455&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0f85da2c0f5c613-2235508ffad90014%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MaFea2_a-5Gk0bO8liZeeOSA2Cemw&gpic=UID%3D00000b91b5a5521f%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MYlwjHyBEdS_i-MludlzjmyJVvvhA&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=4002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RIkFbkpX36&p=https%3A//zin.aly2um.com&dtd=458
Frame ID: DC3CEDE67B2BF3EDA85178E8AC4E7F2D
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C1GvhCnyYY7ykIJPm6wTMoqPwAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxMjgwNTU2MjM3OTA1NjbIAQmpAjSmC2Z_rrE-qAMBqgSwAk_Q_vkUj_myxmGl2sU7Y1WL_6d2cRrPklMBTvhu3TEZbY1PxfTCZXYaHEi3Dj3rxtNKVK_604yadWlldetC9KqYrd7jc-VhOMMThFfBwGqkkauKgCmbYiAn7hyETPRq0HmV6891aKOvZwqCbgaXTQZ7M174ylYFvLmmekz1_WZgAos-ayOBBMF6UXRplyG4Ky7DurTKYoWN-_6oP-80DqeJyf57OWB2jVE_2J6lcJlPqge5kfVfZKsBLkJT-9oXBLV_8BV27vh8a1Ir7qYHC4Nk1ksSCh17aBrcuvEzAi720FPjpQ9qSCJAPLBSyH4cNPAU2L78vFEKagDfKQOfElEx6CqO2410zGIWU0GGRxWgfIjyKO6owqfWeJnVJsPc8sIReEqCLGQITPhTANnXbXCABqW1lt3sx4bT_gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTgxMjgwNTU2MjM3OTA1NjYYAA&sigh=edZbXgHRtYc&uach_m=[UACH]&cid=CAQSKQDq26N9i-uKF49385eP40kgh2ovIBwIW9rALmKqq7wt5KUMB6qXacb0GAEgEw
Frame ID: 0BFF738720310990643DAACEFB04EC5B
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hghz6gqk7vjdgmfdvrbz9bvesm47ngs9cz1cydzsf7vm7ntk1y5zqjw5esq37t75p8gfr8g2hrh7tekfe22gz87bv26xv7sssrbw0zm9tqk84whek7wtgn1mjrze859gv3e2szwczf40ccxk6zjdyxqtrmgf2hbx43mhh6aapnkw3tge45fymgpzg4pj6bp1bs4r8m28jkhec55ncmhcttyyx4c0gj9n8g77xvr710z0xc9ygrr3vpk0y1e36ek7qhc5s8rnxww3f0s0r0wphbnv9w9e7etsjnaf3e612sbvpq00e7tj18xp07kznmmn18zn8j84ce0j2g1yqytk70y0qt9sbfa479nv03h0gk3vn1sz55pm8drta64q48bvaggge94ec5xe8maypd1fgqse7da553mfkejdddjqj9yydc6qv1kt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdrTfCnyYY7ykIJPm6wTMoqPwAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxMjgwNTU2MjM3OTA1NjbIAQmpAjSmC2Z_rrE-qAMBqgSzAk_Q_vkUj_myxmGl2sU7Y1WL_6d2cRrPklMBTvhu3TEZbY1PxfTCZXYaHEi3Dj3rxtNKVK_604yadWlldetC9KqYrd7jc-VhOMMThFfBwGqkkauKgCmbYiAn7hyETPRq0HmV6891aKOvZwqCbgaXTQZ7M174ylYFvLmmekz1_WZgAos-ayOBBMF6UXRplyG4Ky7DurTKYoWN-_6oP-80DqeJyf57OWB2jVE_2J6lcJlPqge5kfVfZKsBLkJT-9oXBLV_8BV27vh8a1Ir7qYHC4Nk1ksSCh17aBrcuvEzAi720FPjpQ9qSCJAPLBSyH4cNPAU2L78vFEKagDfKQOfElEx6CqO2410zGIWEUOn1cJZ-8g6r6Y-GO5EiqDBLG7W3NrM-IjLvpycUtRL1QVILbhyVpCABqW1lt3sx4bT_gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1hALIwRquZqsYTqmweESdjdD9-1g%26client%3Dca-pub-8128055623790566%26adurl%3D
Frame ID: 695E0241CF6900801AEC4EF1A0D52C03
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3AA6646894ADC086E64585CBDB10E9A0
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 83391AF3781BC9E109EAF58C65ECE975
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6292CC674848A0F83242DE83336D88CA
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: 348A56A27BA204B9EFD68D11AADACCCA
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=600&e=&g=bf92725a7f1b2e1fb403a7607fad7f85%2F11620189090447810728&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1670937611204&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8g0xs2a7v8raa2fsmn3vydpdfgvkabn5khms7v0dgdfytdgy6ymkcrh8gpz06hf16ane1433t6f12yajc8s4htk6wy442phh9f6rme6d1arkzw9byr5xvc0ywen0dz52zr09px6b4v53wm0p1xs47qq0hvngyty4e77d5typy5p3tsbkqbgcavha7hg3k197af91d6pthsqdbf33ctr5shwbzjnma7njcznqcdjgsy8aqmpkddfwrqch35cxn1cm98fxm2rd7eemb3rdz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdrTfCnyYY7ykIJPm6wTMoqPwAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxMjgwNTU2MjM3OTA1NjbIAQmpAjSmC2Z_rrE-qAMBqgSzAk_Q_vkUj_myxmGl2sU7Y1WL_6d2cRrPklMBTvhu3TEZbY1PxfTCZXYaHEi3Dj3rxtNKVK_604yadWlldetC9KqYrd7jc-VhOMMThFfBwGqkkauKgCmbYiAn7hyETPRq0HmV6891aKOvZwqCbgaXTQZ7M174ylYFvLmmekz1_WZgAos-ayOBBMF6UXRplyG4Ky7DurTKYoWN-_6oP-80DqeJyf57OWB2jVE_2J6lcJlPqge5kfVfZKsBLkJT-9oXBLV_8BV27vh8a1Ir7qYHC4Nk1ksSCh17aBrcuvEzAi720FPjpQ9qSCJAPLBSyH4cNPAU2L78vFEKagDfKQOfElEx6CqO2410zGIWEUOn1cJZ-8g6r6Y-GO5EiqDBLG7W3NrM-IjLvpycUtRL1QVILbhyVpCABqW1lt3sx4bT_gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1hALIwRquZqsYTqmweESdjdD9-1g%2526client%253Dca-pub-8128055623790566%2526adurl%253D&y=1&s=&z=0
Frame ID: 15F5FCEFDDCC52DDB4CAB3CB21F65BB5
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A697D317AA833E620D01005FDD33F459
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8F0A60FEF1ECE2DCE546F24B1F6C3C74
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: 8AC1EB1F783A3BFF1823F66402C876C9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: 0380E791852B74E55C1E3084161533D0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 55C8A2F728EFD57DEE0BD4FDAA9A2439
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 76567AF3F5F134CD870E6320C8A1CD07
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

What are the ways to profit from the Internet? - Aly2um Q&A

Page URL History Show full URLs

http://upfasia.org/home/email/* Page URL
https://qis.is/63H5U Page URL
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwjO8eX6-ZH7AhULQvEDHahhB18... Page URL
https://qa.aly2um.com/282/what-are-the-ways-to-profit-from-the-internet?show=283 HTTP 301
https://zin.aly2um.com/282/what-are-the-ways-to-profit-from-the-internet?qa-rewrite=282/what-are-th... Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

146
Requests

85 %
HTTPS

53 %
IPv6

45
Domains

55
Subdomains

33
IPs

7
Countries

1537 kB
Transfer

3327 kB
Size

44
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.q2amarket.com/
Title: Q2A Market

Search URL Search Domain Scan URL

URL: http://www.question2answer.org/
Title: Question2Answer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://upfasia.org/home/email/* Page URL
https://qis.is/63H5U Page URL
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwjO8eX6-ZH7AhULQvEDHahhB18QFnoECAkQAQ&url=https%3A%2F%2Fqa.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fshow%3D283&usg=AOvVaw3kfKiVK6AH5fw9aeQcyNi5 Page URL
https://qa.aly2um.com/282/what-are-the-ways-to-profit-from-the-internet?show=283 HTTP 301
https://zin.aly2um.com/282/what-are-the-ways-to-profit-from-the-internet?qa-rewrite=282/what-are-the-ways-to-profit-from-the-internet&show=283 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEC1bbsbjmtvPKEj20cYZ72E&google_cver=1&google_push=AavPq0Msf3uRpB5POXq4q-J4_cAEDe8XPx8jMI5WeJ-DiEdi_s6LEwbAr7BItGihVWwf9hERfQu9Eci45PnhltNFtiZFtTUi9YIe6Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Msf3uRpB5POXq4q-J4_cAEDe8XPx8jMI5WeJ-DiEdi_s6LEwbAr7BItGihVWwf9hERfQu9Eci45PnhltNFtiZFtTUi9YIe6Q&google_hm=eS01MlVqb0cxRTJwRUp4ZUpEd3J2Z1piU1ZhbXlTMWpQX35B

Request Chain 45

https://d5p.de17a.com/cookies/google?google_gid=CAESEDHBE2ug8So7OdVLDTrhNiw&google_cver=1&google_push=AavPq0Mfs0mg4apxD9_MHg1GNqqSXUmaGWcUVmzP8oK7-Vy1jqVS5ppnaf1Gip5rZe762_qDNfE6XG65D8WBzXzDCFUnci9tKdSS HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDHBE2ug8So7OdVLDTrhNiw&google_cver=1&google_push=AavPq0Mfs0mg4apxD9_MHg1GNqqSXUmaGWcUVmzP8oK7-Vy1jqVS5ppnaf1Gip5rZe762_qDNfE6XG65D8WBzXzDCFUnci9tKdSS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0Mfs0mg4apxD9_MHg1GNqqSXUmaGWcUVmzP8oK7-Vy1jqVS5ppnaf1Gip5rZe762_qDNfE6XG65D8WBzXzDCFUnci9tKdSS

Request Chain 46

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBXQu0-jqIXpHpYQ33VkygQ&google_cver=1&google_push=AavPq0NNGAi9ppme9y5Eh_st1dR-bFjgVrTZ9cZJwyXFGd3_5aNwM3fiZcwxeKZy_QzhKMWQ4dHUaammfbIF4ycn5RtkLo94RLwgZA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0NNGAi9ppme9y5Eh_st1dR-bFjgVrTZ9cZJwyXFGd3_5aNwM3fiZcwxeKZy_QzhKMWQ4dHUaammfbIF4ycn5RtkLo94RLwgZA

Request Chain 47

https://match.360yield.com/match/ebda?google_gid=CAESEMp_trWJb_owys8pAtIHYSo&google_cver=1&google_push=AavPq0M2GQdTCNEv_8GOPebvqC-FOkXJ6zDU2084oGdXZgU2atRXla4RtngIVtXy-kInZhojxVQhoUUUSLvZmGDz8RWpNtdBzkLX HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEMp_trWJb_owys8pAtIHYSo&google_cver=1&google_push=AavPq0M2GQdTCNEv_8GOPebvqC-FOkXJ6zDU2084oGdXZgU2atRXla4RtngIVtXy-kInZhojxVQhoUUUSLvZmGDz8RWpNtdBzkLX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=3OFqP0qVT0msTbpdrFPyKQ&google_push=AavPq0M2GQdTCNEv_8GOPebvqC-FOkXJ6zDU2084oGdXZgU2atRXla4RtngIVtXy-kInZhojxVQhoUUUSLvZmGDz8RWpNtdBzkLX

Request Chain 48

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEF6I64D8ks4zisXKdVTCgCY&google_cver=1&google_push=AavPq0PfWjlWqqiYKDBGHvga5lwN187oaAAQIIhhKmlY3wdpGZu6drFkD5LBGdLYl7FG6phq5JCyAcOgS6MDKorQZmxkC0Y_Qry1QA HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0PfWjlWqqiYKDBGHvga5lwN187oaAAQIIhhKmlY3wdpGZu6drFkD5LBGdLYl7FG6phq5JCyAcOgS6MDKorQZmxkC0Y_Qry1QA&google_gid=CAESEF6I64D8ks4zisXKdVTCgCY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE3NDEzMzU3NTM1Nzk2MTQxOTQ1NA%3D%3D&google_push=AavPq0PfWjlWqqiYKDBGHvga5lwN187oaAAQIIhhKmlY3wdpGZu6drFkD5LBGdLYl7FG6phq5JCyAcOgS6MDKorQZmxkC0Y_Qry1QA

Request Chain 49

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEAyrRFZi3_PWvdTXjEE2aYY&google_cver=1&google_push=AavPq0OmpmcT_Pp2RURA6HVBi2FGUEcMPnE8-2CV64TjcgBBiWpVcft9z1YGehIUmts3JAchcMpxvN5q-L7GJNJ0IBGQfwb1lZ2Ms1A HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEAyrRFZi3_PWvdTXjEE2aYY%26google_cver%3D1%26google_push%3DAavPq0OmpmcT_Pp2RURA6HVBi2FGUEcMPnE8-2CV64TjcgBBiWpVcft9z1YGehIUmts3JAchcMpxvN5q-L7GJNJ0IBGQfwb1lZ2Ms1A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzQ4MzQzODk5MzUwNDM1Mjk1Mg%3D%3D&google_gid=CAESEAyrRFZi3_PWvdTXjEE2aYY&google_cver=1&google_push=AavPq0OmpmcT_Pp2RURA6HVBi2FGUEcMPnE8-2CV64TjcgBBiWpVcft9z1YGehIUmts3JAchcMpxvN5q-L7GJNJ0IBGQfwb1lZ2Ms1A

Request Chain 69

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJGlEa3lLFI-pgOblmU11f0&google_cver=1&google_push=ASkJ3FbbDhVjG7XLct8sl4zQTv--K11i1SNXO7otTpgUZE3KMeSTaM1oO8h1F62jGwdeEsnOVQngqDjN03DiXLDBS36YZC8t3tT4bOM HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJGlEa3lLFI-pgOblmU11f0&google_cver=1&google_push=ASkJ3FbbDhVjG7XLct8sl4zQTv--K11i1SNXO7otTpgUZE3KMeSTaM1oO8h1F62jGwdeEsnOVQngqDjN03DiXLDBS36YZC8t3tT4bOM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eWxFbkZEa3kxUDU1Y0Q1&google_gid=CAESEJGlEa3lLFI-pgOblmU11f0&google_cver=1&google_push=ASkJ3FbbDhVjG7XLct8sl4zQTv--K11i1SNXO7otTpgUZE3KMeSTaM1oO8h1F62jGwdeEsnOVQngqDjN03DiXLDBS36YZC8t3tT4bOM

Request Chain 70

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBfGUYXHta2D_3Lvh4RQ-Ys&google_cver=1&google_push=ASkJ3FZcIUMKSzMHJhB0g9SYf8b_AmQvhAXv1c2aEVZaKynsDkH1eO_sSy3Ix7pOrJjlPJKsF8c3lJJZoBDVx_UUetQLvsFQP-kyrXc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FZcIUMKSzMHJhB0g9SYf8b_AmQvhAXv1c2aEVZaKynsDkH1eO_sSy3Ix7pOrJjlPJKsF8c3lJJZoBDVx_UUetQLvsFQP-kyrXc

Request Chain 71

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELREaY0S4KPi8OApJEsLJz4&google_cver=1&google_push=ASkJ3Fb9hSJOs-3CxJW0uSriVVa_IuNlE8MYeJnfsiJGxkUmqfO5U8SCZvAtHqHUnZHT85XyYqQnUd_j9swxqwYQmpAXXdVxwoqAnU8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3Fb9hSJOs-3CxJW0uSriVVa_IuNlE8MYeJnfsiJGxkUmqfO5U8SCZvAtHqHUnZHT85XyYqQnUd_j9swxqwYQmpAXXdVxwoqAnU8&google_hm=VgGjozbBT96M_3ziFQF6Yyw

Request Chain 73

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGg2HmKuu86v3v3Yt3NuPq4&google_cver=1&google_push=ASkJ3FaFKc3OAfukWKT2EWvZuM2b6_GblSrfIjLE5NtEfiCcjtQFzNCrDqjnuovNtdRSBmA-2SicrdIrYz1IYsKlDX-pPb4NZPcqWw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FaFKc3OAfukWKT2EWvZuM2b6_GblSrfIjLE5NtEfiCcjtQFzNCrDqjnuovNtdRSBmA-2SicrdIrYz1IYsKlDX-pPb4NZPcqWw&google_hm=eS1ISHlHSW5aRTJwR3ZEOFltX01mSnFrTzFiYUJKV2ZRQX5B

Request Chain 75

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEO4trDRkIwVHJp9pbSXltBA&google_cver=1&google_push=ASkJ3FYnEGqyrmpq09E8YUx3FCsSPM2sUkiZYFnBydSYikGBOYPAnn1bF_swguXRIQFloKu8G5Dfi96Htcs_rnSCW72BHYPWfRB6hR8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FYnEGqyrmpq09E8YUx3FCsSPM2sUkiZYFnBydSYikGBOYPAnn1bF_swguXRIQFloKu8G5Dfi96Htcs_rnSCW72BHYPWfRB6hR8

Request Chain 85

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CPGiktbX9vsCFQ0b4AodRa0Nkg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022121314201179466590193X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022121314201179466590193X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=120211&partnerid=12218

Request Chain 88

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CNmlktbX9vsCFZyXdwodSVcMMQ;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dreach_SUBIDTEST_view HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022121314201179466590195X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0

Request Chain 91

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1670937611_df390210-7ae8-11ed-9f2f-2266c0ccb091&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 111

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEC425pA2MTasfjoLja_o2zo&google_cver=1&google_push=ASkJ3FbN8ZZMJirI6_EIDaKSelRFJ03_z9fN6VRwPdhDhLebirCU4kfJ3jvuKWNgf5KIry9KUErX3lTXChCocIvqUEoXjOq6mFIzdQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDA0NDc0Mzk2MzY3NDExMDIzNQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEClIJfN0TnzaQNoNKx7zpeU&google_cver=1

Request Chain 115

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGEtX8MXQe4Nxj3jSz2gXLs&google_cver=1&google_push=ASkJ3FYSITDZ1VfhL6d0fPmmDhHbS4DWJPUl2Cgw6LxvlVZCy4Lq6Y59hZLYqBLmfg6nmwf2Ec46yHYos9mODREE3hNbBNQc84BcLRk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FYSITDZ1VfhL6d0fPmmDhHbS4DWJPUl2Cgw6LxvlVZCy4Lq6Y59hZLYqBLmfg6nmwf2Ec46yHYos9mODREE3hNbBNQc84BcLRk

Request Chain 116

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESELpldrmaBjTaKlBGew-PCWc&google_cver=1&google_push=ASkJ3FbHo_QLgigAsrC3CyFIo_kXYBPj9lh99nXPRgYsOkHOMznTpvfp4ZadkpGNgT1nDweX2PAXWRixaNpJz9STPoFOUDi8_kDT1sI HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ASkJ3FbHo_QLgigAsrC3CyFIo_kXYBPj9lh99nXPRgYsOkHOMznTpvfp4ZadkpGNgT1nDweX2PAXWRixaNpJz9STPoFOUDi8_kDT1sI&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1670937611563 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-99563dfd-7979-43f8-87e7-574e1715eeea-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3FbHo_QLgigAsrC3CyFIo_kXYBPj9lh99nXPRgYsOkHOMznTpvfp4ZadkpGNgT1nDweX2PAXWRixaNpJz9STPoFOUDi8_kDT1sI%26google_hm%3DA5lWPf15eUP4h-dXThcV7uo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FbHo_QLgigAsrC3CyFIo_kXYBPj9lh99nXPRgYsOkHOMznTpvfp4ZadkpGNgT1nDweX2PAXWRixaNpJz9STPoFOUDi8_kDT1sI&google_hm=A5lWPf15eUP4h-dXThcV7uo

Request Chain 130

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELFhklS3xRjS0opa30O54Sk&google_cver=1&google_push=ASkJ3FZRDlbwizwnffnTWIucKLCAFJdrhmQGBHQM8dZbi0CHLnIsRsoUx7PQQDScHjolfkkE-DpbdSZfaWuZ53gxnxJSbxnUwnzFNFyr HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FZRDlbwizwnffnTWIucKLCAFJdrhmQGBHQM8dZbi0CHLnIsRsoUx7PQQDScHjolfkkE-DpbdSZfaWuZ53gxnxJSbxnUwnzFNFyr&google_hm=1eJMbCtXBWR60ule1RUnuQ

Request Chain 132

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGulKU7wlLc7dUAdmpIlwko&google_cver=1&google_push=ASkJ3FYHHFZGZjQIBmX86fQ5waHCo1mt_kkC8HNGd5U0OHrFBvn2TLOY5sLLQWJBYUoh3JyCiG7CzKOjUgvOTLaqiNtSThP0YL96aT9t&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FYHHFZGZjQIBmX86fQ5waHCo1mt_kkC8HNGd5U0OHrFBvn2TLOY5sLLQWJBYUoh3JyCiG7CzKOjUgvOTLaqiNtSThP0YL96aT9t%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGulKU7wlLc7dUAdmpIlwko&google_cver=1&google_push=ASkJ3FYHHFZGZjQIBmX86fQ5waHCo1mt_kkC8HNGd5U0OHrFBvn2TLOY5sLLQWJBYUoh3JyCiG7CzKOjUgvOTLaqiNtSThP0YL96aT9t&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FYHHFZGZjQIBmX86fQ5waHCo1mt_kkC8HNGd5U0OHrFBvn2TLOY5sLLQWJBYUoh3JyCiG7CzKOjUgvOTLaqiNtSThP0YL96aT9t%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 134

https://ads.travelaudience.com/google_pixel?google_gid=CAESEE4O84mA6-nErKfh7yJGK1E&google_cver=1&google_push=ASkJ3FZhAr1Ex_VhQLJE7Yqs048Du718k6G_5oe_RmOsO8u2qopF_L80OGZUfX7hQ7guZECNT91jFzf6dSGVZrYja8TFyOvZczheqZI HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hJlUk21lSSKWY8CEKazhzg2&google_push=ASkJ3FZhAr1Ex_VhQLJE7Yqs048Du718k6G_5oe_RmOsO8u2qopF_L80OGZUfX7hQ7guZECNT91jFzf6dSGVZrYja8TFyOvZczheqZI

Request Chain 136

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEKFtSWmjQD7GY4E4JmgDbeA&google_cver=1&google_push=ASkJ3FZpiGmvUXw-bTNRjNqWCY18eUPCblLXe67Cjy2MZW8Pfhtx6i85xFq2Spq7Kd5GY6MxnYFfAankZCursANn2voPHxHIGpv8iNxn HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-99563dfd-7979-43f8-87e7-574e1715eeea-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3FZpiGmvUXw-bTNRjNqWCY18eUPCblLXe67Cjy2MZW8Pfhtx6i85xFq2Spq7Kd5GY6MxnYFfAankZCursANn2voPHxHIGpv8iNxn%26google_hm%3DA5lWPf15eUP4h-dXThcV7uo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FZpiGmvUXw-bTNRjNqWCY18eUPCblLXe67Cjy2MZW8Pfhtx6i85xFq2Spq7Kd5GY6MxnYFfAankZCursANn2voPHxHIGpv8iNxn&google_hm=A5lWPf15eUP4h-dXThcV7uo

146 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 403
Forbidden *
upfasia.org/home/email/ 446 B
813 B 357ms
178ms Document
text/html 185.149.112.124
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

http://upfasia.org/home/email/*

Protocol

HTTP/1.1

Server

185.149.112.124 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

server.jobtrendzdgtl.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Upgrade, Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 13:20:07 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Transfer-Encoding: chunked
Upgrade: h2,h2c
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK 63H5U
qis.is/ 569 B
777 B 662ms
126ms Document
text/html 172.96.189.69
HAWKHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://qis.is/63H5U
Requested by: Host: upfasia.org
URL: http://upfasia.org/home/email/*
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.189.69 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS: 172.96.189.69-static.reverse.arandomserver.com
Software: Apache /
Resource Hash

Request headers

Referer: http://upfasia.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 13:20:08 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked

GET
H2 200 url
www.google.com/ 1 KB
2 KB 67ms
38ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwjO8eX6-ZH7AhULQvEDHahhB18QFnoECAkQAQ&url=https%3A%2F%2Fqa.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fshow%3D283&usg=AOvVaw3kfKiVK6AH5fw9aeQcyNi5

Requested by

Host: qis.is
URL: https://qis.is/63H5U

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Referer: https://qis.is/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bfcache-opt-in: unload
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 512
content-type: text/html; charset=UTF-8
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="gws"
date: Tue, 13 Dec 2022 13:20:08 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
origin-trial: AqRrpS1jM/HOs1rGR0CnXerKEP/QFz7qj9ApDSZqAO+0U+KcT/h/lxA6akW4ar0kT0V1bw5MD4t8O7L7OFwM5gUAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY3ODIzMzU5OX0=
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: unload=()
pragma: no-cache
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server: gws
strict-transport-security: max-age=31536000
x-xss-protection: 0

GET
H2

200

Primary Request what-are-the-ways-to-profit-from-the-internet Show response
zin.aly2um.com/282/
Redirect Chain

https://qa.aly2um.com/282/what-are-the-ways-to-profit-from-the-internet?show=283
https://zin.aly2um.com/282/what-are-the-ways-to-profit-from-the-internet?qa-rewrite=282/what-are-the-ways-to-profit-from-the-internet&show=283

34 KB
8 KB

427ms
416ms

Document
text/html

2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zin.aly2um.com/282/what-are-the-ways-to-profit-from-the-internet?qa-rewrite=282/what-are-the-ways-to-profit-from-the-internet&show=283
Requested by: Host: www.google.com
URL: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwjO8eX6-ZH7AhULQvEDHahhB18QFnoECAkQAQ&url=https%3A%2F%2Fqa.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fshow%3D283&usg=AOvVaw3kfKiVK6AH5fw9aeQcyNi5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75e258310f62d770cd8ba38015ef6c7fc76e16e677b52040c1ee6df9e26c64fc

Request headers

Referer: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwjO8eX6-ZH7AhULQvEDHahhB18QFnoECAkQAQ&url=https%3A%2F%2Fqa.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fshow%3D283&usg=AOvVaw3kfKiVK6AH5fw9aeQcyNi5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 778efedabe5fbbcd-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 13 Dec 2022 13:20:09 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W8dFE%2Fb9Z93eGNs12jcCxbkWG3Boi%2Fxvs5WBcrZW7fuTysSGlMI6FwWkYpYCRjrOJ6KBd%2F3fhDUzO8RCd0Nfqqf%2F9SGpH7WU6qRqDgVJ7eZpguPtk2Fu4%2FZ7fnRU9pq1DUFQ6Qqp%2FFNziugAkA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 778efed80fccbbcd-FRA
content-type: text/html; charset=iso-8859-1
date: Tue, 13 Dec 2022 13:20:09 GMT
location: https://zin.aly2um.com/282/what-are-the-ways-to-profit-from-the-internet?qa-rewrite=282/what-are-the-ways-to-profit-from-the-internet&show=283
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IK4INbZzIehyu6qB6EONUBj9lUpHazHxSeQIX%2BqhJ6U%2F5i7TqPLO9WO1LWTh%2Bd2Oebet4wCNmCftVWkbPBDvZD7uTb3oeOPuiopI0Qf6lZH1TAN0oZQcpSsaUBYn07qY%2FGU%2BPjmmRhtjVMlW"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 qa-styles.css
zin.aly2um.com/qa-theme/SnowFlat/ 56 KB
11 KB 49ms
43ms Stylesheet
text/css 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zin.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Requested by: Host: zin.aly2um.com
URL: https://zin.aly2um.com/282/what-are-the-ways-to-profit-from-the-internet?qa-rewrite=282/what-are-the-ways-to-profit-from-the-internet&show=283
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1650a2bc457aa28b1f50c92cd2a2cbf1158664b717627f4cca2c9748a8eb8b5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zin.aly2um.com/282/what-are-the-ways-to-profit-from-the-internet?qa-rewrite=282/what-are-the-ways-to-profit-from-the-internet&show=283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:09 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 28 Nov 2022 19:35:12 GMT
server: cloudflare
age: 6588
cf-polished: origSize=71322
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gp%2FN5W5tGSBiMerfTV%2BJdqNZMzGyOtnuFRJGivJcX9o5rBBvhYxTtFIm4zRk%2BUr5oByg1TETWB4FG48v48jxngZd0jrFCIUjlq3CsPkVuXr0Fy4I03z4DfKiMm8SlCfDqCukIV%2FCdRPG567HJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 778efedd7c7cbbcd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-3.5.1.min.js Show response
zin.aly2um.com/qa-content/ 87 KB
31 KB 41ms
38ms Script
application/javascript 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zin.aly2um.com/qa-content/jquery-3.5.1.min.js
Requested by: Host: zin.aly2um.com
URL: https://zin.aly2um.com/282/what-are-the-ways-to-profit-from-the-internet?qa-rewrite=282/what-are-the-ways-to-profit-from-the-internet&show=283
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zin.aly2um.com/282/what-are-the-ways-to-profit-from-the-internet?qa-rewrite=282/what-are-the-ways-to-profit-from-the-internet&show=283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Nov 2022 19:35:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6588
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1JfsEamW0Y5i1KQUxJT590PgrXMZ5qr7EZHYSJrOfPO%2Bt30QtYDjXM7ybiRMsY4%2BoIgQ41kPCG8MNGLYjpwZr4lWIf9DcFIR9OzDSM19wOWoRgvLKJyMUmNvy1%2Fg0Lx1BwuJQDC5FabiR0mSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778efedd7c7fbbcd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 qa-global.js Show response
zin.aly2um.com/qa-content/ 15 KB
4 KB 40ms
37ms Script
application/javascript 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zin.aly2um.com/qa-content/qa-global.js?1.8.6
Requested by: Host: zin.aly2um.com
URL: https://zin.aly2um.com/282/what-are-the-ways-to-profit-from-the-internet?qa-rewrite=282/what-are-the-ways-to-profit-from-the-internet&show=283
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf6704fe652abeeafd5333fd67102d36f4e31e77361e1da78ff68db899cc5e6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zin.aly2um.com/282/what-are-the-ways-to-profit-from-the-internet?qa-rewrite=282/what-are-the-ways-to-profit-from-the-internet&show=283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:09 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 28 Nov 2022 19:35:11 GMT
server: cloudflare
age: 6588
cf-polished: origSize=20550
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L41XS1YqTWcChbgXVmGNZHZnLhHu3Rto5kMLB8ZS46D7VSO2%2B3Gyt9sS%2Fcu3ZG0zD6Cr4d02HHpuLfxkZKmMQVV5RQqv4R%2BMuDoivOjPVkX0IkpPBwgsd3Z%2BHnx%2BI1AxddQf7pMiizwUGHyqdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778efedd7c83bbcd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 snow-core.js Show response
zin.aly2um.com/qa-theme/SnowFlat/js/ 1 KB
764 B 48ms
46ms Script
application/javascript 2606:4700:3030::6815:3954
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zin.aly2um.com/qa-theme/SnowFlat/js/snow-core.js?1.8.6.0
Requested by: Host: zin.aly2um.com
URL: https://zin.aly2um.com/282/what-are-the-ways-to-profit-from-the-internet?qa-rewrite=282/what-are-the-ways-to-profit-from-the-internet&show=283
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:3954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71d193f8da9903e7c91da94d17ab08c2e9d1a0572df88deb27682ab8751b1f26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zin.aly2um.com/282/what-are-the-ways-to-profit-from-the-internet?qa-rewrite=282/what-are-the-ways-to-profit-from-the-internet&show=283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:09 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 28 Nov 2022 19:35:12 GMT
server: cloudflare
age: 6588
cf-polished: origSize=2427
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7IiLhWDFn9AVvu5ciJJaGU6ElEO7aTaR5EC6iv4c%2FYOXWV%2FUk3lacCnyVr3UWaEqpBYj98YpbYqD7adgrbj8PhuRze2J7twdaWsB7IMvnfi12NFWX2ZeksDd2avExJTHYFNYw%2BwNQNeAK4PdWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778efedd7c85bbcd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 117ms
69ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8128055623790566

Requested by

Host: zin.aly2um.com
URL: https://zin.aly2um.com/282/what-are-the-ways-to-profit-from-the-internet?qa-rewrite=282/what-are-the-ways-to-profit-from-the-internet&show=283

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b90fd188d862538545441c5318ab6969e5d73a64065e6685459cf119e934b84a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zin.aly2um.com/
Origin: https://zin.aly2um.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49409
x-xss-protection: 0
server: cafe
etag: 16983560900100421179
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 13 Dec 2022 13:20:09 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 43ms
15ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-237003713-1

Requested by

Host: zin.aly2um.com
URL: https://zin.aly2um.com/282/what-are-the-ways-to-profit-from-the-internet?qa-rewrite=282/what-are-the-ways-to-profit-from-the-internet&show=283

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1983c18b5d912cebd093e95f7061c943c038213a9bf15f029d016bfac76ff70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zin.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43635
x-xss-protection: 0
last-modified: Tue, 13 Dec 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Dec 2022 13:20:09 GMT

GET
H2 200 / Show response
document.show/ 316 B
713 B 157ms
117ms Script
text/javascript 2606:4700:3032::6815:3a73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://document.show/
Requested by: Host: zin.aly2um.com
URL: https://zin.aly2um.com/qa-theme/SnowFlat/js/snow-core.js?1.8.6.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:3032::6815:3a73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd2544b1d189c79d04ea25c2494a02ce461fd3e69086f11ce10641de9282f2b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zin.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 13:20:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1OHB%2FAUslqHmZrsGLom%2F37TD9aSGHnirIvSJb9jd1n88OyghenS7EPk%2B%2FKJhHZQLv4BhAUbCG8FAWrwiJ7o0T9yCAwTE2bQTEC%2BvS7TUP6rmz5jX10WxFO3bvP21yVkDLl8S55R2KK6aGY0b"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
cf-ray: 778efede1ec5cb19-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H3 200 fontello.woff
zin.aly2um.com/qa-theme/SnowFlat/fonts/ 7 KB
8 KB 41ms
41ms Font
font/woff 2606:4700:3037::ac43:a190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zin.aly2um.com/qa-theme/SnowFlat/fonts/fontello.woff?70015067
Requested by: Host: zin.aly2um.com
URL: https://zin.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d

Request headers

Referer: https://zin.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Origin: https://zin.aly2um.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:09 GMT
cf-cache-status: HIT
last-modified: Mon, 28 Nov 2022 19:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6368
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21igOdu63bjkNhtMm8MeicYUC%2FAVoMrwe8aag56pl%2FIdaqzOc0gNV7FQCeiEN0zBzY5aLQyfBzwklCODerk1LQR9BbVsUAsqhhZDbguW6tCPk7JTiRUgpRuS%2FKoFtJsr%2Bbycw7xmD%2BlSz%2BdUPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 778efeddda449c12-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7200

GET
H3 200 vote-buttons-3.png
zin.aly2um.com/qa-theme/SnowFlat/images/ 1 KB
2 KB 44ms
44ms Image
image/png 2606:4700:3037::ac43:a190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zin.aly2um.com/qa-theme/SnowFlat/images/vote-buttons-3.png
Requested by: Host: zin.aly2um.com
URL: https://zin.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zin.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:09 GMT
cf-cache-status: HIT
last-modified: Mon, 28 Nov 2022 19:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5573
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBCUakrtPxn0cUhEr8J0lch6GMVWZWmU9fJZiYOUdVHqgNezo8nf1nygi%2B4dcmVk0N6SyNGggmYyfMIktnFaA%2FsXvgI480gq2H6kl%2BRgIGD6%2BHso9pqJhGQ53T1aMFlUW6metjoFtgXS6EjOmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 778efeddea689c12-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1457

GET
H3 200 answer-white.png
zin.aly2um.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 49ms
48ms Image
image/png 2606:4700:3037::ac43:a190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zin.aly2um.com/qa-theme/SnowFlat/images/icons/answer-white.png
Requested by: Host: zin.aly2um.com
URL: https://zin.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zin.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:09 GMT
cf-cache-status: HIT
last-modified: Mon, 28 Nov 2022 19:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1128
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDdD%2Fe%2BA4fHHBkK0awex2N9fwWCY8oTnehBtdXRLmMF5F9HdYUZO%2ByKPTt3zDyZcvSyIvDnQioY6Jyc9Bi0HNuxhPeP%2BjDscXfoQ8mu7FOdvyXtIPCqPcdC9SbNgs0X3GkCverDScS87qjtNlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 778efede1ab59c12-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2867

GET
H3 200 answer-select.png
zin.aly2um.com/qa-theme/SnowFlat/images/ 2 KB
2 KB 50ms
48ms Image
image/png 2606:4700:3037::ac43:a190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zin.aly2um.com/qa-theme/SnowFlat/images/answer-select.png
Requested by: Host: zin.aly2um.com
URL: https://zin.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 824de40e353f2eaaf4828f927a03331984b995bf7fc59edc4ff08f9e178822db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zin.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:09 GMT
cf-cache-status: HIT
last-modified: Mon, 28 Nov 2022 19:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1128
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BZ5zDhgE9bftiO%2F6SeEXj%2BdLr9IrCTEYFBqnVQRXs5FZg%2BdD4UbVEqe7GTRrginVZni9Is7GQXeuvNt0OOVVPiV1B0GcjVPMbqKSmLaNYM4VmPv%2FBhUwVsAm0mK7Kkg71g3Dw41Z43kjiMSUEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 778efede1ab89c12-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1831

GET
H3 200 link-white.png
zin.aly2um.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 48ms
46ms Image
image/png 2606:4700:3037::ac43:a190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zin.aly2um.com/qa-theme/SnowFlat/images/icons/link-white.png
Requested by: Host: zin.aly2um.com
URL: https://zin.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zin.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:09 GMT
cf-cache-status: HIT
last-modified: Mon, 28 Nov 2022 19:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1128
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gtaiCX2c97EJ5cf9kGOay%2FySVFkbDQ6E%2BnFWWkGS%2FCDkp%2FfbE%2F0BRdXcY8tmBXAe6jvUJnsOBWEQQBN9YuMo5GMuQ0rmXrkx7AHyTNTYAuTJz5YeMVF2l6y6bgViqECp%2BwwLwgZwAsaLA5kOFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 778efede2abc9c12-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3026

GET
H3 200 comment-white.png
zin.aly2um.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 81ms
79ms Image
image/png 2606:4700:3037::ac43:a190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zin.aly2um.com/qa-theme/SnowFlat/images/icons/comment-white.png
Requested by: Host: zin.aly2um.com
URL: https://zin.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zin.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:09 GMT
cf-cache-status: HIT
last-modified: Mon, 28 Nov 2022 19:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1121
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJmktAyHkPkuwJ%2B4jY7yFk9%2BMOjEjoDHYV4foyu%2FOaKJsE2Ww9%2BJOwyq6WZzETl5IkqplKTReI%2BHYSXHdHQCOtxqh%2BoxooAe0AMT50kyArtDd0rHgJF0LcNacf6w3UD5htm9aAJGHWiP0I8Uhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 778efede2abf9c12-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2906

GET
H3 200 search-icon-white.png
zin.aly2um.com/qa-theme/SnowFlat/images/ 1 KB
2 KB 87ms
85ms Image
image/png 2606:4700:3037::ac43:a190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zin.aly2um.com/qa-theme/SnowFlat/images/search-icon-white.png
Requested by: Host: zin.aly2um.com
URL: https://zin.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zin.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:10 GMT
cf-cache-status: HIT
last-modified: Mon, 28 Nov 2022 19:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 211
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jokoLI9RcjKE%2FfjQelGyk7GY6FSMVVA5g4cgR3FTFs0VGQvzJ2EJL5c6JeQmbdeOrXngSX4TOxgrlW76xFZp1oS5C3wziMho%2FPlfDZlgj1cdPZFgeVucnw5NvtfkkXSB7j6XOzxHAnsJyMJKaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 778efede2ac39c12-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1412

GET
H3 200 spinner-icon-14x14.gif
zin.aly2um.com/qa-theme/SnowFlat/images/ 8 KB
8 KB 85ms
84ms Image
image/gif 2606:4700:3037::ac43:a190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zin.aly2um.com/qa-theme/SnowFlat/images/spinner-icon-14x14.gif?1410117644
Requested by: Host: zin.aly2um.com
URL: https://zin.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zin.aly2um.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:10 GMT
cf-cache-status: HIT
last-modified: Mon, 28 Nov 2022 19:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1121
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5LgjCtCns5VGO4tkDkf4IUKWk1SHwzZhSeKIh0S7f6wsiSuCn79rDWNJJwvjOD3luK0Kr4F3gI8uky2AAknjTMgpm6qC9ThM3YirCSUfz58AvbEWeu3JmY20rgdvO4Wr79WXsHt2Bbq8lc7YqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 778efede2acb9c12-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7781

GET
H3 200 invisible.js Show response
zin.aly2um.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 1976 38 KB
16 KB 45ms
45ms Script
application/javascript 2606:4700:3037::ac43:a190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zin.aly2um.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1670932800
Requested by: Host: upfasia.org
URL: http://upfasia.org/home/email/*
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 968f53d8af0537f907f3a79fcfe6a3c703da21e0167b9aeb10f3a9ae52215d0f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:09 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FTX1aZv6J00%2BXqGqZivSg4PpDjVYPMHVLtVajM5MBOZ8oP2Mg3FC2N0mdQv%2BhBYfpXm1u8bkMaEvovUN9JPWwAsx1lV3waUydcdftHDlhu3doYHiWg3i4WZ7FCoYXWIH%2FOrK5ATRyj%2Fp%2F6XqFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 778efede3afa9c12-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-237003713-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zin.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 13 Dec 2022 13:15:46 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 264
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 13 Dec 2022 15:15:46 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 31ms
15ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=670198428&t=pageview&_s=1&dl=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&dr=https%3A%2F%2Fwww.google.com%2F&ul=en-us&de=UTF-8&dt=What%20are%20the%20ways%20to%20profit%20from%20the%20Internet%3F%20-%20Aly2um%20Q%26A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1039285259&gjid=1841587695&cid=2091613118.1670937610&tid=UA-237003713-1&_gid=359793695.1670937610&_r=1&gtm=2oubu0&z=1455750042

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://zin.aly2um.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 13:20:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://zin.aly2um.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/ 355 KB
117 KB 92ms
77ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8128055623790566&plah=zin.aly2um.com&bust=31071251

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8128055623790566

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab92107ff94aa39eee2d67a4279651ba581fcdc084fec59bfe6ee3dbc8bf5543

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zin.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119791
x-xss-protection: 0
server: cafe
etag: 1909029628966522960
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Dec 2022 13:20:10 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame E755 10 KB
5 KB 28ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8128055623790566

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zin.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 40077
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 02:12:13 GMT
etag: 10353107486223812946
expires: Tue, 27 Dec 2022 02:12:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pica.js
zin.aly2um.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 1976 19 KB
8 KB 37ms
37ms Other
application/javascript 2606:4700:3037::ac43:a190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zin.aly2um.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: zin.aly2um.com
URL: https://zin.aly2um.com/282/what-are-the-ways-to-profit-from-the-internet?qa-rewrite=282/what-are-the-ways-to-profit-from-the-internet&show=283
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f94a4148644743d23c511fd2aa4724190f39c0526a58638f1ceba396619c8f4a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:10 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2P9LSC0B4ZdvCRa7sV1ke06Dygk2aDMSoyq3FlPo2yEOjwREq7WN58k68fTgwNU9pwCZUnc2DRaoeUNQb2bMCHQvdL%2BEQKtaC1DNrnezgMHHIlufY%2Br4YtamCPYbU%2FlYUmwwLqbwq9G4EW7CpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 778efedf1cee9c12-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 31ms
16ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-169264889-1

Requested by

Host: document.show
URL: https://document.show/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9a94657d0b9923af189e362197b148f70eb20f1c8cf45406a7df02902e8fcaa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zin.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43633
x-xss-protection: 0
last-modified: Tue, 13 Dec 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Dec 2022 13:20:10 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 33ms
19ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-169264889-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-237003713-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4f6065fa239eb492f0a6b7703edb7bb5aad77e27cb37e6895d3bdf8261d47d58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zin.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43636
x-xss-protection: 0
last-modified: Tue, 13 Dec 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Dec 2022 13:20:10 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 18ms
17ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=670198428&t=pageview&_s=1&dl=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&dr=https%3A%2F%2Fwww.google.com%2F&ul=en-us&de=UTF-8&dt=What%20are%20the%20ways%20to%20profit%20from%20the%20Internet%3F%20-%20Aly2um%20Q%26A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=227517762&gjid=1076553800&cid=2091613118.1670937610&tid=UA-169264889-1&_gid=359793695.1670937610&_r=1&gtm=2oubu0&z=108082633

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://zin.aly2um.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 13:20:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://zin.aly2um.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
694 B 71ms
15ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=zin.aly2um.com&callback=_gfp_s_&client=ca-pub-8128055623790566&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8128055623790566&plah=zin.aly2um.com&bust=31071251

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25fbcd3c13c190447a8ab85ddf6ad1ded25521056577e9a35b7f450da39ea3d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zin.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 45ms
17ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=zin.aly2um.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zin.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 38ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=zin.aly2um.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zin.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B086 0
19 B 104ms
89ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&adk=1812271804&adf=3025194257&lmt=1670937610&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610061&bpp=4&bdt=243&idt=190&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1374757132781&frm=20&pv=2&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=212

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zin.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 13:20:10 GMT
expires: Tue, 13 Dec 2022 13:20:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 778efedabe5fbbcd Show response
zin.aly2um.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 1976 2 B
670 B 60ms
60ms XHR
text/plain 2606:4700:3037::ac43:a190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zin.aly2um.com/cdn-cgi/challenge-platform/h/b/cv/result/778efedabe5fbbcd
Requested by: Host: zin.aly2um.com
URL: https://zin.aly2um.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1670932800
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:a190 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Dec 2022 13:20:10 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NhilRxinoQWxZBo6K6tsHIxwa1MF6i8YauwYCSmBF4Z88JR3Lwl0KYQDH0IcCO99CzBUbErpBcfEWYvGBbMqqCPPvbHG2zaqUJja4GR3O1Biq8gvU4HlzlZWVwsD%2FaSstwjCQKedK8sO4ccgEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 778efee199b59c12-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4C32 31 KB
12 KB 326ms
325ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=640&slotname=2365019599&adk=931938384&adf=3674521187&pi=t.ma~as.2365019599&w=320&lmt=1670937610&format=320x640&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610065&bpp=1&bdt=246&idt=423&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfnEr%7C&abl=NF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YAkMvPlUZD&p=https%3A//zin.aly2um.com&dtd=428

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a8abfb66911ba859f849ca60fb06851c9b7a9b97363a90744b79aabf6b6a862

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zin.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 12231
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 13:20:10 GMT
expires: Tue, 13 Dec 2022 13:20:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9BCC 88 KB
32 KB 987ms
987ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=748x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610066&bpp=2&bdt=248&idt=436&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=dM6szvdXjl&p=https%3A//zin.aly2um.com&dtd=442

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5beb2db17c42e509fe230f0e872891157c09b0fb970a7215edecf9d7d6d939a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zin.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32938
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 13:20:11 GMT
expires: Tue, 13 Dec 2022 13:20:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D797 94 KB
33 KB 554ms
553ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=1494116191&adf=318908456&pi=t.ma~as.8056121513&w=708&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=708x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610068&bpp=1&bdt=250&idt=447&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=2613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=rKEU3RRVTo&p=https%3A//zin.aly2um.com&dtd=451

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2eb826025700af48b6c9e186d2131ffd897e35f58a1f94d429a2b3b6b3330177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zin.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33860
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 13:20:11 GMT
expires: Tue, 13 Dec 2022 13:20:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DC3C 89 KB
32 KB 908ms
907ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=488872744&adf=1056458448&pi=t.ma~as.8056121513&w=1004&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=1004x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610069&bpp=1&bdt=251&idt=455&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0f85da2c0f5c613-2235508ffad90014%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MaFea2_a-5Gk0bO8liZeeOSA2Cemw&gpic=UID%3D00000b91b5a5521f%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MYlwjHyBEdS_i-MludlzjmyJVvvhA&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=4002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RIkFbkpX36&p=https%3A//zin.aly2um.com&dtd=458

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6cd6362095fcf38cdab82cd857b6e357622de974af09f640a39f41af61183918

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zin.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33012
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 13:20:11 GMT
expires: Tue, 13 Dec 2022 13:20:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0BFF 0
0 52ms
51ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1GvhCnyYY7ykIJPm6wTMoqPwAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxMjgwNTU2MjM3OTA1NjbIAQmpAjSmC2Z_rrE-qAMBqgSwAk_Q_vkUj_myxmGl2sU7Y1WL_6d2cRrPklMBTvhu3TEZbY1PxfTCZXYaHEi3Dj3rxtNKVK_604yadWlldetC9KqYrd7jc-VhOMMThFfBwGqkkauKgCmbYiAn7hyETPRq0HmV6891aKOvZwqCbgaXTQZ7M174ylYFvLmmekz1_WZgAos-ayOBBMF6UXRplyG4Ky7DurTKYoWN-_6oP-80DqeJyf57OWB2jVE_2J6lcJlPqge5kfVfZKsBLkJT-9oXBLV_8BV27vh8a1Ir7qYHC4Nk1ksSCh17aBrcuvEzAi720FPjpQ9qSCJAPLBSyH4cNPAU2L78vFEKagDfKQOfElEx6CqO2410zGIWU0GGRxWgfIjyKO6owqfWeJnVJsPc8sIReEqCLGQITPhTANnXbXCABqW1lt3sx4bT_gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTgxMjgwNTU2MjM3OTA1NjYYAA&sigh=edZbXgHRtYc&uach_m=[UACH]&cid=CAQSKQDq26N9i-uKF49385eP40kgh2ovIBwIW9rALmKqq7wt5KUMB6qXacb0GAEgEw

Requested by

Host: upfasia.org
URL: http://upfasia.org/home/email/*

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=640&slotname=2365019599&adk=931938384&adf=3674521187&pi=t.ma~as.2365019599&w=320&lmt=1670937610&format=320x640&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610065&bpp=1&bdt=246&idt=423&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfnEr%7C&abl=NF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YAkMvPlUZD&p=https%3A//zin.aly2um.com&dtd=428
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 13 Dec 2022 13:20:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 0BFF 0
0 50ms
17ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1ge075e884hc3xp70yeebzznb9e2af778e7bdrjb2yfff1e87dtckzhdj3y7kqv86vsv4p1krte4k5vr4pd3zjtgm1g5xam4m0c3r3jnkynkkxnptysv13n1s2356am1jnjceqbzd2366fbq4jxdgekxdmj1e2vq3rb4cwrfb901vv78a76yawbc5972sfqwwf251a0vc03mvjm45qw7t2qfaaej89e5ypqc6sx21trd9885zg4d6xs4yhjt6hbbp9fr0evgqfaed5r4v3mc1ts83f5cbdmhz6svc0yecwxsn04e37wnf7p3na30rwnryszehgdqngd3zw9bwx4v0nds4dqb70w1fncst5mmnhjejb97yjxfksymvadakzgnmen4xpxc1w&b=Y5h8CgAIEjwKmvMTAAjRTK1zdayx3OgIDQabQg
Requested by: Host: upfasia.org
URL: http://upfasia.org/home/email/*
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 13:20:10 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 695E 2 KB
3 KB 58ms
30ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hghz6gqk7vjdgmfdvrbz9bvesm47ngs9cz1cydzsf7vm7ntk1y5zqjw5esq37t75p8gfr8g2hrh7tekfe22gz87bv26xv7sssrbw0zm9tqk84whek7wtgn1mjrze859gv3e2szwczf40ccxk6zjdyxqtrmgf2hbx43mhh6aapnkw3tge45fymgpzg4pj6bp1bs4r8m28jkhec55ncmhcttyyx4c0gj9n8g77xvr710z0xc9ygrr3vpk0y1e36ek7qhc5s8rnxww3f0s0r0wphbnv9w9e7etsjnaf3e612sbvpq00e7tj18xp07kznmmn18zn8j84ce0j2g1yqytk70y0qt9sbfa479nv03h0gk3vn1sz55pm8drta64q48bvaggge94ec5xe8maypd1fgqse7da553mfkejdddjqj9yydc6qv1kt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdrTfCnyYY7ykIJPm6wTMoqPwAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxMjgwNTU2MjM3OTA1NjbIAQmpAjSmC2Z_rrE-qAMBqgSzAk_Q_vkUj_myxmGl2sU7Y1WL_6d2cRrPklMBTvhu3TEZbY1PxfTCZXYaHEi3Dj3rxtNKVK_604yadWlldetC9KqYrd7jc-VhOMMThFfBwGqkkauKgCmbYiAn7hyETPRq0HmV6891aKOvZwqCbgaXTQZ7M174ylYFvLmmekz1_WZgAos-ayOBBMF6UXRplyG4Ky7DurTKYoWN-_6oP-80DqeJyf57OWB2jVE_2J6lcJlPqge5kfVfZKsBLkJT-9oXBLV_8BV27vh8a1Ir7qYHC4Nk1ksSCh17aBrcuvEzAi720FPjpQ9qSCJAPLBSyH4cNPAU2L78vFEKagDfKQOfElEx6CqO2410zGIWEUOn1cJZ-8g6r6Y-GO5EiqDBLG7W3NrM-IjLvpycUtRL1QVILbhyVpCABqW1lt3sx4bT_gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1hALIwRquZqsYTqmweESdjdD9-1g%26client%3Dca-pub-8128055623790566%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=640&slotname=2365019599&adk=931938384&adf=3674521187&pi=t.ma~as.2365019599&w=320&lmt=1670937610&format=320x640&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610065&bpp=1&bdt=246&idt=423&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfnEr%7C&abl=NF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YAkMvPlUZD&p=https%3A//zin.aly2um.com&dtd=428

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d68aa4c40194f74b64af2db608e94365c7e0ebb4632654e9d49076a4759d7c03

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 778efee43a439a17-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 13:20:10 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 0BFF 3 KB
1 KB 43ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:52:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1688
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 12:52:02 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3AA6 1 KB
643 B 7ms
6ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 8314
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 11:01:36 GMT
etag: 48472445140208031
expires: Wed, 14 Dec 2022 11:01:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 0BFF 18 KB
8 KB 40ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:04:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54921
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Dec 2022 22:04:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0BFF 153 KB
47 KB 61ms
32ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 13:20:10 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 3AA6 70 B
265 B 106ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEMWlnI8sfTkbVSHQsoxyquY&google_cver=1&google_push=AavPq0Of_4RjnTEN5sczJxPYhVu8NWa87s7c7rIgwPDfGaY47ABSl8LbxadHl_wKcfy18J726818mEyiUne67aYKzD8nhzsMMwTJ1w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=640&slotname=2365019599&adk=931938384&adf=3674521187&pi=t.ma~as.2365019599&w=320&lmt=1670937610&format=320x640&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610065&bpp=1&bdt=246&idt=423&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfnEr%7C&abl=NF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YAkMvPlUZD&p=https%3A//zin.aly2um.com&dtd=428
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 13 Dec 2022 13:20:10 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3AA6
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEC1bbsbjmtvPKEj20cYZ72E&google_cver=1&google_push=AavPq0Msf3uRpB5POXq4q-J4_cAEDe8XPx8jMI5WeJ-DiEdi_s6LEwbAr7BItGihVWwf9hERfQu9Eci45PnhltNFtiZFtTU...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Msf3uRpB5POXq4q-J4_cAEDe8XPx8jMI5WeJ-DiEdi_s6LEwbAr7BItGihVWwf9hERfQu9Eci45PnhltNFtiZFtTUi9YIe6Q&google_hm=eS01MlVqb0cxRTJwRUp4...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Msf3uRpB5POXq4q-J4_cAEDe8XPx8jMI5WeJ-DiEdi_s6LEwbAr7BItGihVWwf9hERfQu9Eci45PnhltNFtiZFtTUi9YIe6Q&google_hm=eS01MlVqb0cxRTJwRUp4ZUpEd3J2Z1piU1ZhbXlTMWpQX35B

Requested by

Host: zin.aly2um.com
URL: https://zin.aly2um.com/282/what-are-the-ways-to-profit-from-the-internet?qa-rewrite=282/what-are-the-ways-to-profit-from-the-internet&show=283

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 13:20:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 13 Dec 2022 13:20:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0Msf3uRpB5POXq4q-J4_cAEDe8XPx8jMI5WeJ-DiEdi_s6LEwbAr7BItGihVWwf9hERfQu9Eci45PnhltNFtiZFtTUi9YIe6Q&google_hm=eS01MlVqb0cxRTJwRUp4ZUpEd3J2Z1piU1ZhbXlTMWpQX35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3AA6
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEDHBE2ug8So7OdVLDTrhNiw&google_cver=1&google_push=AavPq0Mfs0mg4apxD9_MHg1GNqqSXUmaGWcUVmzP8oK7-Vy1jqVS5ppnaf1Gip5rZe762_qDNfE6XG65D8WBzXzDCFUnci9...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDHBE2ug8So7OdVLDTrhNiw&google_cver=1&google_push=AavPq0Mfs0mg4apxD9_MHg1GNqqSXUmaGWcUVmzP8oK7-Vy1jqVS5ppnaf1Gip5rZe762_qDNfE6XG65D8WBzXzDCFUnc...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0Mfs0mg4apxD9_MHg1GNqqSXUmaGWcUVmzP8oK7-Vy1jqVS5ppnaf1Gip5rZe762_qDNfE6XG65D8WBzXzDCFUnci9tKdSS

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0Mfs0mg4apxD9_MHg1GNqqSXUmaGWcUVmzP8oK7-Vy1jqVS5ppnaf1Gip5rZe762_qDNfE6XG65D8WBzXzDCFUnci9tKdSS

Requested by

Host: zin.aly2um.com
URL: https://zin.aly2um.com/282/what-are-the-ways-to-profit-from-the-internet?qa-rewrite=282/what-are-the-ways-to-profit-from-the-internet&show=283

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 13:20:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0Mfs0mg4apxD9_MHg1GNqqSXUmaGWcUVmzP8oK7-Vy1jqVS5ppnaf1Gip5rZe762_qDNfE6XG65D8WBzXzDCFUnci9tKdSS
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3AA6
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEBXQu0-jqIXpHpYQ33VkygQ&google_cver=1&google_push=AavPq0NNGAi9ppme9y5Eh_st1dR-bFjgVrTZ9cZJwyXFGd3_5aNwM3fiZcwxeKZy_QzhKMWQ4dHUaammfbIF4ycn...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0NNGAi9ppme9y5Eh_st1dR-bFjgVrTZ9cZJwyXFGd3_5aNwM3fiZcwxeKZy_QzhKMWQ4dHUaammfbIF4ycn5RtkLo94RLwgZA

170 B
232 B

23ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0NNGAi9ppme9y5Eh_st1dR-bFjgVrTZ9cZJwyXFGd3_5aNwM3fiZcwxeKZy_QzhKMWQ4dHUaammfbIF4ycn5RtkLo94RLwgZA

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 13:20:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 13 Dec 2022 13:20:10 GMT
via: 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA2-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AavPq0NNGAi9ppme9y5Eh_st1dR-bFjgVrTZ9cZJwyXFGd3_5aNwM3fiZcwxeKZy_QzhKMWQ4dHUaammfbIF4ycn5RtkLo94RLwgZA
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: CihSF237UDknCKsHViQZ-yIthk25jusEMPiofWFUrCP7GHkNcXmeNQ==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3AA6
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEMp_trWJb_owys8pAtIHYSo&google_cver=1&google_push=AavPq0M2GQdTCNEv_8GOPebvqC-FOkXJ6zDU2084oGdXZgU2atRXla4RtngIVtXy-kInZhojxVQhoUUUSLvZmGDz8RWpNt...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEMp_trWJb_owys8pAtIHYSo&google_cver=1&google_push=AavPq0M2GQdTCNEv_8GOPebvqC-FOkXJ6zDU2084oGdXZgU2atRXla4RtngIVtXy-kInZhojxVQhoUUUSLvZmGDz...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=3OFqP0qVT0msTbpdrFPyKQ&google_push=AavPq0M2GQdTCNEv_8GOPebvqC-FOkXJ6zDU2084oGdXZgU2atRXla4RtngIVtXy-kInZhojxVQhoUUUSLvZmGD...

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=3OFqP0qVT0msTbpdrFPyKQ&google_push=AavPq0M2GQdTCNEv_8GOPebvqC-FOkXJ6zDU2084oGdXZgU2atRXla4RtngIVtXy-kInZhojxVQhoUUUSLvZmGDz8RWpNtdBzkLX

Requested by

Host: zin.aly2um.com
URL: https://zin.aly2um.com/282/what-are-the-ways-to-profit-from-the-internet?qa-rewrite=282/what-are-the-ways-to-profit-from-the-internet&show=283

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 13:20:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=3OFqP0qVT0msTbpdrFPyKQ&google_push=AavPq0M2GQdTCNEv_8GOPebvqC-FOkXJ6zDU2084oGdXZgU2atRXla4RtngIVtXy-kInZhojxVQhoUUUSLvZmGDz8RWpNtdBzkLX
access-control-allow-origin: *
date: Tue, 13 Dec 2022 13:20:11 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3AA6
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEF6I64D8ks4zisXKdVTCgCY&google_cver=1&google_push=AavPq0PfWjlWqqiYKDBGHvga5lwN187oaAAQIIhhKmlY3wdpGZu6drFkD5LBGdLYl7FG6phq5JCyAcOgS6MDKorQZmxkC0Y_Qr...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0PfWjlWqqiYKDBGHvga5lwN187oaAAQIIhhKmlY3wdpGZu6drFkD5LBGdLYl7FG6phq5JCyAcOgS6MDKorQZmxkC0Y_Qry...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE3NDEzMzU3NTM1Nzk2MTQxOTQ1NA%3D%3D&google_push=AavPq0PfWjlWqqiYKDBGHvga5lwN187oaAAQIIhhKmlY3wdpGZu6drFk...

170 B
329 B

22ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE3NDEzMzU3NTM1Nzk2MTQxOTQ1NA%3D%3D&google_push=AavPq0PfWjlWqqiYKDBGHvga5lwN187oaAAQIIhhKmlY3wdpGZu6drFkD5LBGdLYl7FG6phq5JCyAcOgS6MDKorQZmxkC0Y_Qry1QA

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 13:20:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTE3NDEzMzU3NTM1Nzk2MTQxOTQ1NA%3D%3D&google_push=AavPq0PfWjlWqqiYKDBGHvga5lwN187oaAAQIIhhKmlY3wdpGZu6drFkD5LBGdLYl7FG6phq5JCyAcOgS6MDKorQZmxkC0Y_Qry1QA
date: Tue, 13 Dec 2022 13:20:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3AA6
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEAyrRFZi3_PWvdTXjEE2aYY&google_cver=1&google_push=AavPq0OmpmcT_Pp2R...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEAyrRFZi3_PWvdTXjEE2aYY%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzQ4MzQzODk5MzUwNDM1Mjk1Mg%3D%3D&google_gid=CAESEAyrRFZi3_PWvdTXjEE2aYY&google_cver=1&google_push=AavPq0OmpmcT_Pp2RURA6HVBi2FGUEcMPn...

170 B
188 B

37ms
22ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzQ4MzQzODk5MzUwNDM1Mjk1Mg%3D%3D&google_gid=CAESEAyrRFZi3_PWvdTXjEE2aYY&google_cver=1&google_push=AavPq0OmpmcT_Pp2RURA6HVBi2FGUEcMPnE8-2CV64TjcgBBiWpVcft9z1YGehIUmts3JAchcMpxvN5q-L7GJNJ0IBGQfwb1lZ2Ms1A

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 13:20:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 13:20:11 GMT
AN-X-Request-Uuid: 59de08c0-a20d-49b9-8927-58b3167fc0d3
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzQ4MzQzODk5MzUwNDM1Mjk1Mg%3D%3D&google_gid=CAESEAyrRFZi3_PWvdTXjEE2aYY&google_cver=1&google_push=AavPq0OmpmcT_Pp2RURA6HVBi2FGUEcMPnE8-2CV64TjcgBBiWpVcft9z1YGehIUmts3JAchcMpxvN5q-L7GJNJ0IBGQfwb1lZ2Ms1A
Connection: keep-alive
X-Proxy-Origin: 193.27.14.44; 193.27.14.44; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 3AA6 0
232 B 52ms
14ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JJKJf4PZp1xjce2U0mHeTDzd9yneZLNi7Am87KciOkYV_nAF11jBneFZByYroq1SGYvzuy0g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 695E 89 KB
12 KB 53ms
36ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hghz6gqk7vjdgmfdvrbz9bvesm47ngs9cz1cydzsf7vm7ntk1y5zqjw5esq37t75p8gfr8g2hrh7tekfe22gz87bv26xv7sssrbw0zm9tqk84whek7wtgn1mjrze859gv3e2szwczf40ccxk6zjdyxqtrmgf2hbx43mhh6aapnkw3tge45fymgpzg4pj6bp1bs4r8m28jkhec55ncmhcttyyx4c0gj9n8g77xvr710z0xc9ygrr3vpk0y1e36ek7qhc5s8rnxww3f0s0r0wphbnv9w9e7etsjnaf3e612sbvpq00e7tj18xp07kznmmn18zn8j84ce0j2g1yqytk70y0qt9sbfa479nv03h0gk3vn1sz55pm8drta64q48bvaggge94ec5xe8maypd1fgqse7da553mfkejdddjqj9yydc6qv1kt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdrTfCnyYY7ykIJPm6wTMoqPwAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxMjgwNTU2MjM3OTA1NjbIAQmpAjSmC2Z_rrE-qAMBqgSzAk_Q_vkUj_myxmGl2sU7Y1WL_6d2cRrPklMBTvhu3TEZbY1PxfTCZXYaHEi3Dj3rxtNKVK_604yadWlldetC9KqYrd7jc-VhOMMThFfBwGqkkauKgCmbYiAn7hyETPRq0HmV6891aKOvZwqCbgaXTQZ7M174ylYFvLmmekz1_WZgAos-ayOBBMF6UXRplyG4Ky7DurTKYoWN-_6oP-80DqeJyf57OWB2jVE_2J6lcJlPqge5kfVfZKsBLkJT-9oXBLV_8BV27vh8a1Ir7qYHC4Nk1ksSCh17aBrcuvEzAi720FPjpQ9qSCJAPLBSyH4cNPAU2L78vFEKagDfKQOfElEx6CqO2410zGIWEUOn1cJZ-8g6r6Y-GO5EiqDBLG7W3NrM-IjLvpycUtRL1QVILbhyVpCABqW1lt3sx4bT_gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1hALIwRquZqsYTqmweESdjdD9-1g%26client%3Dca-pub-8128055623790566%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hghz6gqk7vjdgmfdvrbz9bvesm47ngs9cz1cydzsf7vm7ntk1y5zqjw5esq37t75p8gfr8g2hrh7tekfe22gz87bv26xv7sssrbw0zm9tqk84whek7wtgn1mjrze859gv3e2szwczf40ccxk6zjdyxqtrmgf2hbx43mhh6aapnkw3tge45fymgpzg4pj6bp1bs4r8m28jkhec55ncmhcttyyx4c0gj9n8g77xvr710z0xc9ygrr3vpk0y1e36ek7qhc5s8rnxww3f0s0r0wphbnv9w9e7etsjnaf3e612sbvpq00e7tj18xp07kznmmn18zn8j84ce0j2g1yqytk70y0qt9sbfa479nv03h0gk3vn1sz55pm8drta64q48bvaggge94ec5xe8maypd1fgqse7da553mfkejdddjqj9yydc6qv1kt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdrTfCnyYY7ykIJPm6wTMoqPwAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxMjgwNTU2MjM3OTA1NjbIAQmpAjSmC2Z_rrE-qAMBqgSzAk_Q_vkUj_myxmGl2sU7Y1WL_6d2cRrPklMBTvhu3TEZbY1PxfTCZXYaHEi3Dj3rxtNKVK_604yadWlldetC9KqYrd7jc-VhOMMThFfBwGqkkauKgCmbYiAn7hyETPRq0HmV6891aKOvZwqCbgaXTQZ7M174ylYFvLmmekz1_WZgAos-ayOBBMF6UXRplyG4Ky7DurTKYoWN-_6oP-80DqeJyf57OWB2jVE_2J6lcJlPqge5kfVfZKsBLkJT-9oXBLV_8BV27vh8a1Ir7qYHC4Nk1ksSCh17aBrcuvEzAi720FPjpQ9qSCJAPLBSyH4cNPAU2L78vFEKagDfKQOfElEx6CqO2410zGIWEUOn1cJZ-8g6r6Y-GO5EiqDBLG7W3NrM-IjLvpycUtRL1QVILbhyVpCABqW1lt3sx4bT_gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1hALIwRquZqsYTqmweESdjdD9-1g%26client%3Dca-pub-8128055623790566%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 1976
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2F%2FLUQHEeBgCdLPCPOn9BALg2oDhXcYQdBpglNzRPo27J7q8ULEXIxTNKEVDywnBd%2FXiveneTBUzME74Ag46%2B8ChMVlNS%2FI%2BO3jc43nZrpqmLxjwYEv24ZGxbQkTq%2BhVtg%2BOVqlEHZs%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 778efee49ee39a05-FRA
expires: Tue, 13 Dec 2022 14:20:10 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 695E 35 KB
12 KB 48ms
27ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hghz6gqk7vjdgmfdvrbz9bvesm47ngs9cz1cydzsf7vm7ntk1y5zqjw5esq37t75p8gfr8g2hrh7tekfe22gz87bv26xv7sssrbw0zm9tqk84whek7wtgn1mjrze859gv3e2szwczf40ccxk6zjdyxqtrmgf2hbx43mhh6aapnkw3tge45fymgpzg4pj6bp1bs4r8m28jkhec55ncmhcttyyx4c0gj9n8g77xvr710z0xc9ygrr3vpk0y1e36ek7qhc5s8rnxww3f0s0r0wphbnv9w9e7etsjnaf3e612sbvpq00e7tj18xp07kznmmn18zn8j84ce0j2g1yqytk70y0qt9sbfa479nv03h0gk3vn1sz55pm8drta64q48bvaggge94ec5xe8maypd1fgqse7da553mfkejdddjqj9yydc6qv1kt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdrTfCnyYY7ykIJPm6wTMoqPwAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxMjgwNTU2MjM3OTA1NjbIAQmpAjSmC2Z_rrE-qAMBqgSzAk_Q_vkUj_myxmGl2sU7Y1WL_6d2cRrPklMBTvhu3TEZbY1PxfTCZXYaHEi3Dj3rxtNKVK_604yadWlldetC9KqYrd7jc-VhOMMThFfBwGqkkauKgCmbYiAn7hyETPRq0HmV6891aKOvZwqCbgaXTQZ7M174ylYFvLmmekz1_WZgAos-ayOBBMF6UXRplyG4Ky7DurTKYoWN-_6oP-80DqeJyf57OWB2jVE_2J6lcJlPqge5kfVfZKsBLkJT-9oXBLV_8BV27vh8a1Ir7qYHC4Nk1ksSCh17aBrcuvEzAi720FPjpQ9qSCJAPLBSyH4cNPAU2L78vFEKagDfKQOfElEx6CqO2410zGIWEUOn1cJZ-8g6r6Y-GO5EiqDBLG7W3NrM-IjLvpycUtRL1QVILbhyVpCABqW1lt3sx4bT_gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1hALIwRquZqsYTqmweESdjdD9-1g%26client%3Dca-pub-8128055623790566%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 25321
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DG17UiWsmBSrdr2sM%2BX7CXQTrXywbezyI1mIdqBD%2BEZbbSoEtRyZeeJOii1UcXNolBwl11i5IiexweRol%2BA84%2Bmk8I%2B%2FAND66pToWlXw3qy0a%2FoumzKrAaOHs4tQAXxR0RUHuqw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 778efee49ad49a17-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 13 Dec 2022 06:18:09 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 8339 2 KB
1 KB 30ms
30ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1444497
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 778efee4ef7c9a05-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Tue, 13 Dec 2022 13:20:11 GMT
expires: Wed, 26 Oct 2022 23:22:52 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8QCWUbJoW29nqy1rRk2uZJoPEB84caLLuoS8tFRXreQJjUYK9gUUYiaJ8Ui49w6dB9aOCHceaq3Gqw0NofZxX5kSnyBdQuCZXYEJhJSfg7NAYaM8kdiZ2kS%2FXhK3s2cq7RQZ310%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame 695E 2 KB
2 KB 59ms
58ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6378b870ee8842f7778c6a86675bf712b950a068f8e909d944700e8b00f21ca9

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Dec 2022 13:20:11 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PYKxT9OePrWRW%2FHItCuQr8WhCLewM2DY0CaF7DXEaKBUykg1AKwNzlauKkfMsi1wHYHd3iXpzqYEwo%2F5sefjIwIp6jHhKUquEf%2BVzoFOBrLsTdznxahSfXDFVdclg%2FWUQX3E9ms%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 778efee5cd0a922c-FRA
x-backend-server: aa-reachservice-group-europe-west1-v578
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 96ms
72ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 778efee54c72922c-FRA
content-length: 24
content-type: text/plain
date: Tue, 13 Dec 2022 13:20:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Ikx4jh%2BkyYAZx8AZ9KGZb99CM6aDwYnTC0vZ%2Bzh8MTxcbeBun45csUCIzzle%2FAKyemyNk9g%2F7qRtyzDCVYCvn3CZR3HBx869CO6FxJr4kajPa9Z1SfWWvvTkI4Ofyy8fSn8Xk8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-v578

GET
H2 200 css
fonts.googleapis.com/ Frame D797 6 KB
1 KB 40ms
18ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=1494116191&adf=318908456&pi=t.ma~as.8056121513&w=708&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=708x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610068&bpp=1&bdt=250&idt=447&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=2613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=rKEU3RRVTo&p=https%3A//zin.aly2um.com&dtd=451

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Dec 2022 13:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 13 Dec 2022 11:39:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Dec 2022 13:20:11 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame D797 2 KB
765 B 28ms
11ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:12:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Dec 2022 22:12:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame D797 23 KB
9 KB 26ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2307
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 12:41:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame D797 3 KB
1 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:52:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 12:52:02 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D797 0
0 50ms
50ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cmd_tCnyYY-HvId-T78EPrLyL-AKV0ODdbMawvPy4EITDyfWiDhABIIz55H9gleKQgqAHoAGvh_HAA8gBCagDAcgDywSqBLkCT9DmGU53U2iviDk880hpJbLQrTQG7ZnP6jUbt8Hn4tDx2byLNPoQfH6vKKjIyh6awN1fYmDgf4c9yr5cUaGNue7YcM2iwCy00Y3nKSVAzgEYORIAJF67mDPfn7itEbjRzz0bRX8q-TIgfvrxNzns12cDyf7Rm27oPiAul7paF8RrFxP-vxzIdhonaOA3zYHVmu6bfea7xQ3ZOrR5PmjxbHhQNMSnrFZGzqPhVK5vbmJv7T4_gwADEdCRfWEvDzeubP7uZM7ZdrVU8nkZxMa0vTIbbixm5vOUPUIX09TmMHaYrzOjwwJBAt4Z6fjIG4PQ_q0Z8M3HnlzC53NrZSqDDUReMfuR5YgrwqoJB1UeYFj0ED-HCpOwnKGXMN58XAhVgLfGRHrTx2T7N27C81EpAFGqNtu-LfKyx8AEuNDAj-oDkgUECAQYAZIFBAgFGASgBi6AB7n4jj-oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCJ_wPSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEw2IFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItODEyODA1NTYyMzc5MDU2NhgA&sigh=z5UB81x0t9w&uach_m=[UACH]&cid=CAQSKQDq26N9Bf5F41jmmeY1cHoTltexfhTTPKSEi__m7HfYah0_bYiGE9kDGAEgEw&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=1494116191&adf=318908456&pi=t.ma~as.8056121513&w=708&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=708x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610068&bpp=1&bdt=250&idt=447&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=2613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=rKEU3RRVTo&p=https%3A//zin.aly2um.com&dtd=451
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 13 Dec 2022 13:20:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame D797 18 KB
7 KB 16ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:04:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54922
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Dec 2022 22:04:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D797 0
0 33ms
15ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT_rdCbLHnwY72prewXZbnD1nAk8nnbRh-tvJXLer_O8yYqDWZmpSxPg2_S0vvWOZIbf7nPmfUKcPLTq1A-nAwj0SiOhA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=1494116191&adf=318908456&pi=t.ma~as.8056121513&w=708&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=708x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610068&bpp=1&bdt=250&idt=447&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=2613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=rKEU3RRVTo&p=https%3A//zin.aly2um.com&dtd=451
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D797 153 KB
47 KB 34ms
16ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 13:20:11 GMT

GET
H2 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame D797 34 KB
14 KB 35ms
7ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 21:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Mar 2023 21:34:40 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/16866621681641673410/ Frame D797 17 KB
17 KB 15ms
12ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16866621681641673410/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d044a2264146023baf11dbf8a92bc7b22d261fb0b28b7eba9b0800df97044da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:06:55 GMT
x-content-type-options: nosniff
age: 54796
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16983
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 08:15:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 12 Dec 2023 22:06:55 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/148005111901592305/ Frame D797 3 KB
3 KB 16ms
13ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/148005111901592305/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

570601095835bf7f6804506220e0b1bfb2cb2fdd118de9133cef8c983d3a48b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 11:27:52 GMT
x-content-type-options: nosniff
age: 179539
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3301
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 05:03:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 11 Dec 2023 11:27:52 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6292 1 KB
643 B 8ms
7ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 8315
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 11:01:36 GMT
etag: 48472445140208031
expires: Wed, 14 Dec 2022 11:01:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D797 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86cb6f05fa0dee255981570d03efff932e1fe1fd2e0e8827f26c0b215ee02df7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6292
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJGlEa3lLFI-pgOblmU11f0&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJGlEa3lLFI-pgOblmU11f0&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eWxFbkZEa3kxUDU1Y0Q1&google_gid=CAESEJGlEa3lLFI-pgOblmU11f0&google_cver=1&google_push=ASkJ3FbbDhVjG7XLct8sl4zQTv--K11i1SNXO7otTpgUZE3...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eWxFbkZEa3kxUDU1Y0Q1&google_gid=CAESEJGlEa3lLFI-pgOblmU11f0&google_cver=1&google_push=ASkJ3FbbDhVjG7XLct8sl4zQTv--K11i1SNXO7otTpgUZE3KMeSTaM1oO8h1F62jGwdeEsnOVQngqDjN03DiXLDBS36YZC8t3tT4bOM

Requested by

Host: zin.aly2um.com
URL: https://zin.aly2um.com/282/what-are-the-ways-to-profit-from-the-internet?qa-rewrite=282/what-are-the-ways-to-profit-from-the-internet&show=283

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 13:20:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 13:20:11 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-01cc22a724fa3318b@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eWxFbkZEa3kxUDU1Y0Q1&google_gid=CAESEJGlEa3lLFI-pgOblmU11f0&google_cver=1&google_push=ASkJ3FbbDhVjG7XLct8sl4zQTv--K11i1SNXO7otTpgUZE3KMeSTaM1oO8h1F62jGwdeEsnOVQngqDjN03DiXLDBS36YZC8t3tT4bOM
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6292
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBfGUYXHta2D_3Lvh4RQ-Ys&google_cver=1&google_push=ASkJ3FZcIUMKSzMHJhB0g9SYf8b_AmQvhAXv1c2aEVZaKynsDkH1eO_sSy3Ix7pOrJjlPJKsF8c3lJJZoBDVx_UU...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FZcIUMKSzMHJhB0g9SYf8b_AmQvhAXv1c2aEVZaKynsDkH1eO_sSy3Ix7pOrJjlPJKsF8c3lJJZoBDVx_UUetQLvsFQP-kyrXc

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FZcIUMKSzMHJhB0g9SYf8b_AmQvhAXv1c2aEVZaKynsDkH1eO_sSy3Ix7pOrJjlPJKsF8c3lJJZoBDVx_UUetQLvsFQP-kyrXc

Requested by

Host: zin.aly2um.com
URL: https://zin.aly2um.com/282/what-are-the-ways-to-profit-from-the-internet?qa-rewrite=282/what-are-the-ways-to-profit-from-the-internet&show=283

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 13:20:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 13 Dec 2022 13:20:11 GMT
Server: MT3 180 1fd3e2d master zrh-pixel-x2 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FZcIUMKSzMHJhB0g9SYf8b_AmQvhAXv1c2aEVZaKynsDkH1eO_sSy3Ix7pOrJjlPJKsF8c3lJJZoBDVx_UUetQLvsFQP-kyrXc
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 13 Dec 2022 13:20:10 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6292
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELREaY0S4KPi8OApJEsLJz4&google_cver=1&google_push=ASkJ3Fb9hSJOs-3CxJW0uSriVVa_IuNlE8MYeJnfsiJGxkUmqfO5U8SCZvAtHqHUnZHT85XyYqQnUd_j9sw...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3Fb9hSJOs-3CxJW0uSriVVa_IuNlE8MYeJnfsiJGxkUmqfO5U8SCZvAtHqHUnZHT85XyYqQnUd_j9swxqwYQmpAXXdVxwoqAnU8&google_hm=VgGjozbBT96M_3ziF...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3Fb9hSJOs-3CxJW0uSriVVa_IuNlE8MYeJnfsiJGxkUmqfO5U8SCZvAtHqHUnZHT85XyYqQnUd_j9swxqwYQmpAXXdVxwoqAnU8&google_hm=VgGjozbBT96M_3ziFQF6Yyw

Requested by

Host: zin.aly2um.com
URL: https://zin.aly2um.com/282/what-are-the-ways-to-profit-from-the-internet?qa-rewrite=282/what-are-the-ways-to-profit-from-the-internet&show=283

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 13:20:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 13:20:11 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3Fb9hSJOs-3CxJW0uSriVVa_IuNlE8MYeJnfsiJGxkUmqfO5U8SCZvAtHqHUnZHT85XyYqQnUd_j9swxqwYQmpAXXdVxwoqAnU8&google_hm=VgGjozbBT96M_3ziFQF6Yyw
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 6292 0
173 B 40ms
16ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEKJgcT5liVlHJWE1gnNcJ6I&google_cver=1&google_push=ASkJ3FaNeFYziQ8Ok0Gr5XOJKDYkjgAr_K2kEiCEUAtwD1EvHDcubwTxAcHsi-ELMphKF0BlRc9wTVp0AYjlSQ96OS_SSNi8QVYGuuw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=1494116191&adf=318908456&pi=t.ma~as.8056121513&w=708&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=708x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610068&bpp=1&bdt=250&idt=447&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=2613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=rKEU3RRVTo&p=https%3A//zin.aly2um.com&dtd=451
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:11 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6292
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGg2HmKuu86v3v3Yt3NuPq4&google_cver=1&google_push=ASkJ3FaFKc3OAfukWKT2EWvZuM2b6_GblSrfIjLE5NtEfiCcjtQFzNCrDqjnuovNtdRSBmA-2SicrdIrYz1IYsKlDX-pPb4...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FaFKc3OAfukWKT2EWvZuM2b6_GblSrfIjLE5NtEfiCcjtQFzNCrDqjnuovNtdRSBmA-2SicrdIrYz1IYsKlDX-pPb4NZPcqWw&google_hm=eS1ISHlHSW5aRTJwR3ZE...

170 B
188 B

19ms
19ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FaFKc3OAfukWKT2EWvZuM2b6_GblSrfIjLE5NtEfiCcjtQFzNCrDqjnuovNtdRSBmA-2SicrdIrYz1IYsKlDX-pPb4NZPcqWw&google_hm=eS1ISHlHSW5aRTJwR3ZEOFltX01mSnFrTzFiYUJKV2ZRQX5B

Requested by

Host: zin.aly2um.com
URL: https://zin.aly2um.com/282/what-are-the-ways-to-profit-from-the-internet?qa-rewrite=282/what-are-the-ways-to-profit-from-the-internet&show=283

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 13:20:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 13 Dec 2022 13:20:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FaFKc3OAfukWKT2EWvZuM2b6_GblSrfIjLE5NtEfiCcjtQFzNCrDqjnuovNtdRSBmA-2SicrdIrYz1IYsKlDX-pPb4NZPcqWw&google_hm=eS1ISHlHSW5aRTJwR3ZEOFltX01mSnFrTzFiYUJKV2ZRQX5B
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 6292 43 B
350 B 84ms
17ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEDksc3ZIidsaSuLqwHpVYhg&google_cver=1&google_push=ASkJ3Faoa_JkNubnTHshpQHGz0EwyPf2YXTJsoqhd-DNJYqdYPXBlCxxi_JFqBb6XbexgOX6xYN93uhj2iFizDTEEFZmEtm_qt1yYqo
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=1494116191&adf=318908456&pi=t.ma~as.8056121513&w=708&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=708x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610068&bpp=1&bdt=250&idt=447&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=2613&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=rKEU3RRVTo&p=https%3A//zin.aly2um.com&dtd=451
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 13:20:10 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 73o7ecd9stiigvt35f0fgg6jipie6u7q

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6292
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEO4trDRkIwVHJp9pbSXltBA&google_cver=1&google_push=ASkJ3FYnEGqyrmpq09E8YUx3FCsSPM2sUkiZYFnBydSYikGBOYPAnn1bF_swguXRIQFloKu8G5Dfi96Htcs_...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FYnEGqyrmpq09E8YUx3FCsSPM2sUkiZYFnBydSYikGBOYPAnn1bF_swguXRIQFloKu8G5Dfi96Htcs_rnSCW72BHYPWfRB6hR8

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FYnEGqyrmpq09E8YUx3FCsSPM2sUkiZYFnBydSYikGBOYPAnn1bF_swguXRIQFloKu8G5Dfi96Htcs_rnSCW72BHYPWfRB6hR8

Requested by

Host: zin.aly2um.com
URL: https://zin.aly2um.com/282/what-are-the-ways-to-profit-from-the-internet?qa-rewrite=282/what-are-the-ways-to-profit-from-the-internet&show=283

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 13:20:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FYnEGqyrmpq09E8YUx3FCsSPM2sUkiZYFnBydSYikGBOYPAnn1bF_swguXRIQFloKu8G5Dfi96Htcs_rnSCW72BHYPWfRB6hR8
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6292 0
12 B 16ms
15ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LSgxJOzuwgAfRwz6wr4szV_yx1LZocL2mCCpNeFxg0p60pJCzPNha-81eReLW07j3M2hNf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D797 15 KB
15 KB 32ms
9ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 20:40:44 GMT
x-content-type-options: nosniff
age: 319167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 20:40:44 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D797 15 KB
16 KB 35ms
14ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 74119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 16:44:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D797 15 KB
16 KB 24ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 409076
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Dec 2023 19:42:15 GMT

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 348A 36 KB
16 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 17:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 242777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 17:53:54 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 15F5 9 KB
4 KB 52ms
52ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=23576%2C197100%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=600&e=&g=bf92725a7f1b2e1fb403a7607fad7f85%2F11620189090447810728&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1670937611204&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8g0xs2a7v8raa2fsmn3vydpdfgvkabn5khms7v0dgdfytdgy6ymkcrh8gpz06hf16ane1433t6f12yajc8s4htk6wy442phh9f6rme6d1arkzw9byr5xvc0ywen0dz52zr09px6b4v53wm0p1xs47qq0hvngyty4e77d5typy5p3tsbkqbgcavha7hg3k197af91d6pthsqdbf33ctr5shwbzjnma7njcznqcdjgsy8aqmpkddfwrqch35cxn1cm98fxm2rd7eemb3rdz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdrTfCnyYY7ykIJPm6wTMoqPwAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxMjgwNTU2MjM3OTA1NjbIAQmpAjSmC2Z_rrE-qAMBqgSzAk_Q_vkUj_myxmGl2sU7Y1WL_6d2cRrPklMBTvhu3TEZbY1PxfTCZXYaHEi3Dj3rxtNKVK_604yadWlldetC9KqYrd7jc-VhOMMThFfBwGqkkauKgCmbYiAn7hyETPRq0HmV6891aKOvZwqCbgaXTQZ7M174ylYFvLmmekz1_WZgAos-ayOBBMF6UXRplyG4Ky7DurTKYoWN-_6oP-80DqeJyf57OWB2jVE_2J6lcJlPqge5kfVfZKsBLkJT-9oXBLV_8BV27vh8a1Ir7qYHC4Nk1ksSCh17aBrcuvEzAi720FPjpQ9qSCJAPLBSyH4cNPAU2L78vFEKagDfKQOfElEx6CqO2410zGIWEUOn1cJZ-8g6r6Y-GO5EiqDBLG7W3NrM-IjLvpycUtRL1QVILbhyVpCABqW1lt3sx4bT_gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1hALIwRquZqsYTqmweESdjdD9-1g%2526client%253Dca-pub-8128055623790566%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7ecc41f2b7fbe0cdd45f767bbbf92ea567eb11eb34102babdfaf9206d675ddf

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hghz6gqk7vjdgmfdvrbz9bvesm47ngs9cz1cydzsf7vm7ntk1y5zqjw5esq37t75p8gfr8g2hrh7tekfe22gz87bv26xv7sssrbw0zm9tqk84whek7wtgn1mjrze859gv3e2szwczf40ccxk6zjdyxqtrmgf2hbx43mhh6aapnkw3tge45fymgpzg4pj6bp1bs4r8m28jkhec55ncmhcttyyx4c0gj9n8g77xvr710z0xc9ygrr3vpk0y1e36ek7qhc5s8rnxww3f0s0r0wphbnv9w9e7etsjnaf3e612sbvpq00e7tj18xp07kznmmn18zn8j84ce0j2g1yqytk70y0qt9sbfa479nv03h0gk3vn1sz55pm8drta64q48bvaggge94ec5xe8maypd1fgqse7da553mfkejdddjqj9yydc6qv1kt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdrTfCnyYY7ykIJPm6wTMoqPwAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxMjgwNTU2MjM3OTA1NjbIAQmpAjSmC2Z_rrE-qAMBqgSzAk_Q_vkUj_myxmGl2sU7Y1WL_6d2cRrPklMBTvhu3TEZbY1PxfTCZXYaHEi3Dj3rxtNKVK_604yadWlldetC9KqYrd7jc-VhOMMThFfBwGqkkauKgCmbYiAn7hyETPRq0HmV6891aKOvZwqCbgaXTQZ7M174ylYFvLmmekz1_WZgAos-ayOBBMF6UXRplyG4Ky7DurTKYoWN-_6oP-80DqeJyf57OWB2jVE_2J6lcJlPqge5kfVfZKsBLkJT-9oXBLV_8BV27vh8a1Ir7qYHC4Nk1ksSCh17aBrcuvEzAi720FPjpQ9qSCJAPLBSyH4cNPAU2L78vFEKagDfKQOfElEx6CqO2410zGIWEUOn1cJZ-8g6r6Y-GO5EiqDBLG7W3NrM-IjLvpycUtRL1QVILbhyVpCABqW1lt3sx4bT_gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1hALIwRquZqsYTqmweESdjdD9-1g%26client%3Dca-pub-8128055623790566%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 778efee65a279a05-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 13:20:11 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 15F5 89 KB
11 KB 26ms
24ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=600&e=&g=bf92725a7f1b2e1fb403a7607fad7f85%2F11620189090447810728&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1670937611204&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8g0xs2a7v8raa2fsmn3vydpdfgvkabn5khms7v0dgdfytdgy6ymkcrh8gpz06hf16ane1433t6f12yajc8s4htk6wy442phh9f6rme6d1arkzw9byr5xvc0ywen0dz52zr09px6b4v53wm0p1xs47qq0hvngyty4e77d5typy5p3tsbkqbgcavha7hg3k197af91d6pthsqdbf33ctr5shwbzjnma7njcznqcdjgsy8aqmpkddfwrqch35cxn1cm98fxm2rd7eemb3rdz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdrTfCnyYY7ykIJPm6wTMoqPwAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxMjgwNTU2MjM3OTA1NjbIAQmpAjSmC2Z_rrE-qAMBqgSzAk_Q_vkUj_myxmGl2sU7Y1WL_6d2cRrPklMBTvhu3TEZbY1PxfTCZXYaHEi3Dj3rxtNKVK_604yadWlldetC9KqYrd7jc-VhOMMThFfBwGqkkauKgCmbYiAn7hyETPRq0HmV6891aKOvZwqCbgaXTQZ7M174ylYFvLmmekz1_WZgAos-ayOBBMF6UXRplyG4Ky7DurTKYoWN-_6oP-80DqeJyf57OWB2jVE_2J6lcJlPqge5kfVfZKsBLkJT-9oXBLV_8BV27vh8a1Ir7qYHC4Nk1ksSCh17aBrcuvEzAi720FPjpQ9qSCJAPLBSyH4cNPAU2L78vFEKagDfKQOfElEx6CqO2410zGIWEUOn1cJZ-8g6r6Y-GO5EiqDBLG7W3NrM-IjLvpycUtRL1QVILbhyVpCABqW1lt3sx4bT_gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1hALIwRquZqsYTqmweESdjdD9-1g%2526client%253Dca-pub-8128055623790566%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=600&e=&g=bf92725a7f1b2e1fb403a7607fad7f85%2F11620189090447810728&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1670937611204&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8g0xs2a7v8raa2fsmn3vydpdfgvkabn5khms7v0dgdfytdgy6ymkcrh8gpz06hf16ane1433t6f12yajc8s4htk6wy442phh9f6rme6d1arkzw9byr5xvc0ywen0dz52zr09px6b4v53wm0p1xs47qq0hvngyty4e77d5typy5p3tsbkqbgcavha7hg3k197af91d6pthsqdbf33ctr5shwbzjnma7njcznqcdjgsy8aqmpkddfwrqch35cxn1cm98fxm2rd7eemb3rdz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdrTfCnyYY7ykIJPm6wTMoqPwAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxMjgwNTU2MjM3OTA1NjbIAQmpAjSmC2Z_rrE-qAMBqgSzAk_Q_vkUj_myxmGl2sU7Y1WL_6d2cRrPklMBTvhu3TEZbY1PxfTCZXYaHEi3Dj3rxtNKVK_604yadWlldetC9KqYrd7jc-VhOMMThFfBwGqkkauKgCmbYiAn7hyETPRq0HmV6891aKOvZwqCbgaXTQZ7M174ylYFvLmmekz1_WZgAos-ayOBBMF6UXRplyG4Ky7DurTKYoWN-_6oP-80DqeJyf57OWB2jVE_2J6lcJlPqge5kfVfZKsBLkJT-9oXBLV_8BV27vh8a1Ir7qYHC4Nk1ksSCh17aBrcuvEzAi720FPjpQ9qSCJAPLBSyH4cNPAU2L78vFEKagDfKQOfElEx6CqO2410zGIWEUOn1cJZ-8g6r6Y-GO5EiqDBLG7W3NrM-IjLvpycUtRL1QVILbhyVpCABqW1lt3sx4bT_gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1hALIwRquZqsYTqmweESdjdD9-1g%2526client%253Dca-pub-8128055623790566%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 1977
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3BjFhOWp2Oun7qMCsrIwGqqhnsg%2Fx%2BYtaTjhIrLBALdRBA3xOI1JmN18rh79rmHqyDvorgaRqyU4Ld1pXsZ9Aycu2zWTN%2BQpUJ%2BPBGD9ak1q4fQaZyBa%2BmoCNwjfty3jvIWlEiainA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 778efee6db219a05-FRA
expires: Tue, 13 Dec 2022 14:20:11 GMT

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 15F5 53 KB
54 KB 68ms
55ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=600&e=&g=bf92725a7f1b2e1fb403a7607fad7f85%2F11620189090447810728&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1670937611204&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8g0xs2a7v8raa2fsmn3vydpdfgvkabn5khms7v0dgdfytdgy6ymkcrh8gpz06hf16ane1433t6f12yajc8s4htk6wy442phh9f6rme6d1arkzw9byr5xvc0ywen0dz52zr09px6b4v53wm0p1xs47qq0hvngyty4e77d5typy5p3tsbkqbgcavha7hg3k197af91d6pthsqdbf33ctr5shwbzjnma7njcznqcdjgsy8aqmpkddfwrqch35cxn1cm98fxm2rd7eemb3rdz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdrTfCnyYY7ykIJPm6wTMoqPwAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxMjgwNTU2MjM3OTA1NjbIAQmpAjSmC2Z_rrE-qAMBqgSzAk_Q_vkUj_myxmGl2sU7Y1WL_6d2cRrPklMBTvhu3TEZbY1PxfTCZXYaHEi3Dj3rxtNKVK_604yadWlldetC9KqYrd7jc-VhOMMThFfBwGqkkauKgCmbYiAn7hyETPRq0HmV6891aKOvZwqCbgaXTQZ7M174ylYFvLmmekz1_WZgAos-ayOBBMF6UXRplyG4Ky7DurTKYoWN-_6oP-80DqeJyf57OWB2jVE_2J6lcJlPqge5kfVfZKsBLkJT-9oXBLV_8BV27vh8a1Ir7qYHC4Nk1ksSCh17aBrcuvEzAi720FPjpQ9qSCJAPLBSyH4cNPAU2L78vFEKagDfKQOfElEx6CqO2410zGIWEUOn1cJZ-8g6r6Y-GO5EiqDBLG7W3NrM-IjLvpycUtRL1QVILbhyVpCABqW1lt3sx4bT_gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1hALIwRquZqsYTqmweESdjdD9-1g%2526client%253Dca-pub-8128055623790566%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2591856
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54564
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X907bqsXoiybiGdWq5sN1rkIzsH9VL5bSw7THeQS7nMhr3vl5MTk9faxrElSXWTbxfZSpswIARGZo9swforgzp4NjySw0hW%2FHpYJlJTwt4JyE3c3rj6KfrcGKCofmhT6%2FrzbUYBW8xAX9EeM"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 778efee6eead9a17-FRA
expires: Wed, 14 Dec 2022 13:20:11 GMT

GET
H2 200 F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 15F5 23 KB
23 KB 29ms
20ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=600&e=&g=bf92725a7f1b2e1fb403a7607fad7f85%2F11620189090447810728&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1670937611204&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8g0xs2a7v8raa2fsmn3vydpdfgvkabn5khms7v0dgdfytdgy6ymkcrh8gpz06hf16ane1433t6f12yajc8s4htk6wy442phh9f6rme6d1arkzw9byr5xvc0ywen0dz52zr09px6b4v53wm0p1xs47qq0hvngyty4e77d5typy5p3tsbkqbgcavha7hg3k197af91d6pthsqdbf33ctr5shwbzjnma7njcznqcdjgsy8aqmpkddfwrqch35cxn1cm98fxm2rd7eemb3rdz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdrTfCnyYY7ykIJPm6wTMoqPwAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxMjgwNTU2MjM3OTA1NjbIAQmpAjSmC2Z_rrE-qAMBqgSzAk_Q_vkUj_myxmGl2sU7Y1WL_6d2cRrPklMBTvhu3TEZbY1PxfTCZXYaHEi3Dj3rxtNKVK_604yadWlldetC9KqYrd7jc-VhOMMThFfBwGqkkauKgCmbYiAn7hyETPRq0HmV6891aKOvZwqCbgaXTQZ7M174ylYFvLmmekz1_WZgAos-ayOBBMF6UXRplyG4Ky7DurTKYoWN-_6oP-80DqeJyf57OWB2jVE_2J6lcJlPqge5kfVfZKsBLkJT-9oXBLV_8BV27vh8a1Ir7qYHC4Nk1ksSCh17aBrcuvEzAi720FPjpQ9qSCJAPLBSyH4cNPAU2L78vFEKagDfKQOfElEx6CqO2410zGIWEUOn1cJZ-8g6r6Y-GO5EiqDBLG7W3NrM-IjLvpycUtRL1QVILbhyVpCABqW1lt3sx4bT_gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1hALIwRquZqsYTqmweESdjdD9-1g%2526client%253Dca-pub-8128055623790566%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1179672
cf-polished: qual=85, origFmt=jpeg, origSize=132437
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23154
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Dec 2021 17:51:23 GMT
server: cloudflare
etag: "c348b177953ac5720836c04e1a21673d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LDeHXx91QO0ST6LDaKjeU9HjKls5qR8sC4sy5kQTxlWHVXs6CzzL3c8zhSSkE41atFPACMjvC%2F5kZ93Wnco8lgfM52dOkVgQuYDIyAmGjfx%2BRKYQ6vu6%2Fomlyo4DQxJX3uxhgGvEujsz53tk"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 778efee6eea69a17-FRA
expires: Wed, 14 Dec 2022 13:20:11 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 15F5
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CPGiktbX9vsCFQ0b4AodRa0Nkg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022121314201179466590193X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Ne...

49 B
1 KB

70ms
29ms

Image
image/gif

88.99.63.132
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022121314201179466590193X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022121314201179466590193X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=120211&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=600&e=&g=bf92725a7f1b2e1fb403a7607fad7f85%2F11620189090447810728&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1670937611204&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8g0xs2a7v8raa2fsmn3vydpdfgvkabn5khms7v0dgdfytdgy6ymkcrh8gpz06hf16ane1433t6f12yajc8s4htk6wy442phh9f6rme6d1arkzw9byr5xvc0ywen0dz52zr09px6b4v53wm0p1xs47qq0hvngyty4e77d5typy5p3tsbkqbgcavha7hg3k197af91d6pthsqdbf33ctr5shwbzjnma7njcznqcdjgsy8aqmpkddfwrqch35cxn1cm98fxm2rd7eemb3rdz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdrTfCnyYY7ykIJPm6wTMoqPwAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxMjgwNTU2MjM3OTA1NjbIAQmpAjSmC2Z_rrE-qAMBqgSzAk_Q_vkUj_myxmGl2sU7Y1WL_6d2cRrPklMBTvhu3TEZbY1PxfTCZXYaHEi3Dj3rxtNKVK_604yadWlldetC9KqYrd7jc-VhOMMThFfBwGqkkauKgCmbYiAn7hyETPRq0HmV6891aKOvZwqCbgaXTQZ7M174ylYFvLmmekz1_WZgAos-ayOBBMF6UXRplyG4Ky7DurTKYoWN-_6oP-80DqeJyf57OWB2jVE_2J6lcJlPqge5kfVfZKsBLkJT-9oXBLV_8BV27vh8a1Ir7qYHC4Nk1ksSCh17aBrcuvEzAi720FPjpQ9qSCJAPLBSyH4cNPAU2L78vFEKagDfKQOfElEx6CqO2410zGIWEUOn1cJZ-8g6r6Y-GO5EiqDBLG7W3NrM-IjLvpycUtRL1QVILbhyVpCABqW1lt3sx4bT_gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1hALIwRquZqsYTqmweESdjdD9-1g%2526client%253Dca-pub-8128055623790566%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 88.99.63.132 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads3.sunbonet.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 13:20:11 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2022121314201179466590193X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022121314201179466590193X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=120211&partnerid=12218
date: Tue, 13 Dec 2022 13:20:11 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 15F5 9 KB
9 KB 61ms
54ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=600&e=&g=bf92725a7f1b2e1fb403a7607fad7f85%2F11620189090447810728&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1670937611204&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8g0xs2a7v8raa2fsmn3vydpdfgvkabn5khms7v0dgdfytdgy6ymkcrh8gpz06hf16ane1433t6f12yajc8s4htk6wy442phh9f6rme6d1arkzw9byr5xvc0ywen0dz52zr09px6b4v53wm0p1xs47qq0hvngyty4e77d5typy5p3tsbkqbgcavha7hg3k197af91d6pthsqdbf33ctr5shwbzjnma7njcznqcdjgsy8aqmpkddfwrqch35cxn1cm98fxm2rd7eemb3rdz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdrTfCnyYY7ykIJPm6wTMoqPwAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxMjgwNTU2MjM3OTA1NjbIAQmpAjSmC2Z_rrE-qAMBqgSzAk_Q_vkUj_myxmGl2sU7Y1WL_6d2cRrPklMBTvhu3TEZbY1PxfTCZXYaHEi3Dj3rxtNKVK_604yadWlldetC9KqYrd7jc-VhOMMThFfBwGqkkauKgCmbYiAn7hyETPRq0HmV6891aKOvZwqCbgaXTQZ7M174ylYFvLmmekz1_WZgAos-ayOBBMF6UXRplyG4Ky7DurTKYoWN-_6oP-80DqeJyf57OWB2jVE_2J6lcJlPqge5kfVfZKsBLkJT-9oXBLV_8BV27vh8a1Ir7qYHC4Nk1ksSCh17aBrcuvEzAi720FPjpQ9qSCJAPLBSyH4cNPAU2L78vFEKagDfKQOfElEx6CqO2410zGIWEUOn1cJZ-8g6r6Y-GO5EiqDBLG7W3NrM-IjLvpycUtRL1QVILbhyVpCABqW1lt3sx4bT_gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1hALIwRquZqsYTqmweESdjdD9-1g%2526client%253Dca-pub-8128055623790566%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2388377
cf-polished: origFmt=png, origSize=24833
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9258
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5VGW7tuNR%2FH%2Fsp6pL5I251PWQfzy%2F%2FR9a6vbHjldbwvcdrPQlHG%2BPYRpoyrS5xtV7cKtVip1CyEBDG%2BmImBVmqMCGU02nZrBW8ia6uIbmJPM5YESKPED8eTr2vFiSeEFRvTcG12lwVRGtlH4"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 778efee6eeac9a17-FRA
expires: Wed, 14 Dec 2022 13:20:11 GMT

GET
H2 200 FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
assets.ad4m.at/product_image/ Frame 15F5 20 KB
20 KB 43ms
35ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=600&e=&g=bf92725a7f1b2e1fb403a7607fad7f85%2F11620189090447810728&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1670937611204&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8g0xs2a7v8raa2fsmn3vydpdfgvkabn5khms7v0dgdfytdgy6ymkcrh8gpz06hf16ane1433t6f12yajc8s4htk6wy442phh9f6rme6d1arkzw9byr5xvc0ywen0dz52zr09px6b4v53wm0p1xs47qq0hvngyty4e77d5typy5p3tsbkqbgcavha7hg3k197af91d6pthsqdbf33ctr5shwbzjnma7njcznqcdjgsy8aqmpkddfwrqch35cxn1cm98fxm2rd7eemb3rdz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdrTfCnyYY7ykIJPm6wTMoqPwAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxMjgwNTU2MjM3OTA1NjbIAQmpAjSmC2Z_rrE-qAMBqgSzAk_Q_vkUj_myxmGl2sU7Y1WL_6d2cRrPklMBTvhu3TEZbY1PxfTCZXYaHEi3Dj3rxtNKVK_604yadWlldetC9KqYrd7jc-VhOMMThFfBwGqkkauKgCmbYiAn7hyETPRq0HmV6891aKOvZwqCbgaXTQZ7M174ylYFvLmmekz1_WZgAos-ayOBBMF6UXRplyG4Ky7DurTKYoWN-_6oP-80DqeJyf57OWB2jVE_2J6lcJlPqge5kfVfZKsBLkJT-9oXBLV_8BV27vh8a1Ir7qYHC4Nk1ksSCh17aBrcuvEzAi720FPjpQ9qSCJAPLBSyH4cNPAU2L78vFEKagDfKQOfElEx6CqO2410zGIWEUOn1cJZ-8g6r6Y-GO5EiqDBLG7W3NrM-IjLvpycUtRL1QVILbhyVpCABqW1lt3sx4bT_gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1hALIwRquZqsYTqmweESdjdD9-1g%2526client%253Dca-pub-8128055623790566%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2319140
cf-polished: qual=85, origFmt=jpeg, origSize=85977
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20094
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 16:32:10 GMT
server: cloudflare
etag: "115bea0885590f780802fd14548a1cde"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXGLX4JXtiNq4hhDXeSBHQlA8kFwl8DEkIN%2BcjFEyA5fbt7f%2BMUxGsEq5b8hgW%2FOgmN%2FlecYdcme5i51XJcwdMuAjc2Nf%2FRenMeW7NnrRfZATfspiXWN8qBK7kBDKQCPw7WQqNaZA4D1hay5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 778efee6eea89a17-FRA
expires: Wed, 14 Dec 2022 13:20:11 GMT

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame 15F5
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CNmlktbX9vsCFZyXdwodSVcMMQ;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=reach_SUBIDTEST_view
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022121314201179466590195X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0

49 B
1 KB

84ms
17ms

Image
image/gif

88.99.63.132
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022121314201179466590195X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=600&e=&g=bf92725a7f1b2e1fb403a7607fad7f85%2F11620189090447810728&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1670937611204&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8g0xs2a7v8raa2fsmn3vydpdfgvkabn5khms7v0dgdfytdgy6ymkcrh8gpz06hf16ane1433t6f12yajc8s4htk6wy442phh9f6rme6d1arkzw9byr5xvc0ywen0dz52zr09px6b4v53wm0p1xs47qq0hvngyty4e77d5typy5p3tsbkqbgcavha7hg3k197af91d6pthsqdbf33ctr5shwbzjnma7njcznqcdjgsy8aqmpkddfwrqch35cxn1cm98fxm2rd7eemb3rdz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdrTfCnyYY7ykIJPm6wTMoqPwAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxMjgwNTU2MjM3OTA1NjbIAQmpAjSmC2Z_rrE-qAMBqgSzAk_Q_vkUj_myxmGl2sU7Y1WL_6d2cRrPklMBTvhu3TEZbY1PxfTCZXYaHEi3Dj3rxtNKVK_604yadWlldetC9KqYrd7jc-VhOMMThFfBwGqkkauKgCmbYiAn7hyETPRq0HmV6891aKOvZwqCbgaXTQZ7M174ylYFvLmmekz1_WZgAos-ayOBBMF6UXRplyG4Ky7DurTKYoWN-_6oP-80DqeJyf57OWB2jVE_2J6lcJlPqge5kfVfZKsBLkJT-9oXBLV_8BV27vh8a1Ir7qYHC4Nk1ksSCh17aBrcuvEzAi720FPjpQ9qSCJAPLBSyH4cNPAU2L78vFEKagDfKQOfElEx6CqO2410zGIWEUOn1cJZ-8g6r6Y-GO5EiqDBLG7W3NrM-IjLvpycUtRL1QVILbhyVpCABqW1lt3sx4bT_gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1hALIwRquZqsYTqmweESdjdD9-1g%2526client%253Dca-pub-8128055623790566%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 88.99.63.132 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads3.sunbonet.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 13:20:11 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2022121314201179466590195X117663V1225131106MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0
date: Tue, 13 Dec 2022 13:20:11 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame 15F5 16 KB
16 KB 28ms
22ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=600&e=&g=bf92725a7f1b2e1fb403a7607fad7f85%2F11620189090447810728&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1670937611204&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8g0xs2a7v8raa2fsmn3vydpdfgvkabn5khms7v0dgdfytdgy6ymkcrh8gpz06hf16ane1433t6f12yajc8s4htk6wy442phh9f6rme6d1arkzw9byr5xvc0ywen0dz52zr09px6b4v53wm0p1xs47qq0hvngyty4e77d5typy5p3tsbkqbgcavha7hg3k197af91d6pthsqdbf33ctr5shwbzjnma7njcznqcdjgsy8aqmpkddfwrqch35cxn1cm98fxm2rd7eemb3rdz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdrTfCnyYY7ykIJPm6wTMoqPwAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxMjgwNTU2MjM3OTA1NjbIAQmpAjSmC2Z_rrE-qAMBqgSzAk_Q_vkUj_myxmGl2sU7Y1WL_6d2cRrPklMBTvhu3TEZbY1PxfTCZXYaHEi3Dj3rxtNKVK_604yadWlldetC9KqYrd7jc-VhOMMThFfBwGqkkauKgCmbYiAn7hyETPRq0HmV6891aKOvZwqCbgaXTQZ7M174ylYFvLmmekz1_WZgAos-ayOBBMF6UXRplyG4Ky7DurTKYoWN-_6oP-80DqeJyf57OWB2jVE_2J6lcJlPqge5kfVfZKsBLkJT-9oXBLV_8BV27vh8a1Ir7qYHC4Nk1ksSCh17aBrcuvEzAi720FPjpQ9qSCJAPLBSyH4cNPAU2L78vFEKagDfKQOfElEx6CqO2410zGIWEUOn1cJZ-8g6r6Y-GO5EiqDBLG7W3NrM-IjLvpycUtRL1QVILbhyVpCABqW1lt3sx4bT_gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1hALIwRquZqsYTqmweESdjdD9-1g%2526client%253Dca-pub-8128055623790566%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e07d58c68b83a3c283f75063f562aadc164ebb7cf068ffaef89bdde5011c3da8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 66801
cf-polished: origFmt=png, origSize=39979
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15996
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:07:55 GMT
server: cloudflare
etag: "ad9334664514d900a0c3b76d17ca960f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIqiZkrQRxeLr6ud3hwJUHXaf0EBU3KSxOmt3MXXwlAkQ1wJefO96IDFNmROsjO5ze1rKCBHQVmmcSrej%2Bf3EEtgfeAfOnOXIyzaecdvcwrp%2BxfiivDQvrAt0aH3AWJyDJNvnBhS4sxdFGHc"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 778efee6eeaf9a17-FRA
expires: Wed, 14 Dec 2022 13:20:11 GMT

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 15F5 222 KB
222 KB 30ms
24ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=600&e=&g=bf92725a7f1b2e1fb403a7607fad7f85%2F11620189090447810728&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1670937611204&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8g0xs2a7v8raa2fsmn3vydpdfgvkabn5khms7v0dgdfytdgy6ymkcrh8gpz06hf16ane1433t6f12yajc8s4htk6wy442phh9f6rme6d1arkzw9byr5xvc0ywen0dz52zr09px6b4v53wm0p1xs47qq0hvngyty4e77d5typy5p3tsbkqbgcavha7hg3k197af91d6pthsqdbf33ctr5shwbzjnma7njcznqcdjgsy8aqmpkddfwrqch35cxn1cm98fxm2rd7eemb3rdz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdrTfCnyYY7ykIJPm6wTMoqPwAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxMjgwNTU2MjM3OTA1NjbIAQmpAjSmC2Z_rrE-qAMBqgSzAk_Q_vkUj_myxmGl2sU7Y1WL_6d2cRrPklMBTvhu3TEZbY1PxfTCZXYaHEi3Dj3rxtNKVK_604yadWlldetC9KqYrd7jc-VhOMMThFfBwGqkkauKgCmbYiAn7hyETPRq0HmV6891aKOvZwqCbgaXTQZ7M174ylYFvLmmekz1_WZgAos-ayOBBMF6UXRplyG4Ky7DurTKYoWN-_6oP-80DqeJyf57OWB2jVE_2J6lcJlPqge5kfVfZKsBLkJT-9oXBLV_8BV27vh8a1Ir7qYHC4Nk1ksSCh17aBrcuvEzAi720FPjpQ9qSCJAPLBSyH4cNPAU2L78vFEKagDfKQOfElEx6CqO2410zGIWEUOn1cJZ-8g6r6Y-GO5EiqDBLG7W3NrM-IjLvpycUtRL1QVILbhyVpCABqW1lt3sx4bT_gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1hALIwRquZqsYTqmweESdjdD9-1g%2526client%253Dca-pub-8128055623790566%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67004
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 226916
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lWWkF5Saux7SElsWqjyYv77S7WTgxX7iyONmubu5em841CdsE5SiZ7Xi4T7sCecl9K48S6HtW6UFs3MI65yXnze1Y5uWQujcUNB74lwpYWK5kLEjL0qdc%2FqPqDd3maSoHmecTOQi7uKKhUWA"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 778efee6eeb19a17-FRA
expires: Wed, 14 Dec 2022 13:20:11 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame 15F5
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1670937611_df390210-7ae8-11ed-9f2f-2266c0ccb091&insert=AW&&gdpr=0&gdpr_consent=

0
1 KB

129ms
98ms

Image
text/html

2606:4700::6812:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1670937611_df390210-7ae8-11ed-9f2f-2266c0ccb091&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C197100%2C322829&b=3bgFpf14UZrZU7HrHAtEt997f8TWTRead%2CQpKH4fdjUPKXduxH5HYtGtZZrTDT4TzPFV%2CbwqTQfYZsqZ3EHYHbHztKtw7duxTJTJPSJ&f=WrpSrfYdswkwTYH5HjtDCXXGaPTET4QF2%2C23Yh6fAqfj6ekCVHWHktwCxx5FWT7TKBTg%2C3bgFpf14UV1xMf7HrHAtXC9REt8TWTRead&c=300&d=600&e=&g=bf92725a7f1b2e1fb403a7607fad7f85%2F11620189090447810728&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1670937611204&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8g0xs2a7v8raa2fsmn3vydpdfgvkabn5khms7v0dgdfytdgy6ymkcrh8gpz06hf16ane1433t6f12yajc8s4htk6wy442phh9f6rme6d1arkzw9byr5xvc0ywen0dz52zr09px6b4v53wm0p1xs47qq0hvngyty4e77d5typy5p3tsbkqbgcavha7hg3k197af91d6pthsqdbf33ctr5shwbzjnma7njcznqcdjgsy8aqmpkddfwrqch35cxn1cm98fxm2rd7eemb3rdz0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCdrTfCnyYY7ykIJPm6wTMoqPwAZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTgxMjgwNTU2MjM3OTA1NjbIAQmpAjSmC2Z_rrE-qAMBqgSzAk_Q_vkUj_myxmGl2sU7Y1WL_6d2cRrPklMBTvhu3TEZbY1PxfTCZXYaHEi3Dj3rxtNKVK_604yadWlldetC9KqYrd7jc-VhOMMThFfBwGqkkauKgCmbYiAn7hyETPRq0HmV6891aKOvZwqCbgaXTQZ7M174ylYFvLmmekz1_WZgAos-ayOBBMF6UXRplyG4Ky7DurTKYoWN-_6oP-80DqeJyf57OWB2jVE_2J6lcJlPqge5kfVfZKsBLkJT-9oXBLV_8BV27vh8a1Ir7qYHC4Nk1ksSCh17aBrcuvEzAi720FPjpQ9qSCJAPLBSyH4cNPAU2L78vFEKagDfKQOfElEx6CqO2410zGIWEUOn1cJZ-8g6r6Y-GO5EiqDBLG7W3NrM-IjLvpycUtRL1QVILbhyVpCABqW1lt3sx4bT_gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1hALIwRquZqsYTqmweESdjdD9-1g%2526client%253Dca-pub-8128055623790566%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:11 GMT
via: 1.1 additional-webserver-blue-115j (Varnish/7.2)
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000
age: 0
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=ldwK15L6R9Px0H1c.bY9lDtMSPaqzM_Up3X_pZwMZlI-1670937611-0-ARbCX4etHwnO0zMUWI3Qzd43s27sJWewXkrAoztOSEKcJSd1IItEjaXvh5GknuDalm4mh92bb7C2MdcVMChEXPw; report-to cf-csp-endpoint
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=ldwK15L6R9Px0H1c.bY9lDtMSPaqzM_Up3X_pZwMZlI-1670937611-0-ARbCX4etHwnO0zMUWI3Qzd43s27sJWewXkrAoztOSEKcJSd1IItEjaXvh5GknuDalm4mh92bb7C2MdcVMChEXPw"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: text/html; charset=UTF-8
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish: 153730504
cache-control: no-cache
cf-ray: 778efee7ed719a05-FRA
expires: -1

Redirect headers

Date: Tue, 13 Dec 2022 13:20:11 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1670937611_df390210-7ae8-11ed-9f2f-2266c0ccb091&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 css
fonts.googleapis.com/ Frame DC3C 6 KB
672 B 37ms
17ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=488872744&adf=1056458448&pi=t.ma~as.8056121513&w=1004&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=1004x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610069&bpp=1&bdt=251&idt=455&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0f85da2c0f5c613-2235508ffad90014%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MaFea2_a-5Gk0bO8liZeeOSA2Cemw&gpic=UID%3D00000b91b5a5521f%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MYlwjHyBEdS_i-MludlzjmyJVvvhA&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=4002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RIkFbkpX36&p=https%3A//zin.aly2um.com&dtd=458

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Dec 2022 13:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 13 Dec 2022 12:04:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Dec 2022 13:20:11 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame DC3C 2 KB
765 B 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=488872744&adf=1056458448&pi=t.ma~as.8056121513&w=1004&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=1004x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610069&bpp=1&bdt=251&idt=455&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0f85da2c0f5c613-2235508ffad90014%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MaFea2_a-5Gk0bO8liZeeOSA2Cemw&gpic=UID%3D00000b91b5a5521f%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MYlwjHyBEdS_i-MludlzjmyJVvvhA&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=4002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RIkFbkpX36&p=https%3A//zin.aly2um.com&dtd=458

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:12:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Dec 2022 22:12:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame DC3C 23 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=488872744&adf=1056458448&pi=t.ma~as.8056121513&w=1004&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=1004x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610069&bpp=1&bdt=251&idt=455&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0f85da2c0f5c613-2235508ffad90014%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MaFea2_a-5Gk0bO8liZeeOSA2Cemw&gpic=UID%3D00000b91b5a5521f%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MYlwjHyBEdS_i-MludlzjmyJVvvhA&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=4002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RIkFbkpX36&p=https%3A//zin.aly2um.com&dtd=458

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2307
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 12:41:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame DC3C 3 KB
1 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=488872744&adf=1056458448&pi=t.ma~as.8056121513&w=1004&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=1004x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610069&bpp=1&bdt=251&idt=455&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0f85da2c0f5c613-2235508ffad90014%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MaFea2_a-5Gk0bO8liZeeOSA2Cemw&gpic=UID%3D00000b91b5a5521f%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MYlwjHyBEdS_i-MludlzjmyJVvvhA&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=4002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RIkFbkpX36&p=https%3A//zin.aly2um.com&dtd=458

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:52:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 12:52:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame DC3C 18 KB
7 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=488872744&adf=1056458448&pi=t.ma~as.8056121513&w=1004&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=1004x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610069&bpp=1&bdt=251&idt=455&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0f85da2c0f5c613-2235508ffad90014%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MaFea2_a-5Gk0bO8liZeeOSA2Cemw&gpic=UID%3D00000b91b5a5521f%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MYlwjHyBEdS_i-MludlzjmyJVvvhA&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=4002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RIkFbkpX36&p=https%3A//zin.aly2um.com&dtd=458

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:04:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54922
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Dec 2022 22:04:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DC3C 0
0 21ms
16ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTI7YCnwL_MekEFm90TVwzG0An3kYtl_wbtuJmTw5wEZOPARUv6j4gCr2aQkYKms8HJtLHs8wOYDuGmRtrZac-_Kj9usA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=488872744&adf=1056458448&pi=t.ma~as.8056121513&w=1004&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=1004x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610069&bpp=1&bdt=251&idt=455&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0f85da2c0f5c613-2235508ffad90014%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MaFea2_a-5Gk0bO8liZeeOSA2Cemw&gpic=UID%3D00000b91b5a5521f%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MYlwjHyBEdS_i-MludlzjmyJVvvhA&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=4002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RIkFbkpX36&p=https%3A//zin.aly2um.com&dtd=458
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DC3C 153 KB
47 KB 29ms
24ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=488872744&adf=1056458448&pi=t.ma~as.8056121513&w=1004&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=1004x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610069&bpp=1&bdt=251&idt=455&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0f85da2c0f5c613-2235508ffad90014%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MaFea2_a-5Gk0bO8liZeeOSA2Cemw&gpic=UID%3D00000b91b5a5521f%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MYlwjHyBEdS_i-MludlzjmyJVvvhA&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=4002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RIkFbkpX36&p=https%3A//zin.aly2um.com&dtd=458

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 13:20:11 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame DC3C 34 KB
14 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=488872744&adf=1056458448&pi=t.ma~as.8056121513&w=1004&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=1004x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610069&bpp=1&bdt=251&idt=455&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0f85da2c0f5c613-2235508ffad90014%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MaFea2_a-5Gk0bO8liZeeOSA2Cemw&gpic=UID%3D00000b91b5a5521f%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MYlwjHyBEdS_i-MludlzjmyJVvvhA&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=4002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RIkFbkpX36&p=https%3A//zin.aly2um.com&dtd=458

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 21:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Mar 2023 21:34:40 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DC3C 0
0 55ms
53ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C35OTCnyYY_TTIsHg6wSUlLaQBN-Bwvhq__WqnaUMx9zz_QgQASCM-eR_YJXikIKgB6ABmsOXtQLIAQmpAhc1-u9Fs7E-qAMByAPLBKoEvgJP0E1p_lGn_k2xepgjnTjLBOPZNN0kbcxkiguSGPIM1M1M8cxA1z_UnPUuyevdBcmXsr9_cd7aJrrj1zdEQIskqOS85_BFKxhQW-_X75JH4Hnzn8OKv5XllCwNtHBb0N_LX6aWQmqyPFtezeoSm79aR1sqiXBPaYhlckjBXAUezdZFSt__lIXKK7Fk7d7pInfYLJildAxD5lgoILcnxPijeRAlcQKnZxKoDRNDCdMkKDy1KuZGWpyYEyGfO_tG83_NsqDEj8wEeQuOmwQEiR6OyPlrUK5rq1fIJwvU3CwVH7BVQz0h-FRykl17KttpKpg9lX6YxLViG9JIlzycSbG-5SG8UoyRHwmMchYyldSO4-DyrpCMCHCIbUScUKCzJUeBYsmhUZv3zRpGr0tAN6b68BLRsbDEAMchHaGtTYnABMHP_J37ApIFBAgEGAGSBQQIBRgEoAYugAfOvOjKAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELuBBtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDYgUHtAVAZgWAYAXAbIXHAoaCAASFHB1Yi04MTI4MDU1NjIzNzkwNTY2GAA&sigh=x-6FGx1qMKU&uach_m=[UACH]&cid=CAQSPADq26N9hNoZuQ7RoRgaldv69OgO2BhezmdGCJ3eFFz_68QQQS6U_mKDMcumUX1tQYcWRiQqJXda9VELqxgBIBM&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=488872744&adf=1056458448&pi=t.ma~as.8056121513&w=1004&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=1004x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610069&bpp=1&bdt=251&idt=455&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0f85da2c0f5c613-2235508ffad90014%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MaFea2_a-5Gk0bO8liZeeOSA2Cemw&gpic=UID%3D00000b91b5a5521f%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MYlwjHyBEdS_i-MludlzjmyJVvvhA&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=4002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RIkFbkpX36&p=https%3A//zin.aly2um.com&dtd=458

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=488872744&adf=1056458448&pi=t.ma~as.8056121513&w=1004&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=1004x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610069&bpp=1&bdt=251&idt=455&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0f85da2c0f5c613-2235508ffad90014%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MaFea2_a-5Gk0bO8liZeeOSA2Cemw&gpic=UID%3D00000b91b5a5521f%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MYlwjHyBEdS_i-MludlzjmyJVvvhA&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=4002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RIkFbkpX36&p=https%3A//zin.aly2um.com&dtd=458
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 13 Dec 2022 13:20:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/2184778718649488380/ Frame DC3C 24 KB
24 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2184778718649488380/14763004658117789537

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=488872744&adf=1056458448&pi=t.ma~as.8056121513&w=1004&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=1004x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610069&bpp=1&bdt=251&idt=455&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0f85da2c0f5c613-2235508ffad90014%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MaFea2_a-5Gk0bO8liZeeOSA2Cemw&gpic=UID%3D00000b91b5a5521f%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MYlwjHyBEdS_i-MludlzjmyJVvvhA&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=4002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RIkFbkpX36&p=https%3A//zin.aly2um.com&dtd=458

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c01d73ac6f9135b027a0f681b43346d04d49e797a517157f64ad433302beeafe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 14:30:33 GMT
x-content-type-options: nosniff
age: 168578
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24137
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 03:03:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 11 Dec 2023 14:30:33 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A697 1 KB
643 B 10ms
10ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=488872744&adf=1056458448&pi=t.ma~as.8056121513&w=1004&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=1004x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610069&bpp=1&bdt=251&idt=455&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0f85da2c0f5c613-2235508ffad90014%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MaFea2_a-5Gk0bO8liZeeOSA2Cemw&gpic=UID%3D00000b91b5a5521f%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MYlwjHyBEdS_i-MludlzjmyJVvvhA&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=4002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RIkFbkpX36&p=https%3A//zin.aly2um.com&dtd=458

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 8315
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 11:01:36 GMT
etag: 48472445140208031
expires: Wed, 14 Dec 2022 11:01:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DC3C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 079f2c31a45931ca4136136a9961eb262e3a322e277efc146cefa8d10b600604

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 9BCC 6 KB
672 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=748x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610066&bpp=2&bdt=248&idt=436&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=dM6szvdXjl&p=https%3A//zin.aly2um.com&dtd=442

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Dec 2022 13:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 13 Dec 2022 11:28:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Dec 2022 13:20:11 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 9BCC 2 KB
765 B 9ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=748x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610066&bpp=2&bdt=248&idt=436&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=dM6szvdXjl&p=https%3A//zin.aly2um.com&dtd=442

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:12:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Dec 2022 22:12:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 9BCC 23 KB
9 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=748x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610066&bpp=2&bdt=248&idt=436&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=dM6szvdXjl&p=https%3A//zin.aly2um.com&dtd=442

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2307
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 12:41:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 9BCC 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=748x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610066&bpp=2&bdt=248&idt=436&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=dM6szvdXjl&p=https%3A//zin.aly2um.com&dtd=442

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 12:52:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 12:52:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 9BCC 18 KB
7 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=748x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610066&bpp=2&bdt=248&idt=436&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=dM6szvdXjl&p=https%3A//zin.aly2um.com&dtd=442

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:04:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54922
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Dec 2022 22:04:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9BCC 153 KB
47 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=748x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610066&bpp=2&bdt=248&idt=436&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=dM6szvdXjl&p=https%3A//zin.aly2um.com&dtd=442

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 13:20:11 GMT

GET
H3 200 148b897ed20242fb53e65c70a8c63c89.js Show response
www.gstatic.com/mysidia/ Frame 9BCC 34 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=748x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610066&bpp=2&bdt=248&idt=436&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=dM6szvdXjl&p=https%3A//zin.aly2um.com&dtd=442

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 20:17:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 320534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14307
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 09 Mar 2023 20:17:57 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame A697
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEC425pA2MTasfjoLja_o2zo&google_cver=1&google_push=ASkJ3FbN8ZZMJirI6_EIDaKSelRFJ03_z9fN6VRwPdhDhLebirCU4kfJ3jvuKWNgf5KIry9KUErX3lTXChCocIvqUEoXjOq6mFIzdQ
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDA0NDc0Mzk2MzY3NDExMDIzNQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEClIJfN0TnzaQNoNKx7zpeU&google_cver=1

43 B
398 B

116ms
26ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEClIJfN0TnzaQNoNKx7zpeU&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 13 Dec 2022 13:20:11 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 13:20:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEClIJfN0TnzaQNoNKx7zpeU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame A697 35 B
463 B 49ms
10ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBDYB-l-nRtSXmum0jzjCmg&google_cver=1&google_push=ASkJ3FZ5fYjm8xbgDr6jNaY7eBST5N_gKpcz-VlTnBdGkkw3Tai8Ot75iVYYB8uEx7686B9p2ScCFEY84gRctt6acyafWZpi1AlagJA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=488872744&adf=1056458448&pi=t.ma~as.8056121513&w=1004&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=1004x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610069&bpp=1&bdt=251&idt=455&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0f85da2c0f5c613-2235508ffad90014%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MaFea2_a-5Gk0bO8liZeeOSA2Cemw&gpic=UID%3D00000b91b5a5521f%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MYlwjHyBEdS_i-MludlzjmyJVvvhA&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=4002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RIkFbkpX36&p=https%3A//zin.aly2um.com&dtd=458

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 13:20:11 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame A697 43 B
356 B 48ms
17ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEPSuhWQ7bO8XyFHsjIYLMFE&google_push=ASkJ3Fak1MM1sQdRc345bYVknjpr1xJtytsGMCbw4KSAKp8Yr-cL-2QswQNusKUqi3mqabxoYY-h2jKFUsy3YXqeHWLYl1zUxpMxXBU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=488872744&adf=1056458448&pi=t.ma~as.8056121513&w=1004&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=1004x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610069&bpp=1&bdt=251&idt=455&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0f85da2c0f5c613-2235508ffad90014%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MaFea2_a-5Gk0bO8liZeeOSA2Cemw&gpic=UID%3D00000b91b5a5521f%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MYlwjHyBEdS_i-MludlzjmyJVvvhA&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=4002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RIkFbkpX36&p=https%3A//zin.aly2um.com&dtd=458
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 13:20:11 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 trk
ag.innovid.com/ Frame A697 43 B
296 B 251ms
21ms Image
image/gif 2a05:d01c:1d8:8102:1f82:7aa0:f039:aca9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEIhsx4N3OXkjk30wLF1dkj4&google_cver=1&google_push=ASkJ3FYgVv5mUdbGGHkOAYHxrA8KGGuE-yK7seTpEevRfud9qrKPGEkaKrzphupbs2jg4Oo4ilHMBOrsXLw2FS_66zVr8u8vYM40jA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=488872744&adf=1056458448&pi=t.ma~as.8056121513&w=1004&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=1004x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610069&bpp=1&bdt=251&idt=455&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0f85da2c0f5c613-2235508ffad90014%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MaFea2_a-5Gk0bO8liZeeOSA2Cemw&gpic=UID%3D00000b91b5a5521f%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MYlwjHyBEdS_i-MludlzjmyJVvvhA&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=4002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RIkFbkpX36&p=https%3A//zin.aly2um.com&dtd=458
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:1f82:7aa0:f039:aca9 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 13 Dec 2022 13:20:11 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A697
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGEtX8MXQe4Nxj3jSz2gXLs&google_cver=1&google_push=ASkJ3FYSITDZ1VfhL6d0fPmmDhHbS4DWJPUl2Cgw6LxvlVZCy4Lq6Y59hZLYqBLmfg6nmwf2Ec46yHYos9mO...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FYSITDZ1VfhL6d0fPmmDhHbS4DWJPUl2Cgw6LxvlVZCy4Lq6Y59hZLYqBLmfg6nmwf2Ec46yHYos9mODREE3hNbBNQc84BcLRk

170 B
188 B

20ms
20ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FYSITDZ1VfhL6d0fPmmDhHbS4DWJPUl2Cgw6LxvlVZCy4Lq6Y59hZLYqBLmfg6nmwf2Ec46yHYos9mODREE3hNbBNQc84BcLRk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=488872744&adf=1056458448&pi=t.ma~as.8056121513&w=1004&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=1004x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610069&bpp=1&bdt=251&idt=455&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0f85da2c0f5c613-2235508ffad90014%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MaFea2_a-5Gk0bO8liZeeOSA2Cemw&gpic=UID%3D00000b91b5a5521f%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MYlwjHyBEdS_i-MludlzjmyJVvvhA&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=4002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RIkFbkpX36&p=https%3A//zin.aly2um.com&dtd=458

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 13:20:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FYSITDZ1VfhL6d0fPmmDhHbS4DWJPUl2Cgw6LxvlVZCy4Lq6Y59hZLYqBLmfg6nmwf2Ec46yHYos9mODREE3hNbBNQc84BcLRk
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A697
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEL...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ASkJ3FbHo_QLgigAsrC3CyFIo_kXYBPj9lh99nXPRgYsOkHOMznTpvfp4ZadkpGNgT1nDweX2PAXWRixaNpJz9STPoFOUDi8_kDT1sI&redir=https%3A%2F%2Fcm.g.do...
https://sync.targeting.unrulymedia.com/csync/RX-99563dfd-7979-43f8-87e7-574e1715eeea-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3FbHo_QLgigAsrC3CyFIo...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FbHo_QLgigAsrC3CyFIo_kXYBPj9lh99nXPRgYsOkHOMznTpvfp4ZadkpGNgT1nDweX2PAXWRixaNpJz9STPoFOUDi8_kDT1sI&google_hm=A5lWPf15eUP4h-dXThcV7uo

170 B
188 B

23ms
22ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FbHo_QLgigAsrC3CyFIo_kXYBPj9lh99nXPRgYsOkHOMznTpvfp4ZadkpGNgT1nDweX2PAXWRixaNpJz9STPoFOUDi8_kDT1sI&google_hm=A5lWPf15eUP4h-dXThcV7uo

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 13:20:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FbHo_QLgigAsrC3CyFIo_kXYBPj9lh99nXPRgYsOkHOMznTpvfp4ZadkpGNgT1nDweX2PAXWRixaNpJz9STPoFOUDi8_kDT1sI&google_hm=A5lWPf15eUP4h-dXThcV7uo
date: Tue, 13 Dec 2022 13:20:11 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX99563dfd797943f887e7574e1715eeea003
content-type: text/html

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame A697 0
75 B 103ms
25ms Image
text/plain 185.86.137.108
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEMwelD9MV5yXwzDXluo1qms&google_cver=1&google_push=ASkJ3FZyg1l33t1KJS-zZ5Z7cRwNli2AvZRr_QGywEFuwj9tBp0ApE8iLfXl-ozXlLvOk7ZYSgxTelYPNpZMB8QbDN-WbZcjhSB7WDs
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=488872744&adf=1056458448&pi=t.ma~as.8056121513&w=1004&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=1004x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610069&bpp=1&bdt=251&idt=455&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0f85da2c0f5c613-2235508ffad90014%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MaFea2_a-5Gk0bO8liZeeOSA2Cemw&gpic=UID%3D00000b91b5a5521f%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MYlwjHyBEdS_i-MludlzjmyJVvvhA&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=4002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RIkFbkpX36&p=https%3A//zin.aly2um.com&dtd=458
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.108 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:10 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A697 0
12 B 18ms
15ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LJg5LM6OGmYb87FsSdqivC83RIr2HFY6hmjZrYuP7MttnD5sRjUlf2NM1EmWVW-hK4Jg6a

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=488872744&adf=1056458448&pi=t.ma~as.8056121513&w=1004&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=1004x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610069&bpp=1&bdt=251&idt=455&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0f85da2c0f5c613-2235508ffad90014%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MaFea2_a-5Gk0bO8liZeeOSA2Cemw&gpic=UID%3D00000b91b5a5521f%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MYlwjHyBEdS_i-MludlzjmyJVvvhA&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=4002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RIkFbkpX36&p=https%3A//zin.aly2um.com&dtd=458

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9BCC 0
0 55ms
55ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cc2jxCnyYY_CjIYzF6gTOrIHwB9-Bwvhq__WqnaUMx9zz_QgQASCM-eR_YJXikIKgB6ABmsOXtQLIAQmpAhc1-u9Fs7E-qAMByAPLBKoEvQJP0HlVEYEWmzqGOllG7O64MqdUJbMsFdVJa4Y9FgEE-v3VTYH6mOu6Audad12RIYN-BqezCLGyAr6-iJ0iQLtT_iRiQt1V7AF3XqH0hmbPZVuLCKYiN-2omEoTu4whmmtbPeA-jxtSs1bwXfzeJNVEeBxmXGr6l8Aaj6Y2qLmVNXeBjwohu2prxvKfVJX_anfatI1Qm36rR14u-H3htsm47iQap-F2v3JTu1lUK9g7FYY9lTuLbxIzt0WnS3jUuadaInl9PIUi33hAtzxUu3O0ZzLWpkcnm3WvRWXSO5GRhIcyZYBZ7OwO333RPOovzA65mEVGEdapiobSMpH3-sYYQn_KypkxRqteIwCLfhtDRKlXmjL965_QAQMh7OnvdB67JqT1a9bpQ7KC8vWvQcC6eWaIuhB7csYS9JkUIsAEwc_8nfsCkgUECAQYAZIFBAgFGASgBi6AB8686MoBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQvM4X0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMNiBQe0BUBmBYBgBcBshccChoIABIUcHViLTgxMjgwNTU2MjM3OTA1NjYYAA&sigh=yDTL5d7NQik&uach_m=[UACH]&cid=CAQSKQDq26N9lB1bMsps-dKsCl4yTM-D0dZpRGXu7-0wYUr9hKPsgbfQtTGPGAEgEw&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=748x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610066&bpp=2&bdt=248&idt=436&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=dM6szvdXjl&p=https%3A//zin.aly2um.com&dtd=442

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=748x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610066&bpp=2&bdt=248&idt=436&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=dM6szvdXjl&p=https%3A//zin.aly2um.com&dtd=442
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 13 Dec 2022 13:20:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/2184778718649488380/ Frame 9BCC 24 KB
24 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2184778718649488380/14763004658117789537

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=748x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610066&bpp=2&bdt=248&idt=436&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=dM6szvdXjl&p=https%3A//zin.aly2um.com&dtd=442

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c01d73ac6f9135b027a0f681b43346d04d49e797a517157f64ad433302beeafe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 14:30:33 GMT
x-content-type-options: nosniff
age: 168578
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24137
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 03:03:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 11 Dec 2023 14:30:33 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DC3C 15 KB
16 KB 27ms
10ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 74119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 16:44:52 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DC3C 15 KB
15 KB 25ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 20:40:44 GMT
x-content-type-options: nosniff
age: 319167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 20:40:44 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DC3C 15 KB
15 KB 29ms
13ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 409076
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Dec 2023 19:42:15 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8F0A 1 KB
643 B 7ms
7ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=748x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610066&bpp=2&bdt=248&idt=436&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=dM6szvdXjl&p=https%3A//zin.aly2um.com&dtd=442

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 8315
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 11:01:36 GMT
etag: 48472445140208031
expires: Wed, 14 Dec 2022 11:01:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9BCC 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1da03473020dd917c9efaccf19a21ba5851f4521b3474b7cb475703787175da2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9BCC 15 KB
16 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 74119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 16:44:52 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9BCC 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 20:40:44 GMT
x-content-type-options: nosniff
age: 319167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 20:40:44 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9BCC 15 KB
15 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 409076
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Dec 2023 19:42:15 GMT

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 8AC1 36 KB
16 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=488872744&adf=1056458448&pi=t.ma~as.8056121513&w=1004&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=1004x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610069&bpp=1&bdt=251&idt=455&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df0f85da2c0f5c613-2235508ffad90014%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MaFea2_a-5Gk0bO8liZeeOSA2Cemw&gpic=UID%3D00000b91b5a5521f%3AT%3D1670937610%3ART%3D1670937610%3AS%3DALNI_MYlwjHyBEdS_i-MludlzjmyJVvvhA&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=4002&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=RIkFbkpX36&p=https%3A//zin.aly2um.com&dtd=458

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 17:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 242777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 17:53:54 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8F0A
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELFhklS3xRjS0opa30O54Sk&google_cver=1&google_push=ASkJ3FZRDlbwizwnffnTWIucKLCAFJdrhmQGBHQM8dZbi0CHLnIsRsoUx7...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FZRDlbwizwnffnTWIucKLCAFJdrhmQGBHQM8dZbi0CHLnIsRsoUx7PQQDScHjolfkkE-DpbdSZfaWuZ53gxnxJSbxnUwnzFNFyr&google_hm=1eJMbCtX...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FZRDlbwizwnffnTWIucKLCAFJdrhmQGBHQM8dZbi0CHLnIsRsoUx7PQQDScHjolfkkE-DpbdSZfaWuZ53gxnxJSbxnUwnzFNFyr&google_hm=1eJMbCtXBWR60ule1RUnuQ

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 13:20:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FZRDlbwizwnffnTWIucKLCAFJdrhmQGBHQM8dZbi0CHLnIsRsoUx7PQQDScHjolfkkE-DpbdSZfaWuZ53gxnxJSbxnUwnzFNFyr&google_hm=1eJMbCtXBWR60ule1RUnuQ
pragma: no-cache
date: Tue, 13 Dec 2022 13:20:11 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 8F0A 0
104 B 203ms
67ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFH7mBGib-y8qE2XH4CoXs4&google_cver=1&google_push=ASkJ3Fah3cwDTpKhGMM-FQUMiOb_yfISl7-09oKnd92rPiqJrWxG5x27jWs7pPSNqXgK-Gz3kQjSmWJwwx0si_Ryn25umxxcWR4iG7Q0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=748x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610066&bpp=2&bdt=248&idt=436&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=dM6szvdXjl&p=https%3A//zin.aly2um.com&dtd=442
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 13:20:11 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 8F0A
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGulKU7wlLc7dUAdmpIlwko&google_cver=1&google_push=ASkJ3FYHHFZGZjQIBmX86fQ5waHCo1mt_kkC8HNGd5U0OHrFBvn2TLOY5sLLQWJBYUoh3JyCiG7CzKOjUgvOTLaqiNtSThP0YL96a...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGulKU7wlLc7dUAdmpIlwko&google_cver=1&google_push=ASkJ3FYHHFZGZjQIBmX86fQ5waHCo1mt_kkC8HNGd5U0OHrFBvn2TLOY5sLLQWJBYUoh3JyCiG7CzKOjUgvOTLaqiNtSThP0YL9...

43 B
437 B

188ms
178ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGulKU7wlLc7dUAdmpIlwko&google_cver=1&google_push=ASkJ3FYHHFZGZjQIBmX86fQ5waHCo1mt_kkC8HNGd5U0OHrFBvn2TLOY5sLLQWJBYUoh3JyCiG7CzKOjUgvOTLaqiNtSThP0YL96aT9t&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FYHHFZGZjQIBmX86fQ5waHCo1mt_kkC8HNGd5U0OHrFBvn2TLOY5sLLQWJBYUoh3JyCiG7CzKOjUgvOTLaqiNtSThP0YL96aT9t%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 13:20:12 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 778efeea387a90be-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 13:20:11 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 205
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGulKU7wlLc7dUAdmpIlwko&google_cver=1&google_push=ASkJ3FYHHFZGZjQIBmX86fQ5waHCo1mt_kkC8HNGd5U0OHrFBvn2TLOY5sLLQWJBYUoh3JyCiG7CzKOjUgvOTLaqiNtSThP0YL96aT9t&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FYHHFZGZjQIBmX86fQ5waHCo1mt_kkC8HNGd5U0OHrFBvn2TLOY5sLLQWJBYUoh3JyCiG7CzKOjUgvOTLaqiNtSThP0YL96aT9t%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 778efee90eb090be-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 8F0A 70 B
264 B 34ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAwR7h9chJdKmPTW5CkS68c&google_cver=1&google_push=ASkJ3FZSmgFTiceN_lqCFNBcN0S1x3HU8v9eq7CuVxRNmZzXey1SvOpTxjRNpeQ3a4EjuEFLIZykpZaq7RAiibMAeZsd8uwiXpYp9QVb
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=748x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610066&bpp=2&bdt=248&idt=436&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=dM6szvdXjl&p=https%3A//zin.aly2um.com&dtd=442
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 13 Dec 2022 13:20:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8F0A
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEE4O84mA6-nErKfh7yJGK1E&google_cver=1&google_push=ASkJ3FZhAr1Ex_VhQLJE7Yqs048Du718k6G_5oe_RmOsO8u2qopF_L80OGZUfX7hQ7guZECNT91jFzf6dSGVZrYj...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hJlUk21lSSKWY8CEKazhzg2&google_push=ASkJ3FZhAr1Ex_VhQLJE7Yqs048Du718k6G_5oe_RmOsO8u2qopF_L80OGZUfX7hQ7guZECNT91jFzf6dSGVZrYja8TFyOvZczheqZI

170 B
188 B

19ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hJlUk21lSSKWY8CEKazhzg2&google_push=ASkJ3FZhAr1Ex_VhQLJE7Yqs048Du718k6G_5oe_RmOsO8u2qopF_L80OGZUfX7hQ7guZECNT91jFzf6dSGVZrYja8TFyOvZczheqZI

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 13:20:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 13 Dec 2022 13:20:11 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hJlUk21lSSKWY8CEKazhzg2&google_push=ASkJ3FZhAr1Ex_VhQLJE7Yqs048Du718k6G_5oe_RmOsO8u2qopF_L80OGZUfX7hQ7guZECNT91jFzf6dSGVZrYja8TFyOvZczheqZI
x-host: tde-deliveryengine-production-769c9db745-qp4bn
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 sync
odr.mookie1.com/t/v2/ Frame 8F0A 43 B
61 B 26ms
17ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEDw7y3jKo8c4HGW9t-2Zqh8&google_push=ASkJ3FZC6H_aMSjRa-82pYnKDU1_SDXwT6TjFgnjsDHpDJYoyEhl0JfsRmgT_2d8xf-gblHxuu--w9NbixCdVNH4xhZU-_MzZqhYLCUm&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=748x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610066&bpp=2&bdt=248&idt=436&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=dM6szvdXjl&p=https%3A//zin.aly2um.com&dtd=442
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 13:20:11 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8F0A
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK...
https://sync.targeting.unrulymedia.com/csync/RX-99563dfd-7979-43f8-87e7-574e1715eeea-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3FZpiGmvUXw-bTNRjNqWC...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FZpiGmvUXw-bTNRjNqWCY18eUPCblLXe67Cjy2MZW8Pfhtx6i85xFq2Spq7Kd5GY6MxnYFfAankZCursANn2voPHxHIGpv8iNxn&google_hm=A5lWPf15eUP4h-dXThcV7uo

170 B
188 B

22ms
20ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FZpiGmvUXw-bTNRjNqWCY18eUPCblLXe67Cjy2MZW8Pfhtx6i85xFq2Spq7Kd5GY6MxnYFfAankZCursANn2voPHxHIGpv8iNxn&google_hm=A5lWPf15eUP4h-dXThcV7uo

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 13:20:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3FZpiGmvUXw-bTNRjNqWCY18eUPCblLXe67Cjy2MZW8Pfhtx6i85xFq2Spq7Kd5GY6MxnYFfAankZCursANn2voPHxHIGpv8iNxn&google_hm=A5lWPf15eUP4h-dXThcV7uo
date: Tue, 13 Dec 2022 13:20:11 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX99563dfd797943f887e7574e1715eeea003
content-type: text/html

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8F0A 0
12 B 39ms
38ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LuHPWZonW6ltGjyeabETDEovfLMcmPYetLP0Vd_6Xkk81WykNeAsRdHC3TzVyK0PReydNs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=748x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610066&bpp=2&bdt=248&idt=436&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=dM6szvdXjl&p=https%3A//zin.aly2um.com&dtd=442

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 73ms
58ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

554d043cfa312960869bc5862b211e6cdd0281053b611226bec8c982810db60c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zin.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11089
x-xss-protection: 0

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 0380 36 KB
16 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8128055623790566&output=html&h=280&slotname=8056121513&adk=2921927375&adf=1528403788&pi=t.ma~as.8056121513&w=748&fwrn=4&fwrnh=100&lmt=1670937610&rafmt=1&format=748x280&url=https%3A%2F%2Fzin.aly2um.com%2F282%2Fwhat-are-the-ways-to-profit-from-the-internet%3Fqa-rewrite%3D282%2Fwhat-are-the-ways-to-profit-from-the-internet%26show%3D283&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670937610066&bpp=2&bdt=248&idt=436&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=1374757132781&frm=20&pv=1&ga_vid=2091613118.1670937610&ga_sid=1670937610&ga_hid=670198428&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071251%2C44773746%2C44780792&oid=2&pvsid=787587052804805&tmod=1110957587&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=dM6szvdXjl&p=https%3A//zin.aly2um.com&dtd=442

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 17:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 242777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 17:53:54 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zin.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 13:20:11 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 55C8 13 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zin.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1240
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 12:59:31 GMT
expires: Wed, 13 Dec 2023 12:59:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7656 783 B
535 B 18ms
17ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

107e0c75cdfb6c878d15fd2da5741689b8187f5a757b2cad5ecf193ff7afee6c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rGaGp2iMmX2gLxOWD6KHrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zin.aly2um.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-rGaGp2iMmX2gLxOWD6KHrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 13:20:11 GMT
expires: Tue, 13 Dec 2022 13:20:11 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 55C8 36 KB
16 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 17:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 242777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 17:53:54 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7656 0
0 149ms
149ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=787587052804805&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 55C8 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?SxL3sA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 13:20:11 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 157ms
156ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=787587052804805&bg=!JiWlJWHNAAYgquz3AKo7ACkAdvg8WvsgGpHd4q7K3VY53krCM2f25N9tuUl3Ko4GzueSXRtxHTgKjwIAAABZUgAAAAloAQcKAIXp3utsN7RaYeInHSFayMgZk25fxDGwGAJlSQTyOmfQvKBdFtz6u6HN5i6IplZcmQIi46SVk5SZhFeldEDk8jlGsjTfMhJup08JkvdLb74srQ-_EkX6deWoWJG63GQW37fzhw4AQdhjzt6DRMXrNVQMmqwxNkhhz052v1z3QmZ7gFPVc3vsmQLdPRvGnVGqZ1L673WPtBHTEmIb7QhBl0b8M6YhSWI56e0mXEMF7l5CrvkxmscHnpSrPtP6LffnXqZ1fIUoojNFSNQsS_cwuvalR2FVSaPCuOpDvp-ar2cdLekhhf0cT4R_3Db5OckgZ2ibgF9ifeajCMO0yEhKf5juMyPy8cluujJxp4QjYJygpLa1ttSrTPtpPq-eD-Vh4028aWA66VQ_F-DV1VrWg80IRNaE2xXZEuB6lDPBChgbbiWklOH4GUhpOK-YMk0SNcXyxntmvf5NvsBPbhjTLaQxB-o1k3efRnkkPQNAP_KPh5SK8IKBssTDWyIRyaIxLYSqgJyd8f9Xn6dMur7Z2M6qAdLgKNVAllT5Di6pDZd82ioFMnIHJGlVMR5Uau0svjE5TAyonox3c1WIZ-HqHlYAgJdZImLSVmlW05DFiCoifXLMfo7vRizBF1uvfgNx3elmvsaPSuFdCM6QAjA750_GqnHLdls7Ji8YnnZNO9WQLH0v3I47FwUl_3nk88fr1LvqHyX9kzz-J5OyS1UXrnIWhmNUdKe8G5cjT3dRKmrXyUuhWFYVxV6fkSBU14zMJytfIHCpS3rtUjoxqwkzG-lhevfxg-8dcH8mlwhnF2APWAyIfMnaIHiBPao_qHZoAd_BWM1TvC837a2ppTKQgWfeNQyY6c5r6j_nuYc8K0JylVBvJRRudB2C3iJB8Oai8PQNAHeJSlioKogghnk5AKB2dJos7nulgbls685n8wD9f9ARDEFwyYVgixLBm0ZxXiSJvTbb74HjfxU-pcrgxmaPozCtuu_vQhzZTRnjWszfmsNliSEVXekqKQjPqXq6ijuN7FnCju2B0gZxs2E_DhMkhLms5Rh7s6DSYLUS-mE0PN4MpWAO22e7Dd9KnB1RlY_saLzV4zLQ8oPW-Ya4ZopuTGdUCq9HkoPbt57XBe4e1gFmLEnfIhxDQn7mrE8lPNWZI7e5pQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zin.aly2um.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9BCC 42 B
64 B 164ms
163ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstpzIsqRCOntERpKM6NPClVDjmVY18r4_LtuQKOnaWBn9UcCqXPFOVdsbQemUQ8vjPWS7EpeX9tTxsAw-HVxmvkRzzj0LCNJR8oktlVQ1O8zF8rfPtQrFR8u2BzbQCl_CpBl59ugA&sai=AMfl-YSA_PDRJmuI1K9hq4lOxPhq6bkGomtUUmb5XZ2OUt57RLRNKXZa772j8o3u2kAvOrRKm68L07XqWXv97AmAuBnZMeHT6-_UVj3RCg&sig=Cg0ArKJSzGGJnZ3JLyBjEAE&cid=CAQSKQDq26N9lB1bMsps-dKsCl4yTM-D0dZpRGXu7-0wYUr9hKPsgbfQtTGPGAEgEw&id=lidar2&mcvt=1000&p=0,0,280,748&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2921927375&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670937610509&rpt=1150&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 13:20:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 17:38:44	Name: __Secure-ENID Value: 8.SE=UOUJiILGiKQKUwhQdzfdYilo7AW85dWnlHofLfiyIBJxnwGGoAz7dahLue2oDZHbMKZoaJrb2boxcurF10GaewTmA5QBOqoiQwzNhFO4hT6IIPW8sPVmkifh5joUmWII4O2dgbCWcMD16y9Ad5ucCzh5qLViyjBrwl844qhqOks
.google.com/	1970-01-20 17:44:57	Name: CONSENT Value: PENDING+245
zin.aly2um.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 619dc604215ad12fcff74cf6cb700d37
zin.aly2um.com/	1970-01-20 08:11:50	Name: qa_key Value: ejm6xbym9zdr0119iww3e0h12196j5f1
.aly2um.com/	1970-01-20 17:44:57	Name: _ga Value: GA1.2.2091613118.1670937610
.aly2um.com/	1970-01-20 08:10:24	Name: _gid Value: GA1.2.359793695.1670937610
.aly2um.com/	1970-01-20 08:08:57	Name: _gat_gtag_UA_237003713_1 Value: 1
.aly2um.com/	1970-01-20 08:08:57	Name: _gat_gtag_UA_169264889_1 Value: 1
.aly2um.com/	1970-01-20 17:30:33	Name: __gads Value: ID=f0f85da2c0f5c613-2235508ffad90014:T=1670937610:RT=1670937610:S=ALNI_MaFea2_a-5Gk0bO8liZeeOSA2Cemw
.aly2um.com/	1970-01-20 17:30:33	Name: __gpi Value: UID=00000b91b5a5521f:T=1670937610:RT=1670937610:S=ALNI_MYlwjHyBEdS_i-MludlzjmyJVvvhA
.aly2um.com/	1970-01-20 08:08:59	Name: __cf_bm Value: 9Npb_4UGteqh0QJsOse5fw.XYxTiDo0I9lVJ8FuNU9k-1670937610-0-ARVJTkVyolpoEJr3pAtGTlQKwsxEDkMrzxJWQc1gRUFUKic1LQ5aSdEGMlXyS8jQ1qN2PCxxXldPZwjVTf0/nlggPNd6ZPZYS68NwB3rF8ShvZ+8+QjGrAMIg735ZXDZ3VmMpBmvB82nrzc8a4iRCI8=
.3lift.com/	1970-01-20 10:18:33	Name: tluid Value: 1174133575357961419454
.adnxs.com/	1970-01-20 10:18:33	Name: uuid2 Value: 3483438993504352952
.de17a.com/	1970-01-20 16:47:21	Name: guid Value: 1.2012941533964283951
.360yield.com/	1970-01-20 10:18:33	Name: tuuid Value: dce16a3f-4a95-4f49-ac4d-ba5dac53f229
.360yield.com/	1970-01-20 10:18:33	Name: tuuid_lu Value: 1670937611
.w55c.net/	1970-01-20 17:39:12	Name: wfivefivec Value: ylEnFDky1P55cD5
.ctnsnet.com/	1970-01-20 16:54:33	Name: cid_5601a3a336c14fde8cff7ce215017a63 Value: 1
.ctnsnet.com/	1970-01-20 16:54:33	Name: gid_CAESELREaY0S4KPi8OApJEsLJz4 Value: 1
.blismedia.com/	1970-01-20 16:54:37	Name: b Value: 63987C0B05F34D1C21E9B6E3BLIS
.w55c.net/	1970-01-20 08:52:09	Name: matchgoogle Value: 5
.mathtag.com/	1970-01-20 17:34:52	Name: uuid Value: a7f36398-7c0b-4800-a6f9-2f27910e232a
.mathtag.com/	1970-01-20 08:52:09	Name: mt_mop Value: 4:1670937611
.yahoo.com/	1970-01-20 16:54:55	Name: A3 Value: d=AQABBAt8mGMCEAsNdslId8lauCtesUkt4YgFEgEBAQHNmWOiYwAAAAAA_eMAAA&S=AQAAAslVgPs-_NoPYi9PmXLjxNA
.awin1.com/	1970-01-20 08:13:16	Name: awpv11354 Value: 412871\|1670937611\|df390210-7ae8-11ed-9f2f-2266c0ccb091
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377129:2470185
.doubleclick.net/	1970-01-20 17:30:33	Name: IDE Value: AHWqTUkpblQxMo8ay1-FMMTBK_rvXtH71_S2SCYsFFkQ2k22XVD1cpeaeY1Z9afVeu4
.quantserve.com/	1970-01-20 10:18:33	Name: d Value: EFkBCQHmJ4EA
.quantserve.com/	1970-01-20 17:39:12	Name: mc Value: 63987c0b-88cce-c8e90-922f2
.1rx.io/	1970-01-20 16:54:33	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-99563dfd-7979-43f8-87e7-574e1715eeea-003%22%7D
www.conrad.de/	1970-01-20 08:16:09	Name: HTLP_timestamp Value: 1670937611
www.conrad.de/	1970-01-20 08:16:09	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 08:08:59	Name: __cf_bm Value: DpCMCRee8Nf9.nEN8XuntW2jfHzJWqN2y4kb7XT1aMc-1670937611-0-AShNGqeG691usuEqMJ2DqXqRbAsG+ATEsJ1dzIFTXP6GUrGYnB9ehtmW38d+B0uXMyMKWLaidPkKQDPI+R7zoIo=
.o2online.de/	1970-01-20 08:19:02	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTI3MDAwMDAwMDA2MTY3MDkzNzYxMXZsZWExZGUyMDIyMTIxMzE0MjAxMTc5NDY2NTkwMTkzWDEyMDIxMVYxMjI2MTMyNzAyTVN2aWV3b25laWQzYmdGcGYxNFVaclpVN0hySEF0RXQ5OTdmOFRXVFJlYWRvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoNDNfVG9wUm90YU1vbnRoMTIwMjEx
.o2online.de/	1970-01-20 08:19:02	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 08:19:02	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022121314201179466590193X120211V1226132702MSviewoneid3bgFpf14UZrZU7HrHAtEt997f8TWTReadoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=120211&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTI3MDAwMDAwMDA2MTY3MDkzNzYxMXZsZWExZGUyMDIyMTIxMzE0MjAxMTc5NDY2NTkwMTkzWDEyMDIxMVYxMjI2MTMyNzAyT
.turn.com/	1970-01-20 12:28:09	Name: uid Value: 4044743963674110235
.blau.de/	1970-01-20 08:19:02	Name: nscT486 Value: v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNjcwOTM3NjExdmxlYTFkZTIwMjIxMjEzMTQyMDExNzk0NjY1OTAxOTVYMTE3NjYzVjEyMjUxMzExMDZNU3JlYWNoX1NVQklEVEVTVF92aWV3MTE3NjYz
.blau.de/	1970-01-20 08:19:02	Name: nscQ486 Value: V
.blau.de/	1970-01-20 08:19:02	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022121314201179466590195X117663V1225131106MSreach_SUBIDTEST_view&wfid=117663
.targeting.unrulymedia.com/	1970-01-20 16:54:33	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-99563dfd-7979-43f8-87e7-574e1715eeea-003%22%7D
.travelaudience.com/	1970-01-20 17:39:12	Name: _tracker Value: %7B%22UUID%22%3A%2284995493-6D65-4922-9663-C08429ACE1CE%22%7D
.innovid.com/	1970-01-20 10:18:33	Name: uuid Value: 141f4759-98eb-4c24-b25a-34d2704d59ca-20221213 08:20:11
.tribalfusion.com/	1970-01-20 10:18:33	Name: ANON_ID Value: a1nseFMwTkF6Xlypr9ML9HPYnG57cZd6HTGlV53Loxd9JfYWYRkUFAKIxyyQlupTX9O5boZbXDnKPR3S8lhIaN

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://upfasia.org/home/email/* Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.travelaudience.com
adservice.google.com
adservice.google.de
ag.innovid.com
as.ad4m.at
assets.ad4m.at
cm.g.doubleclick.net
cms.quantserve.com
d5p.de17a.com
dclk-match.dotomi.com
document.show
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
match.360yield.com
match.adsrvr.org
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
qa.aly2um.com
qis.is
r.turn.com
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
secure.adnxs.com
ssbsync.smartadserver.com
sync.1rx.io
sync.mathtag.com
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
tr.blismedia.com
upfasia.org
www.awin1.com
www.conrad.de
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
zin.aly2um.com
13.248.245.213
142.250.185.66
172.217.18.6
172.96.189.69
185.149.112.124
185.29.132.241
185.86.137.108
185.89.210.20
2001:678:cb4:bbbb::11
213.155.156.184
213.19.147.44
2600:1901:0:76b9::
2600:9000:20eb:9000:1b:5138:8a40:93a1
2606:4700:20::681a:bd1
2606:4700:3030::6815:3954
2606:4700:3032::6815:3a73
2606:4700:3037::ac43:a190
2606:4700::6812:19ad
2606:4700::6812:7e05
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:800::2003
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2004
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a02:fa8:8806:13::1400
2a05:d018:d29:3602:2799:7e74:3a60:9ac2
2a05:d01c:1d8:8102:1f82:7aa0:f039:aca9
3.33.220.150
3.68.131.166
34.96.105.8
34.98.67.61
35.186.193.173
35.186.253.211
35.190.0.66
51.89.9.254
52.209.22.234
84.200.5.215
88.99.63.132
95.100.75.47
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535
079f2c31a45931ca4136136a9961eb262e3a322e277efc146cefa8d10b600604
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
107e0c75cdfb6c878d15fd2da5741689b8187f5a757b2cad5ecf193ff7afee6c
1650a2bc457aa28b1f50c92cd2a2cbf1158664b717627f4cca2c9748a8eb8b5f
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1983c18b5d912cebd093e95f7061c943c038213a9bf15f029d016bfac76ff70d
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d044a2264146023baf11dbf8a92bc7b22d261fb0b28b7eba9b0800df97044da
1da03473020dd917c9efaccf19a21ba5851f4521b3474b7cb475703787175da2
25fbcd3c13c190447a8ab85ddf6ad1ded25521056577e9a35b7f450da39ea3d2
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2eb826025700af48b6c9e186d2131ffd897e35f58a1f94d429a2b3b6b3330177
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a8abfb66911ba859f849ca60fb06851c9b7a9b97363a90744b79aabf6b6a862
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f6065fa239eb492f0a6b7703edb7bb5aad77e27cb37e6895d3bdf8261d47d58
554d043cfa312960869bc5862b211e6cdd0281053b611226bec8c982810db60c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
570601095835bf7f6804506220e0b1bfb2cb2fdd118de9133cef8c983d3a48b9
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6378b870ee8842f7778c6a86675bf712b950a068f8e909d944700e8b00f21ca9
6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cd6362095fcf38cdab82cd857b6e357622de974af09f640a39f41af61183918
71d193f8da9903e7c91da94d17ab08c2e9d1a0572df88deb27682ab8751b1f26
75e258310f62d770cd8ba38015ef6c7fc76e16e677b52040c1ee6df9e26c64fc
7a49f15294007bad4031449fd145bfe309092999eebdb428925aa0403215f56d
824de40e353f2eaaf4828f927a03331984b995bf7fc59edc4ff08f9e178822db
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
86cb6f05fa0dee255981570d03efff932e1fe1fd2e0e8827f26c0b215ee02df7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190
968f53d8af0537f907f3a79fcfe6a3c703da21e0167b9aeb10f3a9ae52215d0f
9a94657d0b9923af189e362197b148f70eb20f1c8cf45406a7df02902e8fcaa5
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7ecc41f2b7fbe0cdd45f767bbbf92ea567eb11eb34102babdfaf9206d675ddf
a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c
ab92107ff94aa39eee2d67a4279651ba581fcdc084fec59bfe6ee3dbc8bf5543
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799
b5beb2db17c42e509fe230f0e872891157c09b0fb970a7215edecf9d7d6d939a
b90fd188d862538545441c5318ab6969e5d73a64065e6685459cf119e934b84a
c01d73ac6f9135b027a0f681b43346d04d49e797a517157f64ad433302beeafe
c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d
cd2544b1d189c79d04ea25c2494a02ce461fd3e69086f11ce10641de9282f2b5
cf6704fe652abeeafd5333fd67102d36f4e31e77361e1da78ff68db899cc5e6a
d68aa4c40194f74b64af2db608e94365c7e0ebb4632654e9d49076a4759d7c03
dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405
e07d58c68b83a3c283f75063f562aadc164ebb7cf068ffaef89bdde5011c3da8
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f94a4148644743d23c511fd2aa4724190f39c0526a58638f1ceba396619c8f4a

zin.aly2um.com Open in urlscan Pro 2606:4700:3030::6815:3954 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

146 Requests

85 %HTTPS

53 %IPv6

45 Domains

55 Subdomains

33 IPs

7 Countries

1537 kBTransfer

3327 kBSize

44 Cookies

2 Outgoing links

Page URL History

Redirected requests

146 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

zin.aly2um.com Open in urlscan Pro
2606:4700:3030::6815:3954 Public Scan

Screenshot
Live screenshot

Full Image

146
Requests

85 %
HTTPS

53 %
IPv6

45
Domains

55
Subdomains

33
IPs

7
Countries

1537 kB
Transfer

3327 kB
Size

44
Cookies

146 HTTP transactions
3 data transactions