www.xgcartoon.com Open in urlscan Pro
169.150.222.217 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Submission: On December 21 via api (December 21st 2023, 6:46:52 am UTC) from US — Scanned from DE

Summary HTTP 306 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 46 IPs in 10 countries across 47 domains to perform 306 HTTP transactions. The main IP is 169.150.222.217, located in Hong Kong, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.xgcartoon.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on September 24th 2023. Valid for: a year.

This is the only time www.xgcartoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	169.150.222.217 169.150.222.217	60068 (CDN77 ^_^) (CDN77 ^_^)
12	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	104.20.95.138 104.20.95.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:20:... 2606:4700:20::ac43:47bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
36	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
56	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
7 30	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1	98.98.134.241 98.98.134.241	21859 (ZEN-ECN) (ZEN-ECN)
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2	2600:9000:245... 2600:9000:2453:ae00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
5	35.156.190.4 35.156.190.4	16509 (AMAZON-02) (AMAZON-02)
1 1	35.214.218.94 35.214.218.94	15169 (GOOGLE) (GOOGLE)
8 10	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 7	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
36	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 8	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
2	213.202.235.8 213.202.235.8	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 3	52.58.114.78 52.58.114.78	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.48.74.137 52.48.74.137	16509 (AMAZON-02) (AMAZON-02)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
3	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
2	2a02:fa8:8806... 2a02:fa8:8806:16::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	37.157.5.132 37.157.5.132	198622 (ADFORM) (ADFORM)
1	178.32.210.230 178.32.210.230	16276 (OVH) (OVH)
2	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 2	216.52.2.91 216.52.2.91	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
6	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	91.121.248.44 91.121.248.44	16276 (OVH) (OVH)
2 4	92.123.148.9 92.123.148.9	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6810:c0cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	3.9.151.155 3.9.151.155	16509 (AMAZON-02) (AMAZON-02)
1	144.76.159.126 144.76.159.126	24940 (HETZNER-AS) (HETZNER-AS)
1	87.118.116.9 87.118.116.9	31103 (KEYWEB-AS) (KEYWEB-AS)
2	52.85.92.55 52.85.92.55	16509 (AMAZON-02) (AMAZON-02)
2	52.222.191.121 52.222.191.121	16509 (AMAZON-02) (AMAZON-02)
4	35.177.175.102 35.177.175.102	16509 (AMAZON-02) (AMAZON-02)
306	46

5 169.150.222.217 (Hong Kong, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-222-217.datapacket.com

www.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.95.138 (None, )

ASN13335 (CLOUDFLARENET, US)

c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::ac43:47bf (United States)

ASN13335 (CLOUDFLARENET, US)

static-a.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 216.58.206.34 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2453:ae00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.251 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.156.190.4 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-190-4.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.218.94 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 94.218.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.64.151.101 (United States) 8 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.171.53 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.16.134 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.202.235.8 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.58.114.78 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-114-78.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.74.137 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-74-137.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.132 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.32.210.230 (Ivry-sur-Seine, France)

ASN16276 (OVH, FR)
PTR: ip230.ip-178-32-210.eu

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.91 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 92.123.148.9 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-148-9.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.200.5.215 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.13.224 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:c0cb (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.9.151.155 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-151-155.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.76.159.126 (Sankt Augustin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.126.159.76.144.clients.your-server.de

tm.simptrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.118.116.9 (Germany)

ASN31103 (KEYWEB-AS, DE)
PTR: km36617.keymachine.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.85.92.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-92-55.ham50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.191.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-191-121.ham50.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.177.175.102 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-175-102.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
98	googlesyndication.com 61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148 pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	1 MB
64	doubleclick.net 11 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139	224 KB
42	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 25796 ad4m.at — Cisco Umbrella Rank: 11359 assets.ad4m.at — Cisco Umbrella Rank: 35458	425 KB
22	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	537 KB
12	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 428	251 KB
10	casalemedia.com 8 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480	8 KB
10	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	643 KB
10	xgcartoon.com www.xgcartoon.com static-a.xgcartoon.com	503 KB
8	google.com www.google.com — Cisco Umbrella Rank: 2	3 KB
7	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 229 secure.adnxs.com — Cisco Umbrella Rank: 478	6 KB
6	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 24395 api.webgains.io — Cisco Umbrella Rank: 59842	38 KB
5	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	726 B
4	awin1.com 2 redirects www.awin1.com — Cisco Umbrella Rank: 13930	3 KB
4	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 145563 static-de.ad4mat.net — Cisco Umbrella Rank: 192580	1 KB
3	webgains.com track.webgains.com — Cisco Umbrella Rank: 49821	4 KB
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 818	3 KB
3	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 714	1 KB
2	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 61264	71 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 546	2 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 650	1 KB
2	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 793	207 B
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1299	326 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 491	400 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 560	1 KB
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2627	207 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 773 r.turn.com — Cisco Umbrella Rank: 3570	869 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 372	1 KB
2	exactag.com m.exactag.com — Cisco Umbrella Rank: 11353	2 KB
2	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 674	470 B
2	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5555	1000 B
1	congstar.de banner.congstar.de — Cisco Umbrella Rank: 97477	549 B
1	simptrack.com tm.simptrack.com — Cisco Umbrella Rank: 106380	1 KB
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 83743	492 B
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 104746	1 KB
1	lead-alliance.net 1 redirects www.lead-alliance.net — Cisco Umbrella Rank: 89094	434 B
1	telefonica-partner.de 1 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 88416	261 B
1	medialead.de pv.medialead.de — Cisco Umbrella Rank: 47317	327 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258	576 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 742	45 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 749	464 B
1	360yield.com match.360yield.com — Cisco Umbrella Rank: 1765	199 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550	363 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 870	464 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 681	187 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	588 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	247 B
1	statcounter.com c.statcounter.com — Cisco Umbrella Rank: 10182	469 B
306	47

	Domain	Requested by
56	pagead2.googlesyndication.com	61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
36	tpc.googlesyndication.com	61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com www.xgcartoon.com googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com s0.2mdn.net
30	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net
22	s0.2mdn.net	www.xgcartoon.com s0.2mdn.net
18	assets.ad4m.at	as.ad4m.at
15	securepubads.g.doubleclick.net	cdn.ampproject.org 61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com www.googletagservices.com
12	ad4m.at	as.ad4m.at ad4m.at
12	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
12	cdn.ampproject.org	www.xgcartoon.com cdn.ampproject.org
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
10	www.googletagservices.com	61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com googleads.g.doubleclick.net
8	ad.doubleclick.net	4 redirects www.xgcartoon.com
8	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
6	61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com	cdn.ampproject.org
5	ssum-sec.casalemedia.com	5 redirects
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	x.bidswitch.net	googleads.g.doubleclick.net
5	static-a.xgcartoon.com	www.xgcartoon.com
5	www.xgcartoon.com	www.xgcartoon.com cdn.ampproject.org
4	api.webgains.io	analytics.webgains.io
4	www.awin1.com	2 redirects as.ad4m.at
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
3	track.webgains.com	as.ad4m.at
3	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
3	secure.adnxs.com	3 redirects
3	pm.w55c.net	3 redirects
3	onetag-sys.com	2 redirects googleads.g.doubleclick.net
2	cdn.track.production.webgains.team	as.ad4m.at
2	analytics.webgains.io	track.webgains.com
2	sync.1rx.io	2 redirects
2	ap.lijit.com	2 redirects
2	image6.pubmatic.com	googleads.g.doubleclick.net
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	c1.adform.net	2 redirects
2	dclk-match.dotomi.com	googleads.g.doubleclick.net
2	eb2.3lift.com	2 redirects
2	m.exactag.com	googleads.g.doubleclick.net www.xgcartoon.com
2	s.ad.smaato.net	googleads.g.doubleclick.net
2	ads.travelaudience.com	2 redirects
1	banner.congstar.de	as.ad4m.at
1	tm.simptrack.com	as.ad4m.at
1	www.conrad.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	www.lead-alliance.net	1 redirects
1	www.telefonica-partner.de	1 redirects
1	static-de.ad4mat.net	as.ad4m.at
1	pv.medialead.de	as.ad4m.at
1	sync.targeting.unrulymedia.com	1 redirects
1	ssbsync.smartadserver.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	r.turn.com
1	ad.turn.com	1 redirects
1	match.360yield.com	googleads.g.doubleclick.net
1	dis.criteo.com	googleads.g.doubleclick.net
1	csync.loopme.me	1 redirects
1	pixel-sync.sitescout.com	googleads.g.doubleclick.net
1	sync-tm.everesttech.net	1 redirects
1	region1.google-analytics.com	cdn.ampproject.org
1	c.statcounter.com	www.xgcartoon.com
306	60

This site contains links to these domains. Also see Links.

Domain
cn.xgcartoon.com

Subject Issuer	Validity	Valid
*.xgcartoon.com AlphaSSL CA - SHA256 - G4	`2023-09-24` - `2024-10-25`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-05` - `2025-01-03`	a year	crt.sh
xgcartoon.com GTS CA 1P5	`2023-11-16` - `2024-02-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2023-04-03` - `2024-05-03`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-11-21` - `2024-02-19`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
pv.medialead.de R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
ad4mat.net GTS CA 1P5	`2023-11-18` - `2024-02-16`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
simptrack.com R3	`2023-12-18` - `2024-03-17`	3 months	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh

This page contains 47 frames:

Primary Page: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Frame ID: 940B76F9DC84CBE79644DF3EC1BA27C1
Requests: 38 HTTP requests in this frame

Frame: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 9BD9186CD98B47CD957E18F99AA7A1DA
Requests: 13 HTTP requests in this frame

Frame: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 7DAF5522B8D9E360D5053510716B5182
Requests: 12 HTTP requests in this frame

Frame: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: B8769B99991CE8759E573D2CF5CC41DA
Requests: 11 HTTP requests in this frame

Frame: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: ADBA5B383ABC2B52BA2288179C5440F7
Requests: 11 HTTP requests in this frame

Frame: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 0A14F3A38D164CBA1E483044DD66EC11
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 5A51D5B575316B09BAB5B8653B4AAB60
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208184&bpp=199&bdt=175&idt=358&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2909654689&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079980%2C31080114%2C95320869%2C95320885&oid=2&pvsid=224282422352283&tmod=271731011&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bcxmrq3fhox3&fsb=1&dtd=365
Frame ID: F8DBBA934B62A82D60B9DBAC1E14ACBE
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208196&bpp=268&bdt=177&idt=428&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3665888830&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44807406%2C95320868%2C95320884&oid=2&pvsid=3211755927192484&tmod=1766228811&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uotmlotl2te&fsb=1&dtd=436
Frame ID: C7A7F61B6EB3AC36C3036D72A1DE524F
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208194&bpp=283&bdt=174&idt=501&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=4077711389&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31080103%2C44807405%2C95320885&oid=2&pvsid=4409605273235972&tmod=496843437&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ide632qfehe&fsb=1&dtd=509
Frame ID: 708A084821BD8E0F3584A155A416C343
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046730&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208191&bpp=298&bdt=172&idt=560&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3665888830&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31080103%2C95320868%2C95320885&oid=2&pvsid=2764356450645395&tmod=1193849312&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.31n52mj8brns&fsb=1&dtd=569
Frame ID: AE6493A28D8C7250E88929DC2454E172
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208189&bpp=313&bdt=171&idt=660&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=0&ifk=4082199518&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079758%2C44798934%2C95320885&oid=2&pvsid=3853718522373933&tmod=1669376511&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.hbg5n0rfinfl&fsb=1&dtd=663
Frame ID: 40C2B5382331EF68320CE53C7C8D1265
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY_4To4gEwAQ&v=APEucNXEKWnxP6UVWEq2fiq83swx3ltgbiMUtJ_pQd0RLpbVpRUpmaOe0Oceh14J0oufyJuQB9pCelDFt3-y3qkB9BbxNSHEgFNY_W6LrQDocuLHXpbs8MEkTJhulxDjIUjmWh2Dk2gJe2zQa341VP2sH-zNPaAXIEvLcVl1eatWUD9UCKZ27ow
Frame ID: 6433050B075D5FC1A4A0D4031ED52261
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8C68F812DBFF045501745C0BEB910F49
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1877689FE2AFC815AC1666099E2DDB48
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gkkknac84h3pnth786hnfzkn5dyszx60c5vr1vhr697tsn7zmzqp5vhewvds2f0njcwn36v72zks5616czkgt8gtq075sfwc39vzcaevycmpcv9n39888j4zrkxe2nv9yng4twvk1hsnmqa85gzdsr5yzex5p83wdfe15teykg5w85c78jdeh752wyhjfh4sm7bjk4sb95db41sajcf5g497x4vkqh4232p5e91vjwh4kmr0dbg067btkw3dnx18r1pfxjpteahk8cd110n7kc5fsazdgna8qzdbx21r51ejf8e8kejk3w8kb9j8kv7xqgyz4xkvk66bnabgnq4sjcsymzy7khch943yfk9dtv3p17heafndsccshgksnp7qwzmhacesgcdqt7kgs6619h6hbhsavm4as3mxvm2wn3haa6fzdyrz0y00z3tpvyzpqfptnyydc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvCJZWN-DZaPkK-Gs5LcPxoOpsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0wFP0M7S66V-_N6N0zMyrEjmglbCvPqbapoXveHHpRfaxtnevTcZsJknDfmUOYCE8ts2ZlDuNc1Cr0ArLNbcZXRMO3YOhgmFg7KAmdVnCEIwYufA8dBZlTIwQ3VnEfrQTgGCPaa9OOjIqBPP2AnzNy-8z9RzVx3n_N1hwS_r_QQUEdYRk4y-XzkUyBb35KvVcBFI4NOj-NQd_x5VY9matjO-zad3YeZTpDpGw0O43f4MdfDDyo2AXmizGK8W95eQ9izAZM99t4p5mpYq8a3R_YhH0Yy6gAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WK64-bX3n4MD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_38jD7TGM3zFR0IQ_LVfTQceZ5rCA%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: 41BA77F10150E23D26770341F71CB40E
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F06B1F55C2329DD7B306A4B29FD6EA35
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=AchYfa73sJ&t=1&renderingType=2&ev=01_250
Frame ID: 3CF594C95E24703F5551FAC7190C93CF
Requests: 12 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h2n06t6rzbmppjfarrgd9gkj80ncr21f48jb2t7echjvpfmreb04gmezx2ewz40kw4wrhwv6re3bbz3mm8y7yp7spsdrcp02hzsjagm3kjas80xtzj1q8b68n1crggtrqfv4t08n4yk3c53qf7j1fe1dsb99cxvt3ztpw4y15njn9sspd5e1fdgt7f6p3cc1rm68ewrd9381de8dmgzt91r57nszfd4h12573fx1ayq65ksjrs2jjpv9x55t4jxra0nrcf8fw7edffygt9dfbj7bgj9a081z5xe1t53kq5mvaym9v7cdrwx583dtc65mjz6a589pv0ta2kkezhw4g6avckrzd7hwka547zq42pyg1eah5jtkb5basqbg1t19xj5sbj32j7xa5xrg9ssdj6xrzyp95kqnc0hngrrmeabjgpm9knbagb2we447csf3x00nr2b7r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtP8qWN-DZZPEM8TG5LcP86WskA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0AFP0JFozDTjksQ3ZJm3np-0PJUdnmyx9JRZqtyRwpBR-S-tUCXJSPW0QPYgTC__i0PWy9X1PciXnxdkSxhjrz1F0yqX9kIuGIrrusKtmm8IPU63FAZmlhJjs_XW5U6chSRorQC9aM_sHWql61rgb53XWqaLh6qn6aLrKJDa22IDOSqDfGf_cz1oF4Ke5gIa06YXtLun3a-9_193ykMJwp6WVD9B8rtzztESzR-m7g3-sd4d_XKxpaJ_R9rIIzlUudtSRVzeD63OpgxyP_EiMXTjgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_aGBtvefgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0s8O3PXvgX7MqlmNqmQIQ4lE6aFg%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: 6DE4A188A28FBDC936713A7F21650DD5
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Frame ID: 0BE569E0AAF728AEC9AAF2F930830F37
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CE750BD9CE36D15B065252025A0EB94E
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY_4To4gEwAQ&v=APEucNXkWoIydk2-9rL-WRkGTYyOF8QD_zPsX_vduR0TuNIIZdRa9foWUGw_BICLpxzdzLO5dWFjObcM7ZBUVxwyWyY6yI831ULoNenGoSDFviLiIFROgcHpmWaGE68n2tnvX8DSwAUSQti9UoJZnwzUCAVcbs5pvdTVy39WoXjOxiQEuNZLCqs
Frame ID: D378838822C2269F55837E717487582C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DBD334F91C1FF541DFF8D8512265C8B7
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 39505E052EA4C81F7EB9DF5BA4368AB6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 2FEAF950448B677D3275F2048C04A510
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=ixfvXlJh7S&t=1&renderingType=2&ev=01_250
Frame ID: 92B88511D09235A4EE63C1E0549D2F3C
Requests: 12 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 78B88017A2B017D597BFA6C317636AA0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E22326E53D10B03C063A7AD88F60FEC1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 90770FE70059D92100B641B2B3F807E6
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hmdhs9f53dpzrd6yd31nkbagxg8tx6q5adyn6z488vwyxsmn3bs35d31aret2mfxghkn40714tc0dqcqwyse0x3rrdvrwc4dy4raww32skgze6pcbzp6hmy9axq4dprzft2ns4wa0dhkwwvne25p5bg2b0qxqqryk2r14xm68amvs1cs1152pz5pdy583xgc402x2fhp23y2awpmm602q14zx1b48yddpf677xzdw3rghf66j6m01f4wxpd9jf0m439qyx4wn19v21737zajyr8tmph44ekrnrhhn1vhk917cpee2br338rg6h89aq87rcse41mezsmzjj4d1n4enp69ejhkmdryhtvyb4netzxprxdjj7p8nt2fxbg3z1qnmkdg31g16f44ydcyxyecyrr7crx5sn6sqjce6kft7mn6tbnc754pzfwnqjb8r5cek7xcvkcxc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO7sSWN-DZYKnOZbvsgf3varACpDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAujw45njXLI-qAMByAMCqgTQAU_QL5zorZeNcsPxh9fJTlYRHEozvvaTPXCZ5cgPYd-70MnYumWc21rIVOqwrBMIEbl30NvMFvje0E3jCvRLQdT9g2FCVT6iuth5tYn8-MEWiB0MUn0IMf8MYPEaw5UMmgCOmyhM3umN1WycDwMUo9i9blxuVA6lqP7cfdY5HrXe9aP4bNejXrtnmMJcKxtF58FWqSR4ED6UWCffsvwVZ2i8ELBS5SzP3M-bHLxtIQRq4E73kJ9feztn1MbL8tbi7GLPonbZZnycGK5GKlxpX9-ABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli4gIe295-DA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_JXcTwlnbwpUX7EJ9yAcBvwHEeQ%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: 502332788D1A7EDD70CF347F0BAAD733
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Frame ID: 06E3EFA04202CF8104C18081A46B09DC
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F3645F339910CD5D3C795D057E01E55F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: D3FC504E40FB6930B975E864BA7A368A
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15573%2C19769%2C117569&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=744f0ce759df0a71eb76083db091d9e4%2F10002011977700085702&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209313&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jrb01d2knbfkqcexkyf2mwg9xze9spjd17mk12zzxmy87t292hcyzhmstf4dzrs70nxzp1941ddst8chfxzhhmese0tb2y1gz6hwwvh0veh5zckx8rxvp22wf2wemmw9t7pzm2qfv47p52nz4j43mdw308f9f53j3pw2nnst5xhdvcdertrgjh5ccenkkw76g2smpvm91fn5dc736xznzabwbwsqsegcev1pftqqz6y44t3kcb3gvqyztvs8g34d38x22grbrah95w90ds53kgd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvCJZWN-DZaPkK-Gs5LcPxoOpsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0wFP0M7S66V-_N6N0zMyrEjmglbCvPqbapoXveHHpRfaxtnevTcZsJknDfmUOYCE8ts2ZlDuNc1Cr0ArLNbcZXRMO3YOhgmFg7KAmdVnCEIwYufA8dBZlTIwQ3VnEfrQTgGCPaa9OOjIqBPP2AnzNy-8z9RzVx3n_N1hwS_r_QQUEdYRk4y-XzkUyBb35KvVcBFI4NOj-NQd_x5VY9matjO-zad3YeZTpDpGw0O43f4MdfDDyo2AXmizGK8W95eQ9izAZM99t4p5mpYq8a3R_YhH0Yy6gAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WK64-bX3n4MD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_38jD7TGM3zFR0IQ_LVfTQceZ5rCA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: 8C06338FAE6A2C146AEDE48649EFBAE3
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3F38B0F06CAFD07AA02A94D41E91504F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 977E33FB650370AE2DC8346C31AA8456
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B202E3B354E2D8C99D1BE28C235C7DB1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BA54418FF013235F6B606F89E91E4399
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EFB4D23D294FDD3807BBA21F79D4EE8D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5A7325EA7309491EEDD4BBDF19B7CBF0
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 6D79E53D84065DBF38FDB6FAF0362093
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=182475%2C23576%2C537178&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=120&d=600&e=&g=8cf6a43591fccc20b0076b929fc30251%2F17241071206054002637&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209477&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kwxbp6bhvsjns3e5r1aey05bpp84wt7pehs5s81dpttje05ckd1z11k686y63f2mwknk9mv8f4hp87gqgxwrtfc0j3cfzpwmjk09fsvrsvg731jb1jdxbcx0p2wwbrwncfez2ddsfx1xcvkbnkzk4bm2t5aa3vm5wznqc1ymrfpk28qkbek21ybs28nww26s3syytr6v1r2vb7f2zf8585k85rknc8gf4qw7qvwp3mnp6qkddvfkbc0whvg8rzrw66tyhbq414dj1g1dw64p15g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtP8qWN-DZZPEM8TG5LcP86WskA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0AFP0JFozDTjksQ3ZJm3np-0PJUdnmyx9JRZqtyRwpBR-S-tUCXJSPW0QPYgTC__i0PWy9X1PciXnxdkSxhjrz1F0yqX9kIuGIrrusKtmm8IPU63FAZmlhJjs_XW5U6chSRorQC9aM_sHWql61rgb53XWqaLh6qn6aLrKJDa22IDOSqDfGf_cz1oF4Ke5gIa06YXtLun3a-9_193ykMJwp6WVD9B8rtzztESzR-m7g3-sd4d_XKxpaJ_R9rIIzlUudtSRVzeD63OpgxyP_EiMXTjgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_aGBtvefgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0s8O3PXvgX7MqlmNqmQIQ4lE6aFg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: E830DE3D5A474DAE0D6A521ACEE1DC36
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: 643EE698234F4CAE7C6CE9E87A65483C
Requests: 1 HTTP requests in this frame

Frame: https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2?pub=ad4mat
Frame ID: CE7AA254692DDC49547512F172AF5511
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D81AC22F508270C3B7B1E3E7CEA8AF94
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 714757117AED001480DE55907E218796
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C196439%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wV%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C61wtef3fMW9mfeHmHYtEC5kmtYS1T33PTERYG%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=120&d=600&e=&g=3226e58fd0d164c23e4edbb7835f13d7%2F5993780862426970040&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209693&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1khzmcrpwn2as9d8mamhypsznt10xx01mxsgtzxww7y7d8m7m8hsn32h11sqjxr9m64qxqy5s2hdqangym0k5tsq4mvnkz827czbv4a5zzxa0rpkqhw8m2w441pcezm7h2vhqy6hpvsek14m31p99rpxswmqtd2nfzv6r8kbs1ns6vp3q78fnhnfcxawyn5jtrw82tg1qh6ct8qkwwnh7af11sav3y2mrx4c4h67d8vcpqs94w7qcxhpasydheh0swfwe5w8fxzfy4pa0qmx6bjv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCO7sSWN-DZYKnOZbvsgf3varACpDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAujw45njXLI-qAMByAMCqgTQAU_QL5zorZeNcsPxh9fJTlYRHEozvvaTPXCZ5cgPYd-70MnYumWc21rIVOqwrBMIEbl30NvMFvje0E3jCvRLQdT9g2FCVT6iuth5tYn8-MEWiB0MUn0IMf8MYPEaw5UMmgCOmyhM3umN1WycDwMUo9i9blxuVA6lqP7cfdY5HrXe9aP4bNejXrtnmMJcKxtF58FWqSR4ED6UWCffsvwVZ2i8ELBS5SzP3M-bHLxtIQRq4E73kJ9feztn1MbL8tbi7GLPonbZZnycGK5GKlxpX9-ABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli4gIe295-DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3_JXcTwlnbwpUX7EJ9yAcBvwHEeQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: 8F7CBDCCA84E9656D9E10E863A2A9189
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🍸光之美少女第12季（Go！PRINCESS光之美少女！）【日語】免費高清卡通動漫在線看 - 西瓜卡通

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js
tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Page Statistics

306
Requests

91 %
HTTPS

35 %
IPv6

47
Domains

60
Subdomains

46
IPs

10
Countries

4136 kB
Transfer

10496 kB
Size

44
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://cn.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Title: 简

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 94

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEJzR3EFOa72JGI5z0c-nUCM&google_cver=1&google_push=AXcoOmQr6Wzk4Unbvd-UBM0Xbdi4LYGgj31zMFdoMFv_OSUaVU6hL0v2lMWTqvHGjCOHzOG_ktfZw_dCSUue10ADjAeN8i97vMvV-YV4gbcGXZCtDSB4d98GBMX_6sVoZ1tCZPiRLlfB9trBF0fg5OGPOtMB HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJzR3EFOa72JGI5z0c-nUCM&google_push=AXcoOmQr6Wzk4Unbvd-UBM0Xbdi4LYGgj31zMFdoMFv_OSUaVU6hL0v2lMWTqvHGjCOHzOG_ktfZw_dCSUue10ADjAeN8i97vMvV-YV4gbcGXZCtDSB4d98GBMX_6sVoZ1tCZPiRLlfB9trBF0fg5OGPOtMB

Request Chain 96

https://ads.travelaudience.com/google_pixel?google_gid=CAESEM_h5SOFG2WO6KZFqnKGVe8&google_cver=1&google_push=AXcoOmQJPMWoSb8i59sPWPFISutSwSVM-E4esLcNUnPSWAjs_h0Wq6xBWc3DkyrwP5Lsh3tqf7fYUfajWtrN20E2-zxxduM8c1OJSaU3mvUhwezN3uGS8jWh8wF7Th80MgH9AGY-NG4sDGr-A59fSR0JQkfQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=A4DkflFISVw7f9fUTww-Xw&google_push=AXcoOmQJPMWoSb8i59sPWPFISutSwSVM-E4esLcNUnPSWAjs_h0Wq6xBWc3DkyrwP5Lsh3tqf7fYUfajWtrN20E2-zxxduM8c1OJSaU3mvUhwezN3uGS8jWh8wF7Th80MgH9AGY-NG4sDGr-A59fSR0JQkfQ

Request Chain 98

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAx4cUdl34UUlqIoWN6gecM&google_cver=1&google_push=AXcoOmT6ydUere5keRoQrA186uXU864HSX0UMhGc31npnD5GGPOSIWfMh6C0MBfeaFi1D2Wfh8vD-7abzWU3ZSL6GY0Xi97Ht7q9iKN6Tu6dc92ZF8zQ7sIY3EmbkXUvhn3Lbo3LlR-W09sOhupoTamRpXBa HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT6ydUere5keRoQrA186uXU864HSX0UMhGc31npnD5GGPOSIWfMh6C0MBfeaFi1D2Wfh8vD-7abzWU3ZSL6GY0Xi97Ht7q9iKN6Tu6dc92ZF8zQ7sIY3EmbkXUvhn3Lbo3LlR-W09sOhupoTamRpXBa

Request Chain 100

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESECYPtj4PnQ7PEX5-IQdqYwI&google_cver=1&google_push=AXcoOmQsntO5AuntCwXcTtHCLv5UQ9BloNICp2ddZnqO7hUNAV4MyiHua1vXyqfJGHwzqpMDi1HOb4NVk-EumT_yVU4HBoOHS_TABH6P_zk38TlYb3N1HCMuGDRVyYqvHguIjA0Da1xr0SF_aSDl02inTUg9FQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=35bb907b-32e3-4a04-8de3-cdb8f88d5bb3&google_cver=1&google_gid=CAESECYPtj4PnQ7PEX5-IQdqYwI&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQsntO5AuntCwXcTtHCLv5UQ9BloNICp2ddZnqO7hUNAV4MyiHua1vXyqfJGHwzqpMDi1HOb4NVk-EumT_yVU4HBoOHS_TABH6P_zk38TlYb3N1HCMuGDRVyYqvHguIjA0Da1xr0SF_aSDl02inTUg9FQ&gdpr=${GDPR}

Request Chain 106

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5IFLyejO_vjiXhAuhJkcA&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5IFLyejO_vjiXhAuhJkcA&google_cver=1&C=1

Request Chain 107

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYPfWdyuDfYx9JedtfLNlAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5IFLyejO_vjiXhAuhJkcA&google_cver=1

Request Chain 108

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBMLqQck7kQ0853rm-id9hM&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBMLqQck7kQ0853rm-id9hM%26google_cver%3D1

Request Chain 109

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTExMDY4NDA1NzcxMDg0NTk0Mw%3D%3D

Request Chain 116

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEC5MVYh-hmqq1_PaVBTSfSo&google_cver=1&google_push=AXcoOmQnpXkX0evWbnEiHlyMOYi-7-P9kYJ1jnG9yQEtxjJmN1Ga67XrGQE2Ju7uLtsJah75Pf4GY7oALZiMutPiNIQq8U7LmW5eWeFV8qW2JjUHDoXR7V-ucTiEnC8LU0SmiiskXbygTEHOM4_lrbVR1-_H HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEC5MVYh-hmqq1_PaVBTSfSo&google_cver=1&google_push=AXcoOmQnpXkX0evWbnEiHlyMOYi-7-P9kYJ1jnG9yQEtxjJmN1Ga67XrGQE2Ju7uLtsJah75Pf4GY7oALZiMutPiNIQq8U7LmW5eWeFV8qW2JjUHDoXR7V-ucTiEnC8LU0SmiiskXbygTEHOM4_lrbVR1-_H HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UGJSWDJ3Z0gxUmdjUHY1&google_gid=CAESEC5MVYh-hmqq1_PaVBTSfSo&google_cver=1&google_push=AXcoOmQnpXkX0evWbnEiHlyMOYi-7-P9kYJ1jnG9yQEtxjJmN1Ga67XrGQE2Ju7uLtsJah75Pf4GY7oALZiMutPiNIQq8U7LmW5eWeFV8qW2JjUHDoXR7V-ucTiEnC8LU0SmiiskXbygTEHOM4_lrbVR1-_H

Request Chain 118

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBe5Lpf_SdSmjwRYsfn54_c&google_cver=1&google_push=AXcoOmRVexZHRmwsQxi2yxmjREcE8bqLCd6wgpb9bvGiRwjjMCUqDTFtYDqNfw3HdkrdETtkCOie-_FiCbsMMl6cdDWjE_T6dTxmdbS5g8f87hEzPo-_Z5uVm7w-co4uftKkVPKl5BoZjLu9GCmjaH4lLooK HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBe5Lpf_SdSmjwRYsfn54_c&google_push=AXcoOmRVexZHRmwsQxi2yxmjREcE8bqLCd6wgpb9bvGiRwjjMCUqDTFtYDqNfw3HdkrdETtkCOie-_FiCbsMMl6cdDWjE_T6dTxmdbS5g8f87hEzPo-_Z5uVm7w-co4uftKkVPKl5BoZjLu9GCmjaH4lLooK&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBe5Lpf_SdSmjwRYsfn54_c&google_hm=ZYPfWSHpnNLfpWuV-LZDnQAACJkAAAIB&google_nid=index&google_push=AXcoOmRVexZHRmwsQxi2yxmjREcE8bqLCd6wgpb9bvGiRwjjMCUqDTFtYDqNfw3HdkrdETtkCOie-_FiCbsMMl6cdDWjE_T6dTxmdbS5g8f87hEzPo-_Z5uVm7w-co4uftKkVPKl5BoZjLu9GCmjaH4lLooK

Request Chain 120

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAKXG3mql94W3cDi5yHU6ng&google_cver=1&google_push=AXcoOmSXQbONTz9B26O28EwKRbQdcAfXS8UTnnkUHTLIpCFWEt4VYm5Feh5DAS6ZPc_Fr-B_X7BR8E8ynCoFrYONXtiwUY1vGTe8ne8F3lEBG2mYcXReSfG4sWN6YuxFemeF4kaf7KNjIRXuI9Hi64NwJDbA HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSXQbONTz9B26O28EwKRbQdcAfXS8UTnnkUHTLIpCFWEt4VYm5Feh5DAS6ZPc_Fr-B_X7BR8E8ynCoFrYONXtiwUY1vGTe8ne8F3lEBG2mYcXReSfG4sWN6YuxFemeF4kaf7KNjIRXuI9Hi64NwJDbA&google_gid=CAESEAKXG3mql94W3cDi5yHU6ng HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQyMzkxOTczMDEwMjM5MDM5NjM0MQ%3D%3D&google_push=AXcoOmSXQbONTz9B26O28EwKRbQdcAfXS8UTnnkUHTLIpCFWEt4VYm5Feh5DAS6ZPc_Fr-B_X7BR8E8ynCoFrYONXtiwUY1vGTe8ne8F3lEBG2mYcXReSfG4sWN6YuxFemeF4kaf7KNjIRXuI9Hi64NwJDbA

Request Chain 121

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAx4cUdl34UUlqIoWN6gecM&google_cver=1&google_push=AXcoOmSBK_rOpLLLmvXdTV5PpsDC8tJLWEuIfNF4g0W-KHue9Q7m8NZckUAoMC0YBH7lBvO0jCjhVqi4ZRzr8XbUZBlOkJHFa8IWGgzjw9TIA4HVUN7OLSopm_Pd5k7XM83VK4YM5pFCPXbiMT44GvIFPIne7A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSBK_rOpLLLmvXdTV5PpsDC8tJLWEuIfNF4g0W-KHue9Q7m8NZckUAoMC0YBH7lBvO0jCjhVqi4ZRzr8XbUZBlOkJHFa8IWGgzjw9TIA4HVUN7OLSopm_Pd5k7XM83VK4YM5pFCPXbiMT44GvIFPIne7A HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 122

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEBQDa0MdVZl1tR7X4TxIOmc&google_cver=1&google_push=AXcoOmRgepORoO012icsxxAyvcziJprghM5VVyaNxxkfp-RFPVn-bjT5NjSIug6jTvTvABeZ6a13zULKWmLbZ-GkXtuvgzQKeOjlfv8rlisqBs3lxsLphMes4GNTJZzbsMdcGcDJH4x7V1s6aXj7Z8mIAkE5 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEBQDa0MdVZl1tR7X4TxIOmc%26google_cver%3D1%26google_push%3DAXcoOmRgepORoO012icsxxAyvcziJprghM5VVyaNxxkfp-RFPVn-bjT5NjSIug6jTvTvABeZ6a13zULKWmLbZ-GkXtuvgzQKeOjlfv8rlisqBs3lxsLphMes4GNTJZzbsMdcGcDJH4x7V1s6aXj7Z8mIAkE5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTExMDY4NDA1NzcxMDg0NTk0Mw%3D%3D&google_gid=CAESEBQDa0MdVZl1tR7X4TxIOmc&google_cver=1&google_push=AXcoOmRgepORoO012icsxxAyvcziJprghM5VVyaNxxkfp-RFPVn-bjT5NjSIug6jTvTvABeZ6a13zULKWmLbZ-GkXtuvgzQKeOjlfv8rlisqBs3lxsLphMes4GNTJZzbsMdcGcDJH4x7V1s6aXj7Z8mIAkE5

Request Chain 152

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGRqJ0T4Ew9ijlzcDY9tlic&google_cver=1&google_push=AXcoOmR3cUSZsW7G512YqoenxI4CWZOEBMSq3yuRcCSTuX93_RNE-jdug3kRM71pw2fonQGCZwbjA8AY9Uo0_mWqwQHFbwYtLrPI18x0b82LhLelQy1Ha0oXeFzx4JBwnU_eVH3gLF27DbjMBncBptJwVCHn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjg4Mzg3NzYwOTYwMzk5ODU0Ng==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGRqJ0T4Ew9ijlzcDY9tlic&google_cver=1

Request Chain 155

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEL-a6B2dOoVs27JoLfr_vdc&google_cver=1&google_push=AXcoOmRukIuVl9lsy_0r9ta1BS2-k79hVXyNw-xQ3LsdQIj261Jv3rq1hsCTfIV1fHy3c5x9ETqFPUGaQmskeLpTps0lQ9q-NW4WNSoqdSSdqUjmGKivDZLHeWDs48njUYQT-KSwb8xev28uIfsWu3i6BK1p HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEL-a6B2dOoVs27JoLfr_vdc&google_cver=1&google_push=AXcoOmRukIuVl9lsy_0r9ta1BS2-k79hVXyNw-xQ3LsdQIj261Jv3rq1hsCTfIV1fHy3c5x9ETqFPUGaQmskeLpTps0lQ9q-NW4WNSoqdSSdqUjmGKivDZLHeWDs48njUYQT-KSwb8xev28uIfsWu3i6BK1p HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU3NDUzMDg1NjMzNjE1Nzc1MA&google_push=AXcoOmRukIuVl9lsy_0r9ta1BS2-k79hVXyNw-xQ3LsdQIj261Jv3rq1hsCTfIV1fHy3c5x9ETqFPUGaQmskeLpTps0lQ9q-NW4WNSoqdSSdqUjmGKivDZLHeWDs48njUYQT-KSwb8xev28uIfsWu3i6BK1p

Request Chain 156

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBe5Lpf_SdSmjwRYsfn54_c&google_cver=1&google_push=AXcoOmRAFuMxjbZpD6egSyszxVW3Kt0YxouxpvALkUEzow5iJXOHTphsi3i8hsDnjblfAXn77CeyPGRYDnRZYACnt7fTxnHIU7P5K0fojmYr15aAEhq3qaDl7LxRsKDPugCUDDgtoaal6GwmeofeslVJzLWK HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBe5Lpf_SdSmjwRYsfn54_c&google_hm=ZYPfWSHpnNLfpWuV-LZDnQAACJkAAAIB&google_nid=index&google_push=AXcoOmRAFuMxjbZpD6egSyszxVW3Kt0YxouxpvALkUEzow5iJXOHTphsi3i8hsDnjblfAXn77CeyPGRYDnRZYACnt7fTxnHIU7P5K0fojmYr15aAEhq3qaDl7LxRsKDPugCUDDgtoaal6GwmeofeslVJzLWK

Request Chain 158

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEBQDa0MdVZl1tR7X4TxIOmc&google_cver=1&google_push=AXcoOmRy6K9iCr9q41ptIGljwgVDJZfKilLu9qMXooLVmP5Ytp7fPzeQa5hmdN_hVLcOOrzLFsehmIoKnJQdmrYYWYPYrtGsjUJRz-zN74Avj_v_YlCcsm6ha2H0QDYYXJy06NVC1Rw9wxtfL0PCUQZENSpQeA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTExMDY4NDA1NzcxMDg0NTk0Mw%3D%3D&google_gid=CAESEBQDa0MdVZl1tR7X4TxIOmc&google_cver=1&google_push=AXcoOmRy6K9iCr9q41ptIGljwgVDJZfKilLu9qMXooLVmP5Ytp7fPzeQa5hmdN_hVLcOOrzLFsehmIoKnJQdmrYYWYPYrtGsjUJRz-zN74Avj_v_YlCcsm6ha2H0QDYYXJy06NVC1Rw9wxtfL0PCUQZENSpQeA

Request Chain 161

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPywhh-aYjmeTCeqmwOfgJE&google_cver=1

Request Chain 163

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEOxFtatrLacey-8WDbunsd4&google_cver=1

Request Chain 168

https://ads.travelaudience.com/google_pixel?google_gid=CAESEM_h5SOFG2WO6KZFqnKGVe8&google_cver=1&google_push=AXcoOmTkI1nnwDhIrmiCb5SfltkKDRgET18e8xQ0NHk3jJPARKJnZ4YPelvBucN7cbhVKUM-i6dXMrcqg8FA2HHGH-anECr4PBu-WRu5KE7cdDdd4FDaVcLkglSnZtkQj-sVdSe_RQDG_uPP0MPhKNl0sHeI HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=A4DkflFISVw7f9fUTww-Xw&google_push=AXcoOmTkI1nnwDhIrmiCb5SfltkKDRgET18e8xQ0NHk3jJPARKJnZ4YPelvBucN7cbhVKUM-i6dXMrcqg8FA2HHGH-anECr4PBu-WRu5KE7cdDdd4FDaVcLkglSnZtkQj-sVdSe_RQDG_uPP0MPhKNl0sHeI

Request Chain 171

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBe5Lpf_SdSmjwRYsfn54_c&google_cver=1&google_push=AXcoOmRSU3SgiolP651TD4Uqm8jc-3cXqqm_3lGGDQTq1RYGn2nkRtcVS5qA8jsw7dC2ihwTQ9rV4Ih4wTqEykVRQSJo760oMdD2f9p_I7EA8NJ2tzNos8yfoZOlsiBDTAxk-vahYIdrhmEQG3QAOX7pDq0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBe5Lpf_SdSmjwRYsfn54_c&google_hm=ZYPfWSHpnNLfpWuV-LZDnQAACJkAAAIB&google_nid=index&google_push=AXcoOmRSU3SgiolP651TD4Uqm8jc-3cXqqm_3lGGDQTq1RYGn2nkRtcVS5qA8jsw7dC2ihwTQ9rV4Ih4wTqEykVRQSJo760oMdD2f9p_I7EA8NJ2tzNos8yfoZOlsiBDTAxk-vahYIdrhmEQG3QAOX7pDq0

Request Chain 172

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPo2eh7qZWvBvLsaz2R6HC4&google_cver=1&google_push=AXcoOmQ4ZsAhoRuvburENV_np1COcwLE0lAm7S88XTtO3mcrjeUYrmKujIueVMsit7CYWo51c6tyjuEX1x9lLMkgtGgggiFUHmIhSpHKC0M1-JcfjthkeNXw5_Ua4bWqUj5STZTsS10c0au7hk8MX6jsACIW HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPo2eh7qZWvBvLsaz2R6HC4&google_cver=1&google_push=AXcoOmQ4ZsAhoRuvburENV_np1COcwLE0lAm7S88XTtO3mcrjeUYrmKujIueVMsit7CYWo51c6tyjuEX1x9lLMkgtGgggiFUHmIhSpHKC0M1-JcfjthkeNXw5_Ua4bWqUj5STZTsS10c0au7hk8MX6jsACIW&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQ4ZsAhoRuvburENV_np1COcwLE0lAm7S88XTtO3mcrjeUYrmKujIueVMsit7CYWo51c6tyjuEX1x9lLMkgtGgggiFUHmIhSpHKC0M1-JcfjthkeNXw5_Ua4bWqUj5STZTsS10c0au7hk8MX6jsACIW&google_hm=H21WpGZHRJwVYKItSQOQ-hZK

Request Chain 218

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEC5MVYh-hmqq1_PaVBTSfSo&google_cver=1&google_push=AXcoOmTz75ZmVETnU-NtJ9zYVra4_NnotmwovEw2zLDFWtk4EkU3LmRmamvUaxnJ6O3BPBrBZXIzyA10Dw8B4EaTGXrTWmTJqjoH HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UGJSWDJ3Z0gxUmdjUHY1&google_gid=CAESEC5MVYh-hmqq1_PaVBTSfSo&google_cver=1&google_push=AXcoOmTz75ZmVETnU-NtJ9zYVra4_NnotmwovEw2zLDFWtk4EkU3LmRmamvUaxnJ6O3BPBrBZXIzyA10Dw8B4EaTGXrTWmTJqjoH

Request Chain 221

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBe5Lpf_SdSmjwRYsfn54_c&google_cver=1&google_push=AXcoOmTZYWc6nWk7iGo2JLn90DSzIeo71nrQG4B6QemS6fmWYamxEb2VSAdm4GZXBw_zv2vEDGpmUpokH9EmhVOn2TxLYB0xHy7W5g HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBe5Lpf_SdSmjwRYsfn54_c&google_hm=ZYPfWSHpnNLfpWuV-LZDnQAACJkAAAIB&google_nid=index&google_push=AXcoOmTZYWc6nWk7iGo2JLn90DSzIeo71nrQG4B6QemS6fmWYamxEb2VSAdm4GZXBw_zv2vEDGpmUpokH9EmhVOn2TxLYB0xHy7W5g

Request Chain 222

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEMoAKh0fnv3wm3W5A-ICAoQ&google_cver=1&google_push=AXcoOmTIE5tws7xVdM2p0k9UoxdZZvy0-LAjODAU9zzsS4AaOLat6agY3yBNW2AWOhoXDIe91fQSXo12YEhCEeL320qu_NT_bsrKQQ HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmTIE5tws7xVdM2p0k9UoxdZZvy0-LAjODAU9zzsS4AaOLat6agY3yBNW2AWOhoXDIe91fQSXo12YEhCEeL320qu_NT_bsrKQQ&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1703141209535 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-f469cf96-bcfb-4c37-82d8-aaaee8bc7a46-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTIE5tws7xVdM2p0k9UoxdZZvy0-LAjODAU9zzsS4AaOLat6agY3yBNW2AWOhoXDIe91fQSXo12YEhCEeL320qu_NT_bsrKQQ%26google_hm%3DA_Rpz5a8-0w3gtiqrui8ekY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTIE5tws7xVdM2p0k9UoxdZZvy0-LAjODAU9zzsS4AaOLat6agY3yBNW2AWOhoXDIe91fQSXo12YEhCEeL320qu_NT_bsrKQQ&google_hm=A_Rpz5a8-0w3gtiqrui8ekY

Request Chain 273

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CMDRubb3n4MDFSmY_Qcd_BIFow;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023122107464991488367715X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023122107464991488367715X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=120211&partnerid=12218

Request Chain 276

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneiddk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPWoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1703141209_b794a160-9fcc-11ee-8661-22610dd0df18&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 298

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wVoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CKu3w7b3n4MDFUaSgwcdP1UGUA;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wVoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wVoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1703141209_b7b521b0-9fcc-11ee-9488-2234841a3abe

306 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan Show response
www.xgcartoon.com/detail/ 97 KB
20 KB 1240ms
610ms Document
text/html 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6131dc1f5f4917d39d60cc5a0acdf6cc86983144801036d6a6dfde7e265a1b00

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=60
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 21 Dec 2023 06:46:45 GMT
etag: "185c0-2Hx2wRUQtLI9BfquBbcMEeI0Sgs"
expires: Thu, 21 Dec 2023 06:47:45 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 54ms
33ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0435079f9a4a1280a9ccfbb593d29768c3f96b4cd7b0c6ee2134f820b5f65cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 21 Dec 2023 06:46:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73141
x-xss-protection: 0
server: sffe
etag: "20620290c9309704"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 21 Dec 2023 06:46:46 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/v0/ 82 KB
24 KB 39ms
17ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb22b6f1eaa16879c8550599bc09f556bba897ecd3826a49db742558c1e0751a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 21 Dec 2023 06:46:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23125
x-xss-protection: 0
server: sffe
etag: "03885caa855825de"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 21 Dec 2023 06:46:46 GMT

GET
H2 200 amp-autocomplete-0.1.js Show response
cdn.ampproject.org/v0/ 29 KB
9 KB 36ms
29ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

878a2cd75957206fa5958be9c549e0b8f9adf16b6ae5aa305b1405649f2d84a5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 21 Dec 2023 06:46:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9459
x-xss-protection: 0
server: sffe
etag: "8a483731af74fd28"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 21 Dec 2023 06:46:46 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/v0/ 50 KB
15 KB 33ms
25ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-form-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e40d97b983b5756bf934b6b97d8d3fbb7cd719406bf82fee6e8a2c1acced376d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 21 Dec 2023 06:46:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14979
x-xss-protection: 0
server: sffe
etag: "5c37322451a9f07d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 21 Dec 2023 06:46:46 GMT

GET
H2 200 amp-mustache-0.2.js Show response
cdn.ampproject.org/v0/ 45 KB
15 KB 38ms
30ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-mustache-0.2.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83af0c09a4f51158ec41f22995415aad509db6ef38d91c7feda2503acf5c49f6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 21 Dec 2023 06:46:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15383
x-xss-protection: 0
server: sffe
etag: "10ecb1b2e6eeaabe"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 21 Dec 2023 06:46:46 GMT

GET
H2 200 amp-social-share-0.1.js Show response
cdn.ampproject.org/v0/ 14 KB
5 KB 33ms
26ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-social-share-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfc3120b346b740f323485e3711448804353c1c5c213ec822a6ff76e0c7b8ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 21 Dec 2023 06:46:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4740
x-xss-protection: 0
server: sffe
etag: "e23d2a0d990fab56"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 21 Dec 2023 06:46:46 GMT

GET
H2 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/v0/ 40 KB
10 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dca1a0dc1f2b52f18cf46789de016d2937b1829b3f2db9a19aa78f31a9694e5a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 21 Dec 2023 06:46:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10344
x-xss-protection: 0
server: sffe
etag: "710c75735c511774"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 21 Dec 2023 06:46:46 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
32 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10a9496c968fb01e420759b953e1c683c7620261d4d04ae9a290d42dd63d4455

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 21 Dec 2023 06:46:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32187
x-xss-protection: 0
server: sffe
etag: "f62e83b3b94bc414"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 21 Dec 2023 06:46:46 GMT

GET
H2 200 /
c.statcounter.com/12916097/0/c55d9f9f/1/ 49 B
469 B 162ms
135ms Image
image/gif 104.20.95.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.statcounter.com/12916097/0/c55d9f9f/1/
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
cf-ray: 838e2b7c9a022c7e-FRA
content-length: 49
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 logo.png
www.xgcartoon.com/img/ 13 KB
13 KB 316ms
316ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/logo.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:46 GMT
last-modified: Sun, 28 Aug 2022 14:10:33 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"3473-182e4ca3706"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 13427
expires: Thu, 21 Dec 2023 06:49:46 GMT

GET
H2 200 guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan.jpg
static-a.xgcartoon.com/cover/ 169 KB
170 KB 983ms
938ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan.jpg?w=230&h=280&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de6f3845be49878afb5314dd5297e48423a4e952b0ad7fc367627de0338d49d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:47 GMT
cf-cache-status: HIT
last-modified: Tue, 12 Sep 2023 01:35:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "86FC2EE28560ED1682496CF88EE9E17C"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sPN4agqrLqtwn7ha8DGSMb6Va7qYIaFXaRU%2F%2FFoIfnGUFN%2BfzPiIUmhqiN7MzbxpSsPIIrxoobtoUf8qKRzsuRZ36EO1tpR0YeuVQLhU11dj2cSZdwIcKRMbijnVRpBFt4Jm91dym%2Fjw%2BEe3TrWA%2FHmawTw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 838e2b7d49d91cc5-FRA
content-length: 173219
expires: Thu, 21 Dec 2023 11:35:43 GMT

GET
H2 200 play.png
www.xgcartoon.com/img/ 470 B
667 B 320ms
318ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/play.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:46 GMT
last-modified: Wed, 17 Aug 2022 11:09:20 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"1d6-182ab7e5700"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 470
expires: Thu, 21 Dec 2023 06:49:46 GMT

GET
H2 200 star.png
www.xgcartoon.com/img/ 424 B
621 B 321ms
319ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/star.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:46 GMT
last-modified: Wed, 17 Aug 2022 11:09:12 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"1a8-182ab7e37c0"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 424
expires: Thu, 21 Dec 2023 06:49:46 GMT

GET
H2 200 guangzhimeishaonvjuchangbanhejiriyu-dongtangquan.jpg
static-a.xgcartoon.com/cover/ 91 KB
92 KB 975ms
931ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/guangzhimeishaonvjuchangbanhejiriyu-dongtangquan.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8013407130f3d1c34679b5d4a3ca7d56ce95e0a656d501bf0920e8bd8732b6a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:47 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Sep 2023 00:30:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "940062558EBFE44CF53ED01AE9AC1FEA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FbefpOaJxm7MGjQUhBmihaxmjeca%2BZxUs%2FFaYnaGiqXHafvrxg58wPneEfzpLiREKMzFmOV1Frfl2EpbJ3ARc0sqYV3Ojw7vdel1ISr5cyBSpbRTbbapjPJ6HyyUleHiL0hCAVARfGaNHhuhY8swo%2Bhpa7k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 838e2b7d49d51cc5-FRA
content-length: 93564
expires: Sat, 23 Dec 2023 05:39:09 GMT

GET
H2 200 youxiwang_di5ji_arc-vyouxiwanghuguang-wuriyu-gaoqiaohexi.jpg
static-a.xgcartoon.com/cover/ 25 KB
26 KB 800ms
756ms Image
image/jpeg 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/youxiwang_di5ji_arc-vyouxiwanghuguang-wuriyu-gaoqiaohexi.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b8fd957271a7089ccbf728bf63e93fd5de3d78b076ad856a91bed46b09d5abf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:47 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Tue, 03 Jan 2023 09:34:10 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "9D5579EF044E32A5D2AD4C4FAE6EEBDD"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4snU%2Bg3y%2Fg4ubBpC0FnJ8z%2FfzbfqMnVkHlSFZn8xZrA7JKobFacW1i0nHCZbSf6H2e%2Bt8n7q%2FpVawhsqKskMlCZRKp1SQzbIrtTMHs%2FvH6ppBfi4Lt3RnY4BfdXi1N7%2ByRFZ49fLlGAXcMEOVrcxEv6UQuI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 838e2b7d49d21cc5-FRA
content-length: 25636
expires: Sat, 23 Dec 2023 14:05:50 GMT

GET
H2 200 guangzhimeishaonv_shishangtianxinkirakiraguangzhimeishaonv_a_la_modekirakirapretty_cure_a_la_moderiyu-tianzhongren.jpg
static-a.xgcartoon.com/cover/ 95 KB
96 KB 981ms
937ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/guangzhimeishaonv_shishangtianxinkirakiraguangzhimeishaonv_a_la_modekirakirapretty_cure_a_la_moderiyu-tianzhongren.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95f9669f86fe28fac80e3a754575893953ce4880b37490c44fb603257ccfd95b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:47 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 00:54:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "44B8FC9869B28AC50168C1C25FE7400B"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kgrKu%2Blty%2FpBo8Nz27XmhrRoAQh%2FeaOIzccrBY1U6gBAwVGx7Y%2BgSU%2BcpMqJPBAnrLi9l6VCfmc1tgt6CFnYT8Ej1vjpez6hJPNFcfna1IO2IdsA%2F9%2BqRKx6RbhqKW10hzBwCc3%2FDRR%2B5rAQW6qm%2FK8%2FtlM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 838e2b7d49d81cc5-FRA
content-length: 97771
expires: Sat, 23 Dec 2023 07:30:27 GMT

GET
H2 200 xitongbiwozuohuanghou_dongtaimanhua-liuyuexuegongzuoshi.jpg
static-a.xgcartoon.com/cover/ 83 KB
83 KB 1039ms
995ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/xitongbiwozuohuanghou_dongtaimanhua-liuyuexuegongzuoshi.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac79466527bbddc1f62ebc9439506bf48c8c6f19cfbb8e2bb71541c45e0e032d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:47 GMT
cf-cache-status: HIT
last-modified: Thu, 15 Dec 2022 12:57:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "E81F01E9640F73669094983EFA490030"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XiUUOtlon5BPKjzk2M56YsWw6uSyzcrYObTxD92itcAz3AuPinqupNQM2An9vKH62q1xW6NWt3RukHpTHaxyIUoMkSxREQJYgZgXYB4qUeqsWImWUIToKzYmDM%2BdzB3TGuDMjGYwyGsHMdNQ14lnd4s8MF8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 838e2b7d49d41cc5-FRA
content-length: 84563
expires: Fri, 22 Dec 2023 08:48:36 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012312012346000/v0/ 8 KB
3 KB 31ms
14ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312012346000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e2aa31ea0b4c14103915ba7d906536f68d021c22d3038b36c145bc2e6a2cc1d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Dec 2023 17:16:01 GMT
age: 135045
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2975
x-xss-protection: 0
server: sffe
etag: "a9f93cfafa19b094"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Dec 2024 17:16:01 GMT

GET
DATA 200
OK truncated
/ 393 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 953 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 792 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 440 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 394 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 308 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 227 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 154 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 amp-ad-network-doubleclick-impl-0.1.js Show response
cdn.ampproject.org/rtv/012312012346000/v0/ 237 KB
62 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312012346000/v0/amp-ad-network-doubleclick-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d50653c6b567749e8af96b01371c0830a1ab0731ac3e13230bc12913e00c4f52

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Dec 2023 17:16:24 GMT
age: 135022
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63654
x-xss-protection: 0
server: sffe
etag: "7d5e78ba8c7d5e5d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Dec 2024 17:16:24 GMT

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012312012346000/v0/ 12 KB
4 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312012346000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c54442f21c2cbd18f8e6e2508129e77dab00b67022621679202cfe3b9baa4e9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 18 Dec 2023 06:27:05 GMT
age: 260381
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3942
x-xss-protection: 0
server: sffe
etag: "4694a1430564add5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 17 Dec 2024 06:27:05 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
14 KB 468ms
445ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_header&adk=1412529771&sz=728x90%7C728x90&output=html&impl=ifr&ifi=1&msz=1200x-1&psz=1200x-1&fws=4&adf=2815854195&nhd=0&adx=436&ady=120&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=939000403&ga_cid=amp-kGEOsD9Hc3wpXXK9PzBGsA&ga_hid=403&dt=1703141206614&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan&bdt=153&dtd=6&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69befbbd7edbbc48fba41233380d2227f6172f482a1199954aa54780ea37b208

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13674
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CJ-7gLX3n4MDFbSr_Qcd0hQLmg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 107027453313
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Thu, 21 Dec 2023 06:46:47 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
14 KB 794ms
770ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_vrec_1&adk=3018598273&sz=320x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=2&fluid=height&msz=232x-1&psz=232x-1&fws=4&adf=1409058554&nhd=0&adx=350&ady=819&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=939000403&ga_cid=amp-kGEOsD9Hc3wpXXK9PzBGsA&ga_hid=403&dt=1703141206615&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan&bdt=154&dtd=7&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e702e0c66a3d934ffabf0136769bf8734e339e799e07f68820c982ca7139326e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 160x600
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13686
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CIbCgLX3n4MDFX-j_QcdouYBTA
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138324663388
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Thu, 21 Dec 2023 06:46:47 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
14 KB 632ms
608ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_hrec_1&adk=948107268&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=3&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=2674978360&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=939000403&ga_cid=amp-kGEOsD9Hc3wpXXK9PzBGsA&ga_hid=403&dt=1703141206615&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan&bdt=154&dtd=7&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1b43ffe1a70012949f2b15f16605cb84176e01d10617fc3f2a7449ca5bf8166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 300x600
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13698
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CNe3gLX3n4MDFQHBuwgdgRED2g
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138324663403
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Thu, 21 Dec 2023 06:46:47 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
14 KB 321ms
299ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_vrec_1&adk=132656383&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=4&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=1627611741&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=939000403&ga_cid=amp-kGEOsD9Hc3wpXXK9PzBGsA&ga_hid=403&dt=1703141206615&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan&bdt=154&dtd=8&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3f74aead944972d91365bcdbc06ed9fb304a4f648c87d608f48ae6931140212

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:46 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 300x250
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13712
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CMGrgLX3n4MDFfWQ_QcdgN0E4A
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138324260112
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Thu, 21 Dec 2023 06:46:46 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
14 KB 948ms
926ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_hrec_1&adk=156774037&sz=320x50%7C728x90%7C468x60&output=html&impl=ifr&ifi=5&fluid=height&msz=892x-1&psz=892x-1&fws=4&adf=1662822972&nhd=0&adx=954&ady=1033&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=939000403&ga_cid=amp-kGEOsD9Hc3wpXXK9PzBGsA&ga_hid=403&dt=1703141206615&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan&bdt=154&dtd=8&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f38449a37277d3230824794b2441f2dbb38afbf1a756e4d00fb277f839f7113a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
google-mediationgroup-id: -2
x-creativesize: 728x90
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13687
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CNzlgLX3n4MDFS_KuwgdrSoMPg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138324663415
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Thu, 21 Dec 2023 06:46:47 GMT

GET
H2 200 container.html
61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ 0
0 61ms
14ms Other
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012312012346000/v0/analytics-vendors/ 2 KB
886 B 7ms
7ms Fetch
application/json 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312012346000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Dec 2023 06:42:41 GMT
age: 173046
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 856
x-xss-protection: 0
server: sffe
etag: "e666ca0e175b1b23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Dec 2024 06:42:41 GMT

GET
H2 200 ga4.json Show response
www.xgcartoon.com/js/ 4 KB
2 KB 324ms
324ms Fetch
application/json 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xgcartoon.com/js/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
AMP-Same-Origin: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:47 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 10:49:40 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"11d8-187c255423d"
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
cache-control: max-age=180
accept-ranges: bytes
expires: Thu, 21 Dec 2023 06:49:47 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
247 B 38ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8WE8LSVZQB&ds=AMP&_p=403&cid=amp-kGEOsD9Hc3wpXXK9PzBGsA&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan&dr=&dt=%F0%9F%8D%B8%E5%85%89%E4%B9%8B%E7%BE%8E%E5%B0%91%E5%A5%B3%20%E7%AC%AC12%E5%AD%A3%EF%BC%88Go%EF%BC%81PRINCESS%E5%85%89%E4%B9%8B%E7%BE%8E%E5%B0%91%E5%A5%B3%EF%BC%81%EF%BC%89%E3%80%90%E6%97%A5%E8%AA%9E%E3%80%91%20%E5%85%8D%E8%B2%BB%E9%AB%98%E6%B8%85%E5%8D%A1%E9%80%9A%E5%8B%95%E6%BC%AB%E5%9C%A8%E7%B7%9A%E7%9C%8B%20-%20%E8%A5%BF%E7%93%9C%E5%8D%A1%E9%80%9A&_fv=1&_ss=1&__dbg=1&en=page_view&sid=1703141208&sct=1&seg=1&_et=1000&gcs=
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xgcartoon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.xgcartoon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9BD9 6 KB
3 KB 16ms
15ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 06:46:47 GMT
expires: Fri, 20 Dec 2024 06:46:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7DAF 6 KB
3 KB 16ms
16ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 06:46:47 GMT
expires: Fri, 20 Dec 2024 06:46:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B876 6 KB
3 KB 16ms
16ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 06:46:47 GMT
expires: Fri, 20 Dec 2024 06:46:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ADBA 6 KB
3 KB 16ms
16ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 06:46:47 GMT
expires: Fri, 20 Dec 2024 06:46:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0A14 6 KB
3 KB 17ms
16ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 06:46:47 GMT
expires: Fri, 20 Dec 2024 06:46:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9BD9 24 KB
7 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com
URL: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191419
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 01:36:29 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 9BD9 25 KB
10 KB 163ms
140ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com
URL: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a266e4db9933d32c7069e181c13507a6baf6c69981ed67e6bfbd8de26f603a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10283
x-xss-protection: 0
server: cafe
etag: 11473944773076551368
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 06:46:48 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9BD9 203 KB
64 KB 247ms
81ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com
URL: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Dec 2023 06:46:48 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7DAF 24 KB
6 KB 26ms
10ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com
URL: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191419
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 01:36:29 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 7DAF 25 KB
10 KB 162ms
145ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com
URL: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4644c8170155f76f5c8812e6de5625011b0dab3ea1dccc9ea1df6ead950243c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10277
x-xss-protection: 0
server: cafe
etag: 7950335512591570027
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 06:46:48 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7DAF 203 KB
64 KB 247ms
86ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com
URL: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Dec 2023 06:46:48 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B876 24 KB
6 KB 22ms
9ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com
URL: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191419
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 01:36:29 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame B876 25 KB
10 KB 156ms
142ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com
URL: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4644c8170155f76f5c8812e6de5625011b0dab3ea1dccc9ea1df6ead950243c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10277
x-xss-protection: 0
server: cafe
etag: 7950335512591570027
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 06:46:48 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B876 203 KB
65 KB 195ms
37ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com
URL: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Dec 2023 06:46:48 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame ADBA 24 KB
6 KB 26ms
16ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com
URL: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191419
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 01:36:29 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame ADBA 25 KB
10 KB 158ms
147ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com
URL: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c93dd298a227decbcbc5fcc458c787f081db10425e322950458c08e0656384d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10277
x-xss-protection: 0
server: cafe
etag: 8188157995017847591
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 06:46:48 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame ADBA 203 KB
64 KB 239ms
84ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com
URL: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Dec 2023 06:46:48 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 0A14 24 KB
6 KB 20ms
12ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com
URL: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191419
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 01:36:29 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 0A14 25 KB
10 KB 157ms
149ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com
URL: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c93dd298a227decbcbc5fcc458c787f081db10425e322950458c08e0656384d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10277
x-xss-protection: 0
server: cafe
etag: 8188157995017847591
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 06:46:48 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0A14 203 KB
64 KB 227ms
74ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com
URL: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Dec 2023 06:46:48 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9BD9 0
463 B 126ms
122ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKcsNtKVrsy_39PcQTW5id86l6kCXYPkG8KtwsZ7UWhJYATAM4H2gnmdkwuqzg590hKo98AkOb27bV0HA7HvYEV9JJPXk7xJ2gbtqv_cfcyAUInMV63ZD35fARnsfTr_Pr8AbYF6ZLI5p6sWcH-E7na7-6E3E7lTQWDytX_ikMB0Cz03vWWBAH0jJUVK5kq3aYJ68kaOjFQeOpcd8BbTSn5AS9jr9dkFNA-2__WnmDKPl93wyNS0JdkJQ_XNMrdNqQfXzFdba7L2NFxLw1mQmuZOkJ9S1HMC6EQemaudxFB01WeaQmuc6mOcXsJngxGJDn4KB1ZTVp5ncwBSWHGn2M4KwxdthiElFmmWZO1eWWzEP0UOWtGz6kEThhfEkiJ6gRTc5Z3qJzDhvxkwWgbA&sai=AMfl-YRRgv39fbSmqIZVcpKE5C6tiKCkLwzNbmMyZ92Cq7mip60vM1zI81HDD1QLxmjxP_WawPuAS9qoY3vWPZU&sig=Cg0ArKJSzMKb_pJBnc2NEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com
URL: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Dec 2023 06:46:48 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame B876 0
292 B 122ms
121ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssY5CABwMw_eYbPbzl4d5vfHNs0RbvvkoL4Jv-6MSa_h10APjOv_KuD80OiF5IpgnPEMYhmAPeCvD7T5X3BbCsOX_4AP8N2Xh0PAzg7xY5Vdy53bvGIIGHbuka4cFhzjtVScMfScfHM28cqE9jdHMI3N8Fn8hENozuydZK9-LcfmXziam5FCkkvDuV_QIYIWa9dXQygngqvqru_ILP9lux-389V0lOQxLY5SJrmsNNJtgp9R3K_SdiRiQJ424Wh_kKUGeaAfhbARdB-4Nyth861OclMwHHsUjRRW3sS0CTodDINJFgWgxCOF_G0zeBVK2cMimtQvLnP9vAKEYFwKkvFg9zgP396vvNzi4QPMzc5jsl53b3SKINjln4SC6jUF-7XpPLfVBax73SKy8kF&sai=AMfl-YROzOwnlmaHyXv0fV49tMSmOVUwb16y7TPEff7nTd5JJd_P68QLgk3Evk643sjfnFPRPInwAsauHhpqu-E&sig=Cg0ArKJSzJ5BGZ8avB2ZEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com
URL: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Dec 2023 06:46:48 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7DAF 0
292 B 157ms
157ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssAiafUsGNf50mLkoFs-QHgi00NVpAl41YWBIfAJJ9kJX8bWA2y05o7aYkWi25Ne2j8mAI6OCgKsE9y9Tv9_UzKM1ojk5SJyjzfYugPNQJuFqv0PtSRCVxVKHkZ1NFiSzzVr7q_UpZ5WcnFWRxAjLBYNqkVHPFBpMou3avYy_YWKhKm6tJw69kFLeKHnF3sWhEF_vhovvlTncA2AeJhVVuDS2afh1d8Tgbt31otd3nNenKh-UyHYWd1VHNmECZgOhh5XD6m7hRJghr9xtxTrpXSZpnxY7fvv1gPVQ4QhFCw363jOOcq41XXN1YS6EXaTvJ-9jZsywwdDPc775oGGEesNfeB_g9eRmLhQskKV2gun0JMionNFQNSXWUMZ-HbI3j_C3V-TRTCbSPFlTAEYg&sai=AMfl-YQ6fzeREZ8R4KjVIxdQLYmfKOYuLXakniuu8SsU_ftV3K6QG3Hlemwj2U_5lwSg8WGbTDiOIgG5xCPpPLk&sig=Cg0ArKJSzCp42TpsZTd5EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com
URL: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Dec 2023 06:46:48 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0A14 0
294 B 155ms
155ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvX9gF6NFTEbRHiMEBSPPYadcqNBIB6UdNH_KdoZgelNRfwAq7oN3HtoPBqUfu-lCgGCVZJlzHpZAFvXzVu1fg1l-xEnokPYEnL1ZaMaWk4EvfshJHs7jS-dL-58vrLlQz9SM6VLRh2cfEpl423556lfuus2dfDeJfXENglFfUyFAwApG1VARS2x6EbnlbBkae4_3B2vlUXegv8PGclVGYVl8aNMmwBEHXkQg4_XShLe517VqcCIImRmIr-owI7Qk85CdF4cQ-dUp87nCj4UwI1NfCcIRQUZb3vnLemJ4jD4em5YUrPk-CL76IeYLl19ND6yO7otojK67IvJqsKOcO__HmemhaIuurSWSf3oJWwh-tHSwevTKj5ggPt8CvdsPI5jvgcLZ4WcrNxvaW5A&sai=AMfl-YQtulo61PiMn2gEr5_CEDOnsK1z0oLFRlBxuI7EwBa3rQf4o5jjdkjRL6trKeFiGDuZ7KUGAw23J50VxJo&sig=Cg0ArKJSzDPnRAw9UMQzEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com
URL: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Dec 2023 06:46:48 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame ADBA 0
293 B 154ms
154ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurBCXMlRA5qWhQWzeOr8ytqNMFqmiM1Pt-ww0UTXGAxBS7Lxxq-G_qOazRE7bfzW3F9dGTahOptRYcyeJBiXuHfipPi4Bf4T0VZCABN0DuzpUjjBt5Hdy7exY8ZGC65SUlqmiXo0xD-3veCLtNR7mUuii0QY3Julz_4xQENGRkCVIh5Jdmh_fFJfYArpJODyXDIt8V9LuqWoaNpTsLr3subye-BjovJoRVZFUq61pOGyYm4YZl70MC3nr_K7jvvtqOP1o6kSVVVfhVgN5tpd1uCzgkFHtSOtMGLTEKJZ2AVIgb9I3tgRdRvifZ4jxSRy16bd86q2-xYq2J2F-a1vv6v9Erw5mQbmqrnCy-2gCkNqzwaVxeeGBK7eubCNrLwkQYKyWRhkqC6gX4EJHI&sai=AMfl-YRgCnwP-_t7t_hg7TpIC-GZrDKYcC8afM799OwiyWHAvEfgEErvExd1tJAOLUEf6ioajtSriZm3jTx7poE&sig=Cg0ArKJSzP2uINkXpX9uEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com
URL: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Dec 2023 06:46:48 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9BD9 145 KB
50 KB 67ms
64ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f7d32ce355726ba5972fc40b122bc2aef527aac97f6e739857c0a5660046e4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51247
x-xss-protection: 0
server: cafe
etag: 8968547380931218386
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 06:46:48 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7DAF 145 KB
50 KB 190ms
190ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d27132ef28c04d5cea0fb140fd574c18ccd4d7dfb02a2621bcb8b356fb6617d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51251
x-xss-protection: 0
server: cafe
etag: 4237588189122660007
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 06:46:48 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B876 145 KB
50 KB 157ms
157ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8af31df5e0185c8210ea1ea3d6adba4902eee75f92b57cfd4b8aff1061ab581f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51251
x-xss-protection: 0
server: cafe
etag: 15930574062013867381
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 06:46:48 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0A14 145 KB
50 KB 158ms
157ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13ca7f8ca7e3e8534d9e9e2f3edcd3170ca882e1295ff9940e443b7648a2efb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51250
x-xss-protection: 0
server: cafe
etag: 3420957690257036973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 06:46:48 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame ADBA 145 KB
50 KB 154ms
154ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe2841f32d2fb0e3c1cb4b1517e5be596ceff8cfcdaedd446c0e7822fda9e102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51251
x-xss-protection: 0
server: cafe
etag: 16310638855752357025
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 06:46:48 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame 9BD9 399 KB
135 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3654fdc8bbe4f55644ae047081eda8ce9e5532dedfb86df23519fb6e7b5419e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137962
x-xss-protection: 0
server: cafe
etag: 15976714756569914186
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 06:46:48 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 5A51 9 KB
4 KB 27ms
6ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 61030
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 13:49:38 GMT
etag: 5585625838579639069
expires: Wed, 03 Jan 2024 13:49:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame ADBA 399 KB
135 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cc4300a9fffaf77f0abe572bc905ccd085437d5f6511057f2078caecace10ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137955
x-xss-protection: 0
server: cafe
etag: 16351662608342944986
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 06:46:48 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame 0A14 399 KB
135 KB 124ms
124ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48996e74bebf44867bdf2ad3fc3a2fd7a9f7f7b9317e6a652f8e6191cfef90e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137965
x-xss-protection: 0
server: cafe
etag: 3206125949629391187
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 06:46:48 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame B876 399 KB
135 KB 168ms
168ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3054c8545e93da11f2f9c22b6893e8b1abfd05849b321456b04d67cb010f98ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137962
x-xss-protection: 0
server: cafe
etag: 17789769992127569371
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 06:46:48 GMT

GET
DATA 200
OK truncated
/ Frame 9BD9 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb39cececc3386d8637d37d17148f5c932709a977429d2fd361500897ffb4cca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7DAF 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba7be9e0508d94cc1b2a37d900b3f40b9043b85772060ca5123d8ae69ea3c661

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0A14 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f8a1c2074dce48c62d8c2da4df014c0784f22797150f693b5d5fe37772e7614

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame 7DAF 399 KB
135 KB 164ms
164ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cc4300a9fffaf77f0abe572bc905ccd085437d5f6511057f2078caecace10ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137955
x-xss-protection: 0
server: cafe
etag: 16351662608342944986
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 06:46:48 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F8DB 112 KB
47 KB 428ms
428ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208184&bpp=199&bdt=175&idt=358&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2909654689&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079980%2C31080114%2C95320869%2C95320885&oid=2&pvsid=224282422352283&tmod=271731011&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bcxmrq3fhox3&fsb=1&dtd=365

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f244a67ea33b20fd32f485650e80138dd647b02fc7755f3cd2616860c9271b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 47756
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 06:46:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C7A7 39 KB
16 KB 400ms
400ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208196&bpp=268&bdt=177&idt=428&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3665888830&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44807406%2C95320868%2C95320884&oid=2&pvsid=3211755927192484&tmod=1766228811&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uotmlotl2te&fsb=1&dtd=436

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e0e42f83d42a3953cdbdeccb1bb4e0b54a8d55bc72fa39ad586efbfad7764fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 16739
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 06:46:49 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 708A 112 KB
47 KB 452ms
452ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208194&bpp=283&bdt=174&idt=501&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=4077711389&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31080103%2C44807405%2C95320885&oid=2&pvsid=4409605273235972&tmod=496843437&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ide632qfehe&fsb=1&dtd=509

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c3ebe6c01127f757dcdf849f6d815c373c69aa4ad8900b42e8e6924d43b447f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 47649
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 06:46:49 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AE64 47 KB
17 KB 387ms
387ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046730&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208191&bpp=298&bdt=172&idt=560&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3665888830&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31080103%2C95320868%2C95320885&oid=2&pvsid=2764356450645395&tmod=1193849312&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.31n52mj8brns&fsb=1&dtd=569

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd8a8ddcbb2f3273c1c055c1dec46bebd1cbc3c062ffce9749a5c14d15ad21f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 17448
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 06:46:49 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 40C2 48 KB
17 KB 520ms
519ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208189&bpp=313&bdt=171&idt=660&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=0&ifk=4082199518&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079758%2C44798934%2C95320885&oid=2&pvsid=3853718522373933&tmod=1669376511&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.hbg5n0rfinfl&fsb=1&dtd=663

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b34b46043cd31ffccf48197da9e9d48d9b64b53bb9d0979659d1969ae27b9e30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 17443
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 06:46:49 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F8DB 42 B
63 B 41ms
41ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AOaMJsc3UnmvRCLf5AQASacz7Y0du5XbiWca7ST-njziZ-qEQOD-ntbfVqaeblQmnCc9jGfmmJ4mdMF94tzW-vfSQn6aUMnjI39CJ8yj56kHioN70

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208184&bpp=199&bdt=175&idt=358&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2909654689&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079980%2C31080114%2C95320869%2C95320885&oid=2&pvsid=224282422352283&tmod=271731011&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bcxmrq3fhox3&fsb=1&dtd=365

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6433 624 B
242 B 47ms
47ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY_4To4gEwAQ&v=APEucNXEKWnxP6UVWEq2fiq83swx3ltgbiMUtJ_pQd0RLpbVpRUpmaOe0Oceh14J0oufyJuQB9pCelDFt3-y3qkB9BbxNSHEgFNY_W6LrQDocuLHXpbs8MEkTJhulxDjIUjmWh2Dk2gJe2zQa341VP2sH-zNPaAXIEvLcVl1eatWUD9UCKZ27ow

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208184&bpp=199&bdt=175&idt=358&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2909654689&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079980%2C31080114%2C95320869%2C95320885&oid=2&pvsid=224282422352283&tmod=271731011&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bcxmrq3fhox3&fsb=1&dtd=365
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 06:46:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame F8DB 172 KB
61 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25065
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Dec 2023 23:49:04 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame F8DB 7 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 02:43:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14602
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 02:43:26 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame F8DB 23 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 20:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 20:43:00 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame F8DB 41 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 477701
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Dec 2024 18:05:08 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame F8DB 3 KB
1 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 13:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61505
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 13:41:44 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8C68 1 KB
643 B 9ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77599
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 09:13:30 GMT
etag: 48472445140208031
expires: Thu, 21 Dec 2023 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame F8DB 20 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17550
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 01:54:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F8DB 0
0 38ms
15ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSTgw7Su4P3QVw-uO4MIuMyZsWq3FruFNoKOcmKEBuT5VR1_pwcn8S_t0gbr37rtG_Kr4Xbu0Vp7prOlFiE6jhMzed0Xw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208184&bpp=199&bdt=175&idt=358&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2909654689&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079980%2C31080114%2C95320869%2C95320885&oid=2&pvsid=224282422352283&tmod=271731011&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bcxmrq3fhox3&fsb=1&dtd=365
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F8DB 203 KB
64 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Dec 2023 06:46:49 GMT

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 1877 38 KB
13 KB 7ms
6ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 164002
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 09:13:27 GMT
expires: Wed, 18 Dec 2024 09:13:27 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F8DB 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc0bdf644670b96e7be39e875374c3a5303f904205e2109800d3e8f5c7c2b2ba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8C68
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJzR3EFOa72JGI5z0c-nUCM&google_push=AXcoOmQr6Wzk4Unbvd-UBM0Xbdi4LYGgj31zMFdoMFv_OSUaVU6hL0v2lM...

170 B
188 B

16ms
16ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJzR3EFOa72JGI5z0c-nUCM&google_push=AXcoOmQr6Wzk4Unbvd-UBM0Xbdi4LYGgj31zMFdoMFv_OSUaVU6hL0v2lMWTqvHGjCOHzOG_ktfZw_dCSUue10ADjAeN8i97vMvV-YV4gbcGXZCtDSB4d98GBMX_6sVoZ1tCZPiRLlfB9trBF0fg5OGPOtMB

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-etou8220069-FRA
pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1703141209.052966,VS0,VE88
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEJzR3EFOa72JGI5z0c-nUCM&google_push=AXcoOmQr6Wzk4Unbvd-UBM0Xbdi4LYGgj31zMFdoMFv_OSUaVU6hL0v2lMWTqvHGjCOHzOG_ktfZw_dCSUue10ADjAeN8i97vMvV-YV4gbcGXZCtDSB4d98GBMX_6sVoZ1tCZPiRLlfB9trBF0fg5OGPOtMB
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 8C68 0
187 B 60ms
16ms Image
text/plain 98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEFe7t3u4OD2Uvu6Z8oQYsz4&google_cver=1&google_push=AXcoOmQ7LiJBeooEG_uevABKePPiRKvvM76zwsmfkuZZg7bvGcJgc3QM-ESGP4vAPkOPYD392WEusfe88GAQNsF2O5RTMeUfLh66LID56loBdwagAtxfdLcMTc5-Wsp3zv-JrSrZDDo3j6TRXCnAKMpb6z0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208184&bpp=199&bdt=175&idt=358&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2909654689&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079980%2C31080114%2C95320869%2C95320885&oid=2&pvsid=224282422352283&tmod=271731011&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bcxmrq3fhox3&fsb=1&dtd=365
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8C68
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEM_h5SOFG2WO6KZFqnKGVe8&google_cver=1&google_push=AXcoOmQJPMWoSb8i59sPWPFISutSwSVM-E4esLcNUnPSWAjs_h0Wq6xBWc3DkyrwP5Lsh3tqf7fYUfajWtrN20E2...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=A4DkflFISVw7f9fUTww-Xw&google_push=AXcoOmQJPMWoSb8i59sPWPFISutSwSVM-E4esLcNUnPSWAjs_h0Wq6xBWc3DkyrwP5Lsh3tqf7fYUfajWtrN20E2-zxxduM8c1OJSaU...

170 B
232 B

18ms
18ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=A4DkflFISVw7f9fUTww-Xw&google_push=AXcoOmQJPMWoSb8i59sPWPFISutSwSVM-E4esLcNUnPSWAjs_h0Wq6xBWc3DkyrwP5Lsh3tqf7fYUfajWtrN20E2-zxxduM8c1OJSaU3mvUhwezN3uGS8jWh8wF7Th80MgH9AGY-NG4sDGr-A59fSR0JQkfQ

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 21 Dec 2023 06:46:49 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=A4DkflFISVw7f9fUTww-Xw&google_push=AXcoOmQJPMWoSb8i59sPWPFISutSwSVM-E4esLcNUnPSWAjs_h0Wq6xBWc3DkyrwP5Lsh3tqf7fYUfajWtrN20E2-zxxduM8c1OJSaU3mvUhwezN3uGS8jWh8wF7Th80MgH9AGY-NG4sDGr-A59fSR0JQkfQ
x-host: tde-deliveryengine-production-784bc7b8df-qq4c7
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame 8C68 0
237 B 83ms
33ms Image
text/plain 2600:9000:2453:ae00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELIIXVp99qI8FQFMNy-w9wg&google_cver=1&google_push=AXcoOmQaJy6LnGdDwytDuuwzzGm9RmZq5-RBRgdDHCe2CTwD3BX1TS47nWe-WjTYAPTTyLUXAWZca08gM6Oj848CpMvCXck2iIQ5CAqn4ULtkgD59gZDWpGr1vXCx9yDXvrgu-OJEoltLSM8JaHMFyCVHYay
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208184&bpp=199&bdt=175&idt=358&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2909654689&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079980%2C31080114%2C95320869%2C95320885&oid=2&pvsid=224282422352283&tmod=271731011&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bcxmrq3fhox3&fsb=1&dtd=365
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2453:ae00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
cache-control: no-cache, must-revalidate
via: 1.1 71b26382155ee54bc1b92cacc095ce82.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: HAM50-P1
x-amz-cf-id: CguKg6MaATBPT1x0-PqJ_-zsxx-OdvfHaQxXRXEmOWqDN_81p3DMJQ==
x-cache: Miss from cloudfront

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8C68
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAx4cUdl34UUlqIoWN6gecM&google_cver=1&google_push=AXcoOmT6ydUere5keRoQrA186uXU864HSX0UMhGc31npnD5GGPOSIWfMh6C0MBfeaFi1D2Wfh8vD-7abzWU3...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT6ydUere5keRoQrA186uXU864HSX0UMhGc31npnD5GGPOSIWfMh6C0MBfeaFi1D2Wfh8vD-7abzWU3ZSL6GY0Xi97Ht7q9iKN6Tu6dc92ZF8zQ7sIY...

170 B
243 B

21ms
17ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT6ydUere5keRoQrA186uXU864HSX0UMhGc31npnD5GGPOSIWfMh6C0MBfeaFi1D2Wfh8vD-7abzWU3ZSL6GY0Xi97Ht7q9iKN6Tu6dc92ZF8zQ7sIY3EmbkXUvhn3Lbo3LlR-W09sOhupoTamRpXBa

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT6ydUere5keRoQrA186uXU864HSX0UMhGc31npnD5GGPOSIWfMh6C0MBfeaFi1D2Wfh8vD-7abzWU3ZSL6GY0Xi97Ht7q9iKN6Tu6dc92ZF8zQ7sIY3EmbkXUvhn3Lbo3LlR-W09sOhupoTamRpXBa
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 8C68 43 B
146 B 29ms
8ms Image
image/gif 35.156.190.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEHwiWbGF-iQ2JbNm1E9KdGE&google_cver=1&google_push=AXcoOmRy6pMmD_EHOLuJ3BHc9KFbpM-yTzFLo8EJTBSfe3k6CIWonMgpk_QyUFNVcDBsV79DnAdYfyXP0qFXCxmpxPqjgO9gpWb63HyJ3hyuoGA9-MwenfVNm_ICUvCtv9zacK-jvNL8xPD6FVfp6lpg72blTA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208184&bpp=199&bdt=175&idt=358&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2909654689&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079980%2C31080114%2C95320869%2C95320885&oid=2&pvsid=224282422352283&tmod=271731011&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bcxmrq3fhox3&fsb=1&dtd=365
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.190.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-190-4.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8C68
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=35bb907b-32e3-4a04-8de3-cdb8f88d5bb3&google_cver=1&google_gid=CAESECYPtj4PnQ7PEX5-IQdqYwI&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
232 B

16ms
16ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=35bb907b-32e3-4a04-8de3-cdb8f88d5bb3&google_cver=1&google_gid=CAESECYPtj4PnQ7PEX5-IQdqYwI&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQsntO5AuntCwXcTtHCLv5UQ9BloNICp2ddZnqO7hUNAV4MyiHua1vXyqfJGHwzqpMDi1HOb4NVk-EumT_yVU4HBoOHS_TABH6P_zk38TlYb3N1HCMuGDRVyYqvHguIjA0Da1xr0SF_aSDl02inTUg9FQ&gdpr=${GDPR}

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=35bb907b-32e3-4a04-8de3-cdb8f88d5bb3&google_cver=1&google_gid=CAESECYPtj4PnQ7PEX5-IQdqYwI&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQsntO5AuntCwXcTtHCLv5UQ9BloNICp2ddZnqO7hUNAV4MyiHua1vXyqfJGHwzqpMDi1HOb4NVk-EumT_yVU4HBoOHS_TABH6P_zk38TlYb3N1HCMuGDRVyYqvHguIjA0Da1xr0SF_aSDl02inTUg9FQ&gdpr=${GDPR}
date: Thu, 21 Dec 2023 06:46:49 GMT
server: _
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 8C68 0
139 B 50ms
14ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IgBZ9dKjspPB29PXPzTUuWeul2pkaFWfynhW_b8lrURPe8VfBvHKdwWAijl1ty5mzi0splSLw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C7A7 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208196&bpp=268&bdt=177&idt=428&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3665888830&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44807406%2C95320868%2C95320884&oid=2&pvsid=3211755927192484&tmod=1766228811&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uotmlotl2te&fsb=1&dtd=436

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 13:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61505
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 13:41:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C7A7 20 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17550
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 01:54:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C7A7 0
0 15ms
15ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSPZzYSKE4QvXyJJAlsZxsp8gdRPlQSe3UPn4WLsj904-Qr9MTJwC5HOyoxp_m8tiAWWsMLkIoij6iGQFxfgP7WtUO9EQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208196&bpp=268&bdt=177&idt=428&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3665888830&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44807406%2C95320868%2C95320884&oid=2&pvsid=3211755927192484&tmod=1766228811&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uotmlotl2te&fsb=1&dtd=436
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C7A7 203 KB
64 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Dec 2023 06:46:49 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6433
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5IFLyejO_vjiXhAuhJkcA&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5IFLyejO_vjiXhAuhJkcA&google_cver=1&C=1

43 B
737 B

32ms
32ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5IFLyejO_vjiXhAuhJkcA&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY_4To4gEwAQ&v=APEucNXEKWnxP6UVWEq2fiq83swx3ltgbiMUtJ_pQd0RLpbVpRUpmaOe0Oceh14J0oufyJuQB9pCelDFt3-y3qkB9BbxNSHEgFNY_W6LrQDocuLHXpbs8MEkTJhulxDjIUjmWh2Dk2gJe2zQa341VP2sH-zNPaAXIEvLcVl1eatWUD9UCKZ27ow
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fuBx%2BYeMHP57b6jvAr%2ByIrhn%2FpM3OaGCEU6Wre%2Bv64hpYJ72h86%2B0B0CyvqMiDrUDeLLVXQ1PKvs3q972NdquzUDaKon2oYL2A0NBg49vqR8lrFAUMgMHU%2FiYvVsHgNERuKqAkOAyNpiTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 838e2b8cfa7c30e4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uo%2FTffucuQBAlJ2iMesnFVoZPjtLmXBF5QNUebp9RWv%2FwdWr4H5ugIlSf58nLDg7BLoB7jdQMlg6WmFnd%2BfeigJ8zeghMA%2FxZBqPRe8D8G9esTkZOuO6xh3TocUXMHPmSQrAXDhkalVAMg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEL5IFLyejO_vjiXhAuhJkcA&google_cver=1&C=1
cache-control: no-cache
cf-ray: 838e2b8ccf2d65ac-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6433
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYPfWdyuDfYx9JedtfLNlAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5IFLyejO_vjiXhAuhJkcA&google_cver=1

43 B
736 B

22ms
22ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5IFLyejO_vjiXhAuhJkcA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY_4To4gEwAQ&v=APEucNXEKWnxP6UVWEq2fiq83swx3ltgbiMUtJ_pQd0RLpbVpRUpmaOe0Oceh14J0oufyJuQB9pCelDFt3-y3qkB9BbxNSHEgFNY_W6LrQDocuLHXpbs8MEkTJhulxDjIUjmWh2Dk2gJe2zQa341VP2sH-zNPaAXIEvLcVl1eatWUD9UCKZ27ow
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZcs60unFs00RFoWdGW%2By%2Bs81H3WbeGagRE0H%2BEM8sQCkpKpo4RkBTK%2F46O7OizOgC0YKsyq1vjyF0wtBrkljXZaxfw7MC2RB9p%2FCkzp3ozkzapEv38k2GAvNWSfC1dC%2FhM1ZweC9xGl9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 838e2b8d2a9c30e4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5IFLyejO_vjiXhAuhJkcA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 6433
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBMLqQck7kQ0853rm-id9hM&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBMLqQck7kQ0853rm-id9hM%26google_cver%3D1

43 B
895 B

6ms
6ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBMLqQck7kQ0853rm-id9hM%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY_4To4gEwAQ&v=APEucNXEKWnxP6UVWEq2fiq83swx3ltgbiMUtJ_pQd0RLpbVpRUpmaOe0Oceh14J0oufyJuQB9pCelDFt3-y3qkB9BbxNSHEgFNY_W6LrQDocuLHXpbs8MEkTJhulxDjIUjmWh2Dk2gJe2zQa341VP2sH-zNPaAXIEvLcVl1eatWUD9UCKZ27ow

Protocol

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
an-x-request-uuid: c6502b61-a2b1-4640-8af1-548d345719f5
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.10.196; 80.255.10.196; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
an-x-request-uuid: c3a6951b-b7e6-4f04-b171-a14203f6a86b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBMLqQck7kQ0853rm-id9hM%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.10.196; 80.255.10.196; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6433
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTExMDY4NDA1NzcxMDg0NTk0Mw%3D%3D

170 B
188 B

18ms
17ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTExMDY4NDA1NzcxMDg0NTk0Mw%3D%3D

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
an-x-request-uuid: 53b55477-c948-4c3a-9179-f34c34b86fb2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTExMDY4NDA1NzcxMDg0NTk0Mw%3D%3D
x-proxy-origin: 80.255.10.196; 80.255.10.196; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 41BA 2 KB
3 KB 66ms
31ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gkkknac84h3pnth786hnfzkn5dyszx60c5vr1vhr697tsn7zmzqp5vhewvds2f0njcwn36v72zks5616czkgt8gtq075sfwc39vzcaevycmpcv9n39888j4zrkxe2nv9yng4twvk1hsnmqa85gzdsr5yzex5p83wdfe15teykg5w85c78jdeh752wyhjfh4sm7bjk4sb95db41sajcf5g497x4vkqh4232p5e91vjwh4kmr0dbg067btkw3dnx18r1pfxjpteahk8cd110n7kc5fsazdgna8qzdbx21r51ejf8e8kejk3w8kb9j8kv7xqgyz4xkvk66bnabgnq4sjcsymzy7khch943yfk9dtv3p17heafndsccshgksnp7qwzmhacesgcdqt7kgs6619h6hbhsavm4as3mxvm2wn3haa6fzdyrz0y00z3tpvyzpqfptnyydc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvCJZWN-DZaPkK-Gs5LcPxoOpsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0wFP0M7S66V-_N6N0zMyrEjmglbCvPqbapoXveHHpRfaxtnevTcZsJknDfmUOYCE8ts2ZlDuNc1Cr0ArLNbcZXRMO3YOhgmFg7KAmdVnCEIwYufA8dBZlTIwQ3VnEfrQTgGCPaa9OOjIqBPP2AnzNy-8z9RzVx3n_N1hwS_r_QQUEdYRk4y-XzkUyBb35KvVcBFI4NOj-NQd_x5VY9matjO-zad3YeZTpDpGw0O43f4MdfDDyo2AXmizGK8W95eQ9izAZM99t4p5mpYq8a3R_YhH0Yy6gAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WK64-bX3n4MD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_38jD7TGM3zFR0IQ_LVfTQceZ5rCA%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6210315aa01f9c72b1af3dc677061ea0c28081d861251e65b7d318a41cbbab1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 838e2b8ccafc18e4-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 06:46:49 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F06B 1 KB
643 B 7ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77599
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 09:13:30 GMT
etag: 48472445140208031
expires: Thu, 21 Dec 2023 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15415463092317913147/ Frame 3CF5 1 KB
768 B 29ms
15ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=AchYfa73sJ&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51c012cf2461bf8b29f345373366183c7fd121579b6178e942be0b61d8c7da14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 739
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 06:46:49 GMT
expires: Fri, 20 Dec 2024 06:46:49 GMT
last-modified: Thu, 27 Apr 2023 13:50:29 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame F8DB 0
0 79ms
51ms Fetch
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvRmmFaWKKpuGIqhwrIWRIcop-Vibs4MufzYQYQdnMftA_1spIHbG56foiO84AFVgIwb9zFUQy3NHkrT_u0SS50hyQsZbuLLjP2H5mRcWyW_tn1aUT7hLWG8FGWVhWYfvLPMrAZto_RF04VziJ2GT-d6ej8pZo3EnbmOjbm4pZWN0LPsjOdCt79EfRgDaU4Re8FTg2xI_qOAyVekqAiaMNz62CRIDJnI_4hg-unnCQIPN8XliKh2M6sW78E8e7rBvlHOY3t0ytxnOC890vFfx-CUcJUCqfWV8nZ8rJN9qh1EG_NKb9mkANIbV122qrUlhJswrTGmTSBt5g7ynaDtcJ25GVAF25-GpsUxonvvrQlIYSg8ejmpOi9vVow_KLsVqcmAa2PZ5P1t0iB3qLVMADV_oeBQPE5EealYjSkGKvrtqbkT9rHUS6PBFWASfihNbGlJ5MmQyQ8BraLPOIdKD2FvHAzqNHQX_G7nmEg8bqOpsRHrB_aFuBwKCtE-UeTk0AoI_fZch1C6efuiQbPjhlTbptJn4dvxaMKJtu3xGjWGMcNRSYSNJcmRxRW_3xT1OOiK5IphCVrU4EQRqLZsS8DWjlDFEYb6DPcRMWm5aZxKzP5hLJVlLUjU8MBZasLWPg0vll7nXmTQRxJIxPoZdMpw4zRdKu-Swfbc9KGK_m1sK3pfNz0E_lZ9nzRIcfGUm21CVqsBl4mBIUAPfFkP6T3dkP3D51oxDJtsBkDc9sCVtvwYQ3_QKcIm_38-GbgGzMsbcHtwYDorjy-WDY1pkerKgKzlMCf_0H-Li9WLnyilAz8C9hlj4rV50fsc97zTzRq1IrCO47uDR5WWgqpbFlnuaCFCTKCuI1HL892xQlGnYSFATzJx8f__yPLjQFjWlcSz67uPTPeYIZIq1wrA2nNRhstluxUFptGchkZPL-EJ_4ppWTHZw9UoRTbzdmACWnVj9IVd2LXh5OFlFB50Mr5AExOe6yI8Noc3oH-AB8fNb8xW_ywZskP_AIgjGvS1u-VtK4riBX7DSXSBvZ6PpBIudYZo3PYiFUtF6S7Rxm_B4Bm5T6HjsgKzSZri0UBSubTGfRc13c09FHbCvcYnnNtU14nF2Igdq19433a08mBP_EFjrWP1o0KSfTYe3ZeSWSlMQlgxW3eSbOLbWAg0QMO3bW6Oyc5vnTWPXQyc6UBlYFjy_QfgsKXWSlVeM28bHFIVqc-_TVa1TxzeRqAl8aLgQ2T6jwAbfhGZ2Th2Gmi-txAQ3y-UZlpyG9IEiwCwDwe5d9NOfts3VSJQaO9yMJhbp60_xDtEVwPK3wplqTG5C0lw1W9UzyeuAwsEqn02XL6IVK7yuoGw2dCLSe0pJko5OTj2qZ9y1RMt4I_-kRmuyyww9_6rZ9NPwpVfr9kJEWrH9LLoBgEreNkWGtYgIfF66gaYfkwKhOkNUniVghG3w&sai=AMfl-YQsEB8IEjA3lgV7TbP5uSSsFNMjD2AFc0LSPi-Aj5kn5G4ZXmHqUmEMb-7iO8bdjUuIjpsgZdQCqaBe3g02K9e7f3gBtX02TWIRiIZe_IP6Ww3q6RMH5T_9C9M7A_h2vt1ZwoEZSqS29qxMMLPhuq_uaFfaNGGUZD_mMrhbjvulyOnJOUCSn-8kjp-eKwxmhD3E8OaLRYPdi9ugh25dmC-_Oiwx_46i5wlZiJvmIIgKqWHByTFat_Kik5f4cAgysCV198E8MHTCeqc0o4UwYcaP4Ja-UnV0ek-zKwFgZPfwz2NmqDNy9ZAAyqtcmbvG0nri1Zf0XhOCeQ&sig=Cg0ArKJSzHXOJ9-4bYXdEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sdWZ0aGFuc2EuY29tLGh0dHBzOi8vZXhhY3RhZy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=61&cbvp=1&cstd=56&cisv=r20231207.31976&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 21 Dec 2023 06:46:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame F8DB 43 B
1 KB 75ms
23ms Image
image/gif 213.202.235.8
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26915561&extCr=180481255&extPm=361577814&gdpr_consent=&gdpr=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.8 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Thu, 21 Dec 2023 06:46:48 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Do, 21 Dez 2023 06:46:49 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1119
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 1877 39 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 13:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Dec 2024 13:11:09 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F06B
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEC5MVYh-hmqq1_PaVBTSfSo&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEC5MVYh-hmqq1_PaVBTSfSo&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UGJSWDJ3Z0gxUmdjUHY1&google_gid=CAESEC5MVYh-hmqq1_PaVBTSfSo&google_cver=1&google_push=AXcoOmQnpXkX0evWbnEiHlyMOYi-7-P9kYJ1jnG9yQEtxjJ...

170 B
188 B

20ms
20ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UGJSWDJ3Z0gxUmdjUHY1&google_gid=CAESEC5MVYh-hmqq1_PaVBTSfSo&google_cver=1&google_push=AXcoOmQnpXkX0evWbnEiHlyMOYi-7-P9kYJ1jnG9yQEtxjJmN1Ga67XrGQE2Ju7uLtsJah75Pf4GY7oALZiMutPiNIQq8U7LmW5eWeFV8qW2JjUHDoXR7V-ucTiEnC8LU0SmiiskXbygTEHOM4_lrbVR1-_H

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 21 Dec 2023 06:46:48 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UGJSWDJ3Z0gxUmdjUHY1&google_gid=CAESEC5MVYh-hmqq1_PaVBTSfSo&google_cver=1&google_push=AXcoOmQnpXkX0evWbnEiHlyMOYi-7-P9kYJ1jnG9yQEtxjJmN1Ga67XrGQE2Ju7uLtsJah75Pf4GY7oALZiMutPiNIQq8U7LmW5eWeFV8qW2JjUHDoXR7V-ucTiEnC8LU0SmiiskXbygTEHOM4_lrbVR1-_H
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame F06B 43 B
363 B 46ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRbatUONXIiZt2SH0GnuCOwWUkboHRICsghtYHaOyNMFMXYij-Jc4OB9cDd83_OODx0T_NIgHvheN25xuxfV-M5NQEnvza2W63-foC9P-c_jpEyk6vYGYHdusPVdx8K062IkE0DUscFcnBHgaavPIOF&google_gid=CAESEJHfTfibqNzDOtSc7-lhFj0&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:48 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 276938
expires: Thu, 21 Dec 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F06B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBe5Lpf_SdSmjwRYsfn54_c&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBe5Lpf_SdSmjwRYsfn54_c&google_push=AX...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBe5Lpf_SdSmjwRYsfn54_c&google_hm=ZYPfWSHpnNLfpWuV-LZDnQAACJkAAAIB&google_nid=index&google_push=AXcoOmRVexZHRmwsQxi2yxmjREcE8bqLCd6wg...

170 B
188 B

17ms
17ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBe5Lpf_SdSmjwRYsfn54_c&google_hm=ZYPfWSHpnNLfpWuV-LZDnQAACJkAAAIB&google_nid=index&google_push=AXcoOmRVexZHRmwsQxi2yxmjREcE8bqLCd6wgpb9bvGiRwjjMCUqDTFtYDqNfw3HdkrdETtkCOie-_FiCbsMMl6cdDWjE_T6dTxmdbS5g8f87hEzPo-_Z5uVm7w-co4uftKkVPKl5BoZjLu9GCmjaH4lLooK

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GW98NXUv7dU9qzKoWOvMcT1U%2FUOBxXCxW1j0bdOFYRJssnEKDH4CS2YnC5fezbS3IolpxCqsgbgbgKShXi4hsc5vZq9Ips4o%2FzpsGQpOWYHh2CarYOjyfdZ9OXTMk5UFpKWlisXFyuf5xg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBe5Lpf_SdSmjwRYsfn54_c&google_hm=ZYPfWSHpnNLfpWuV-LZDnQAACJkAAAIB&google_nid=index&google_push=AXcoOmRVexZHRmwsQxi2yxmjREcE8bqLCd6wgpb9bvGiRwjjMCUqDTFtYDqNfw3HdkrdETtkCOie-_FiCbsMMl6cdDWjE_T6dTxmdbS5g8f87hEzPo-_Z5uVm7w-co4uftKkVPKl5BoZjLu9GCmjaH4lLooK
cache-control: no-cache
cf-ray: 838e2b8cfa7d30e4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 ebda
match.360yield.com/match/ Frame F06B 43 B
199 B 98ms
29ms Image
image/gif 52.48.74.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESEA8TanoAP__kskNNOOsGog0&google_cver=1&google_push=AXcoOmToGc4jB5NI1sZMWzYjsmRQGuN1kerorN7fgb2Qa7hr5E6pN6IP1i8VxGuiTxWEzvLLcZkZw-HjKge1nP6GjX_F2lqNxUGkmVvDtm232Nu1vtizilnPM9jEg5Oj9GVtyB0Qp4vWKGDoDln8xbmPJes
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208196&bpp=268&bdt=177&idt=428&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3665888830&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44807406%2C95320868%2C95320884&oid=2&pvsid=3211755927192484&tmod=1766228811&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uotmlotl2te&fsb=1&dtd=436
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.48.74.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-74-137.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 21 Dec 2023 06:46:49 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F06B
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAKXG3mql94W3cDi5yHU6ng&google_cver=1&google_push=AXcoOmSXQbONTz9B26O28EwKRbQdcAfXS8UTnnkUHTLIpCFWEt4VYm5Feh5DAS6ZPc_Fr-B_X7BR8E8ynCoFrYONXtiwUY1vGT...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSXQbONTz9B26O28EwKRbQdcAfXS8UTnnkUHTLIpCFWEt4VYm5Feh5DAS6ZPc_Fr-B_X7BR8E8ynCoFrYONXtiwUY1vGTe...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQyMzkxOTczMDEwMjM5MDM5NjM0MQ%3D%3D&google_push=AXcoOmSXQbONTz9B26O28EwKRbQdcAfXS8UTnnkUHTLIpCFWEt4VYm5F...

170 B
188 B

18ms
18ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQyMzkxOTczMDEwMjM5MDM5NjM0MQ%3D%3D&google_push=AXcoOmSXQbONTz9B26O28EwKRbQdcAfXS8UTnnkUHTLIpCFWEt4VYm5Feh5DAS6ZPc_Fr-B_X7BR8E8ynCoFrYONXtiwUY1vGTe8ne8F3lEBG2mYcXReSfG4sWN6YuxFemeF4kaf7KNjIRXuI9Hi64NwJDbA

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQyMzkxOTczMDEwMjM5MDM5NjM0MQ%3D%3D&google_push=AXcoOmSXQbONTz9B26O28EwKRbQdcAfXS8UTnnkUHTLIpCFWEt4VYm5Feh5DAS6ZPc_Fr-B_X7BR8E8ynCoFrYONXtiwUY1vGTe8ne8F3lEBG2mYcXReSfG4sWN6YuxFemeF4kaf7KNjIRXuI9Hi64NwJDbA
date: Thu, 21 Dec 2023 06:46:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
onetag-sys.com/match/ Frame F06B
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAx4cUdl34UUlqIoWN6gecM&google_cver=1&google_push=AXcoOmSBK_rOpLLLmvXdTV5PpsDC8tJLWEuIfNF4g0W-KHue9Q7m8NZckUAoMC0YBH7lBvO0jCjhVqi4ZRz...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSBK_rOpLLLmvXdTV5PpsDC8tJLWEuIfNF4g0W-KHue9Q7m8NZckUAoMC0YBH7lBvO0jCjhVqi4ZRzr8XbUZBlOkJHFa8IWGgzjw9TIA4HVUN7OLSop...
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

7ms
7ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F06B
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEBQDa0MdVZl1tR7X4TxIOmc&google_cver=1&google_push=AXcoOmRgepORoO012...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEBQDa0MdVZl1tR7X4TxIOmc%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTExMDY4NDA1NzcxMDg0NTk0Mw%3D%3D&google_gid=CAESEBQDa0MdVZl1tR7X4TxIOmc&google_cver=1&google_push=AXcoOmRgepORoO012icsxxAyvcziJprghM...

170 B
188 B

20ms
17ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTExMDY4NDA1NzcxMDg0NTk0Mw%3D%3D&google_gid=CAESEBQDa0MdVZl1tR7X4TxIOmc&google_cver=1&google_push=AXcoOmRgepORoO012icsxxAyvcziJprghM5VVyaNxxkfp-RFPVn-bjT5NjSIug6jTvTvABeZ6a13zULKWmLbZ-GkXtuvgzQKeOjlfv8rlisqBs3lxsLphMes4GNTJZzbsMdcGcDJH4x7V1s6aXj7Z8mIAkE5

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
an-x-request-uuid: 89429405-984e-4e03-a15d-ddced31403a1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTExMDY4NDA1NzcxMDg0NTk0Mw%3D%3D&google_gid=CAESEBQDa0MdVZl1tR7X4TxIOmc&google_cver=1&google_push=AXcoOmRgepORoO012icsxxAyvcziJprghM5VVyaNxxkfp-RFPVn-bjT5NjSIug6jTvTvABeZ6a13zULKWmLbZ-GkXtuvgzQKeOjlfv8rlisqBs3lxsLphMes4GNTJZzbsMdcGcDJH4x7V1s6aXj7Z8mIAkE5
x-proxy-origin: 80.255.10.196; 80.255.10.196; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F06B 0
40 B 15ms
15ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JMvBzUQHCqkXOAMds8FFKHuZs1r2DsARAE8ojOQGJUXcScCZHnWJAmpcCXVy7Wx-DzbBkxflc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 3CF5 113 KB
38 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=AchYfa73sJ&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=AchYfa73sJ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Dec 2023 06:46:49 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 3CF5 118 KB
40 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=AchYfa73sJ&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=AchYfa73sJ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 04:12:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9256
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Dec 2023 04:12:33 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 41BA 115 KB
14 KB 20ms
20ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gkkknac84h3pnth786hnfzkn5dyszx60c5vr1vhr697tsn7zmzqp5vhewvds2f0njcwn36v72zks5616czkgt8gtq075sfwc39vzcaevycmpcv9n39888j4zrkxe2nv9yng4twvk1hsnmqa85gzdsr5yzex5p83wdfe15teykg5w85c78jdeh752wyhjfh4sm7bjk4sb95db41sajcf5g497x4vkqh4232p5e91vjwh4kmr0dbg067btkw3dnx18r1pfxjpteahk8cd110n7kc5fsazdgna8qzdbx21r51ejf8e8kejk3w8kb9j8kv7xqgyz4xkvk66bnabgnq4sjcsymzy7khch943yfk9dtv3p17heafndsccshgksnp7qwzmhacesgcdqt7kgs6619h6hbhsavm4as3mxvm2wn3haa6fzdyrz0y00z3tpvyzpqfptnyydc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvCJZWN-DZaPkK-Gs5LcPxoOpsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0wFP0M7S66V-_N6N0zMyrEjmglbCvPqbapoXveHHpRfaxtnevTcZsJknDfmUOYCE8ts2ZlDuNc1Cr0ArLNbcZXRMO3YOhgmFg7KAmdVnCEIwYufA8dBZlTIwQ3VnEfrQTgGCPaa9OOjIqBPP2AnzNy-8z9RzVx3n_N1hwS_r_QQUEdYRk4y-XzkUyBb35KvVcBFI4NOj-NQd_x5VY9matjO-zad3YeZTpDpGw0O43f4MdfDDyo2AXmizGK8W95eQ9izAZM99t4p5mpYq8a3R_YhH0Yy6gAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WK64-bX3n4MD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_38jD7TGM3zFR0IQ_LVfTQceZ5rCA%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gkkknac84h3pnth786hnfzkn5dyszx60c5vr1vhr697tsn7zmzqp5vhewvds2f0njcwn36v72zks5616czkgt8gtq075sfwc39vzcaevycmpcv9n39888j4zrkxe2nv9yng4twvk1hsnmqa85gzdsr5yzex5p83wdfe15teykg5w85c78jdeh752wyhjfh4sm7bjk4sb95db41sajcf5g497x4vkqh4232p5e91vjwh4kmr0dbg067btkw3dnx18r1pfxjpteahk8cd110n7kc5fsazdgna8qzdbx21r51ejf8e8kejk3w8kb9j8kv7xqgyz4xkvk66bnabgnq4sjcsymzy7khch943yfk9dtv3p17heafndsccshgksnp7qwzmhacesgcdqt7kgs6619h6hbhsavm4as3mxvm2wn3haa6fzdyrz0y00z3tpvyzpqfptnyydc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvCJZWN-DZaPkK-Gs5LcPxoOpsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0wFP0M7S66V-_N6N0zMyrEjmglbCvPqbapoXveHHpRfaxtnevTcZsJknDfmUOYCE8ts2ZlDuNc1Cr0ArLNbcZXRMO3YOhgmFg7KAmdVnCEIwYufA8dBZlTIwQ3VnEfrQTgGCPaa9OOjIqBPP2AnzNy-8z9RzVx3n_N1hwS_r_QQUEdYRk4y-XzkUyBb35KvVcBFI4NOj-NQd_x5VY9matjO-zad3YeZTpDpGw0O43f4MdfDDyo2AXmizGK8W95eQ9izAZM99t4p5mpYq8a3R_YhH0Yy6gAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WK64-bX3n4MD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_38jD7TGM3zFR0IQ_LVfTQceZ5rCA%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 946827
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FtDg%2B39NUF8aQPSJrN95CPugWZVb7jnB7iYXrymtExF9S8KuLMKwj%2FQh2AXxDMLrOooxGCV3OleVFgisiI7of9TW6Uoly7j7WC1%2BGbd7uABWZTulWGx%2BvqlFh5C4POoF56NI%2Fszoiss%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 838e2b8d0b3b18e4-FRA
expires: Fri, 22 Dec 2023 06:46:49 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 41BA 24 KB
10 KB 37ms
19ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gkkknac84h3pnth786hnfzkn5dyszx60c5vr1vhr697tsn7zmzqp5vhewvds2f0njcwn36v72zks5616czkgt8gtq075sfwc39vzcaevycmpcv9n39888j4zrkxe2nv9yng4twvk1hsnmqa85gzdsr5yzex5p83wdfe15teykg5w85c78jdeh752wyhjfh4sm7bjk4sb95db41sajcf5g497x4vkqh4232p5e91vjwh4kmr0dbg067btkw3dnx18r1pfxjpteahk8cd110n7kc5fsazdgna8qzdbx21r51ejf8e8kejk3w8kb9j8kv7xqgyz4xkvk66bnabgnq4sjcsymzy7khch943yfk9dtv3p17heafndsccshgksnp7qwzmhacesgcdqt7kgs6619h6hbhsavm4as3mxvm2wn3haa6fzdyrz0y00z3tpvyzpqfptnyydc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvCJZWN-DZaPkK-Gs5LcPxoOpsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0wFP0M7S66V-_N6N0zMyrEjmglbCvPqbapoXveHHpRfaxtnevTcZsJknDfmUOYCE8ts2ZlDuNc1Cr0ArLNbcZXRMO3YOhgmFg7KAmdVnCEIwYufA8dBZlTIwQ3VnEfrQTgGCPaa9OOjIqBPP2AnzNy-8z9RzVx3n_N1hwS_r_QQUEdYRk4y-XzkUyBb35KvVcBFI4NOj-NQd_x5VY9matjO-zad3YeZTpDpGw0O43f4MdfDDyo2AXmizGK8W95eQ9izAZM99t4p5mpYq8a3R_YhH0Yy6gAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WK64-bX3n4MD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_38jD7TGM3zFR0IQ_LVfTQceZ5rCA%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 18394
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZslPzhL9ibd4CyNU1MIl3e8qzDNm1h5f9gMywBz%2BzHkLNpITURasdwfX3s5RMjfamKmDu%2FgKTD3TrhNGajhiz%2BlRlRmtDiiSG5U4mYsiLArvgk28K8qlJmRlZIixsYmj1GHEzQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 838e2b8d2b5518e4-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 20 Dec 2023 09:17:07 GMT

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 6DE4 2 KB
3 KB 30ms
30ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1h2n06t6rzbmppjfarrgd9gkj80ncr21f48jb2t7echjvpfmreb04gmezx2ewz40kw4wrhwv6re3bbz3mm8y7yp7spsdrcp02hzsjagm3kjas80xtzj1q8b68n1crggtrqfv4t08n4yk3c53qf7j1fe1dsb99cxvt3ztpw4y15njn9sspd5e1fdgt7f6p3cc1rm68ewrd9381de8dmgzt91r57nszfd4h12573fx1ayq65ksjrs2jjpv9x55t4jxra0nrcf8fw7edffygt9dfbj7bgj9a081z5xe1t53kq5mvaym9v7cdrwx583dtc65mjz6a589pv0ta2kkezhw4g6avckrzd7hwka547zq42pyg1eah5jtkb5basqbg1t19xj5sbj32j7xa5xrg9ssdj6xrzyp95kqnc0hngrrmeabjgpm9knbagb2we447csf3x00nr2b7r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtP8qWN-DZZPEM8TG5LcP86WskA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0AFP0JFozDTjksQ3ZJm3np-0PJUdnmyx9JRZqtyRwpBR-S-tUCXJSPW0QPYgTC__i0PWy9X1PciXnxdkSxhjrz1F0yqX9kIuGIrrusKtmm8IPU63FAZmlhJjs_XW5U6chSRorQC9aM_sHWql61rgb53XWqaLh6qn6aLrKJDa22IDOSqDfGf_cz1oF4Ke5gIa06YXtLun3a-9_193ykMJwp6WVD9B8rtzztESzR-m7g3-sd4d_XKxpaJ_R9rIIzlUudtSRVzeD63OpgxyP_EiMXTjgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_aGBtvefgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0s8O3PXvgX7MqlmNqmQIQ4lE6aFg%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046730&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208191&bpp=298&bdt=172&idt=560&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3665888830&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31080103%2C95320868%2C95320885&oid=2&pvsid=2764356450645395&tmod=1193849312&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.31n52mj8brns&fsb=1&dtd=569

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3f01c5dc869fa2d50bcd89cd56d0a583ad9efe1ab3d4fd770b72e2f91a85be7

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 838e2b8d589b1ca1-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 06:46:49 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 0BE5 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 13:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61505
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 13:41:44 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CE75 1 KB
643 B 8ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77599
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 09:13:30 GMT
etag: 48472445140208031
expires: Thu, 21 Dec 2023 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 0BE5 20 KB
8 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17550
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 01:54:19 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0BE5 203 KB
64 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Dec 2023 06:46:49 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 708A 42 B
63 B 43ms
41ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CGxgICtTTWD3qZHNYGH9JTe_Qnl5YxHHJvLB6riEl6rsRgA4nSu0EUYlVSEENrcoayiAEREJHKYnGJkPv2Uea6dnQjAzbCA-sSrl2wF91j-gNMHo0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208194&bpp=283&bdt=174&idt=501&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=4077711389&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31080103%2C44807405%2C95320885&oid=2&pvsid=4409605273235972&tmod=496843437&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ide632qfehe&fsb=1&dtd=509

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 708A 3 KB
1 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208194&bpp=283&bdt=174&idt=501&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=4077711389&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31080103%2C44807405%2C95320885&oid=2&pvsid=4409605273235972&tmod=496843437&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ide632qfehe&fsb=1&dtd=509

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 13:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61505
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 13:41:44 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 708A 20 KB
8 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208194&bpp=283&bdt=174&idt=501&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=4077711389&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31080103%2C44807405%2C95320885&oid=2&pvsid=4409605273235972&tmod=496843437&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ide632qfehe&fsb=1&dtd=509

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17550
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 01:54:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 708A 0
0 17ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTgpgxhFW6azB7ENtTw7vXV2Hrk_MROMU9_fTdV2q50QRwn70uk923BU8uO5T-i_X4ty40KPDVb0AsA0xe3GysAYNvG-w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208194&bpp=283&bdt=174&idt=501&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=4077711389&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31080103%2C44807405%2C95320885&oid=2&pvsid=4409605273235972&tmod=496843437&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ide632qfehe&fsb=1&dtd=509
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 708A 203 KB
64 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208194&bpp=283&bdt=174&idt=501&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=4077711389&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31080103%2C44807405%2C95320885&oid=2&pvsid=4409605273235972&tmod=496843437&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ide632qfehe&fsb=1&dtd=509

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Dec 2023 06:46:49 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D378 640 B
262 B 48ms
47ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY_4To4gEwAQ&v=APEucNXkWoIydk2-9rL-WRkGTYyOF8QD_zPsX_vduR0TuNIIZdRa9foWUGw_BICLpxzdzLO5dWFjObcM7ZBUVxwyWyY6yI831ULoNenGoSDFviLiIFROgcHpmWaGE68n2tnvX8DSwAUSQti9UoJZnwzUCAVcbs5pvdTVy39WoXjOxiQEuNZLCqs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208194&bpp=283&bdt=174&idt=501&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=4077711389&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31080103%2C44807405%2C95320885&oid=2&pvsid=4409605273235972&tmod=496843437&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ide632qfehe&fsb=1&dtd=509

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208194&bpp=283&bdt=174&idt=501&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=4077711389&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31080103%2C44807405%2C95320885&oid=2&pvsid=4409605273235972&tmod=496843437&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ide632qfehe&fsb=1&dtd=509
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 06:46:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 708A 172 KB
60 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 23:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25065
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Dec 2023 23:49:04 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 708A 7 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208194&bpp=283&bdt=174&idt=501&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=4077711389&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31080103%2C44807405%2C95320885&oid=2&pvsid=4409605273235972&tmod=496843437&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ide632qfehe&fsb=1&dtd=509

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 02:43:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14603
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 02:43:26 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 708A 23 KB
9 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208194&bpp=283&bdt=174&idt=501&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=4077711389&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31080103%2C44807405%2C95320885&oid=2&pvsid=4409605273235972&tmod=496843437&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ide632qfehe&fsb=1&dtd=509

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 20:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 20:43:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 708A 41 KB
14 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 477701
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Dec 2024 18:05:08 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DBD3 1 KB
643 B 10ms
9ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208194&bpp=283&bdt=174&idt=501&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=4077711389&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31080103%2C44807405%2C95320885&oid=2&pvsid=4409605273235972&tmod=496843437&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ide632qfehe&fsb=1&dtd=509

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77599
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 09:13:30 GMT
etag: 48472445140208031
expires: Thu, 21 Dec 2023 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame F8DB 0
0 51ms
43ms Fetch
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvRmmFaWKKpuGIqhwrIWRIcop-Vibs4MufzYQYQdnMftA_1spIHbG56foiO84AFVgIwb9zFUQy3NHkrT_u0SS50hyQsZbuLLjP2H5mRcWyW_tn1aUT7hLWG8FGWVhWYfvLPMrAZto_RF04VziJ2GT-d6ej8pZo3EnbmOjbm4pZWN0LPsjOdCt79EfRgDaU4Re8FTg2xI_qOAyVekqAiaMNz62CRIDJnI_4hg-unnCQIPN8XliKh2M6sW78E8e7rBvlHOY3t0ytxnOC890vFfx-CUcJUCqfWV8nZ8rJN9qh1EG_NKb9mkANIbV122qrUlhJswrTGmTSBt5g7ynaDtcJ25GVAF25-GpsUxonvvrQlIYSg8ejmpOi9vVow_KLsVqcmAa2PZ5P1t0iB3qLVMADV_oeBQPE5EealYjSkGKvrtqbkT9rHUS6PBFWASfihNbGlJ5MmQyQ8BraLPOIdKD2FvHAzqNHQX_G7nmEg8bqOpsRHrB_aFuBwKCtE-UeTk0AoI_fZch1C6efuiQbPjhlTbptJn4dvxaMKJtu3xGjWGMcNRSYSNJcmRxRW_3xT1OOiK5IphCVrU4EQRqLZsS8DWjlDFEYb6DPcRMWm5aZxKzP5hLJVlLUjU8MBZasLWPg0vll7nXmTQRxJIxPoZdMpw4zRdKu-Swfbc9KGK_m1sK3pfNz0E_lZ9nzRIcfGUm21CVqsBl4mBIUAPfFkP6T3dkP3D51oxDJtsBkDc9sCVtvwYQ3_QKcIm_38-GbgGzMsbcHtwYDorjy-WDY1pkerKgKzlMCf_0H-Li9WLnyilAz8C9hlj4rV50fsc97zTzRq1IrCO47uDR5WWgqpbFlnuaCFCTKCuI1HL892xQlGnYSFATzJx8f__yPLjQFjWlcSz67uPTPeYIZIq1wrA2nNRhstluxUFptGchkZPL-EJ_4ppWTHZw9UoRTbzdmACWnVj9IVd2LXh5OFlFB50Mr5AExOe6yI8Noc3oH-AB8fNb8xW_ywZskP_AIgjGvS1u-VtK4riBX7DSXSBvZ6PpBIudYZo3PYiFUtF6S7Rxm_B4Bm5T6HjsgKzSZri0UBSubTGfRc13c09FHbCvcYnnNtU14nF2Igdq19433a08mBP_EFjrWP1o0KSfTYe3ZeSWSlMQlgxW3eSbOLbWAg0QMO3bW6Oyc5vnTWPXQyc6UBlYFjy_QfgsKXWSlVeM28bHFIVqc-_TVa1TxzeRqAl8aLgQ2T6jwAbfhGZ2Th2Gmi-txAQ3y-UZlpyG9IEiwCwDwe5d9NOfts3VSJQaO9yMJhbp60_xDtEVwPK3wplqTG5C0lw1W9UzyeuAwsEqn02XL6IVK7yuoGw2dCLSe0pJko5OTj2qZ9y1RMt4I_-kRmuyyww9_6rZ9NPwpVfr9kJEWrH9LLoBgEreNkWGtYgIfF66gaYfkwKhOkNUniVghG3w&sai=AMfl-YQsEB8IEjA3lgV7TbP5uSSsFNMjD2AFc0LSPi-Aj5kn5G4ZXmHqUmEMb-7iO8bdjUuIjpsgZdQCqaBe3g02K9e7f3gBtX02TWIRiIZe_IP6Ww3q6RMH5T_9C9M7A_h2vt1ZwoEZSqS29qxMMLPhuq_uaFfaNGGUZD_mMrhbjvulyOnJOUCSn-8kjp-eKwxmhD3E8OaLRYPdi9ugh25dmC-_Oiwx_46i5wlZiJvmIIgKqWHByTFat_Kik5f4cAgysCV198E8MHTCeqc0o4UwYcaP4Ja-UnV0ek-zKwFgZPfwz2NmqDNy9ZAAyqtcmbvG0nri1Zf0XhOCeQ&sig=Cg0ArKJSzHXOJ9-4bYXdEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sdWZ0aGFuc2EuY29tLGh0dHBzOi8vZXhhY3RhZy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=206&vt=11&dtpt=145&dett=3&cstd=56&cisv=r20231207.31976&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9BD9 0
0 60ms
45ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstCVqzKch5NULhUCK758h1ga2HzZCxXj9aXJ2t0XY9nyXFos2dcMVa91YGFKJrpYyJ6gqEpfbScNBGTKHqzJ4iOmH9c5HdjwdOD7xQwKz-D2j2My9Kx052YYmeyWiEbyaKBtQprLHXlW3lGe8mlqFpuS0IvcrlKU7D8OClAKswjJx9WRdVlV_wp3JbfaVc85jhm79TFyxW6N92mVw9Xl1Ff3TICatv0ZbmeT3KiryNxdq33TkGnMpF815bK1axT9BSsCMSa_fs1EUZ8416SkjpVXaWf0V15uMNg3Lbra7d9FZxXLp6StZch8a7WdG0-qM4CEXwhDGli1judXbIK4NE3qewp1bqa1EaSbevAFfQd7Anjj3mF1nBlhsWomj08xkmpdBprggID406UoF6hy2Tn&sai=AMfl-YTzEV5HCsDSZmkpMHq_YNn2nlCOZQs1wjEGBiS3e5h5QuCxAeLhPFwBZ0oL74YTxTTaq3xRRHobpcTOg7o&sig=Cg0ArKJSzAi0J5G5KC1hEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Dec 2023 06:46:49 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9BD9 16 KB
12 KB 72ms
57ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

504f5dc36de3bba75ea14969441333fd790f95ccbe20da3fb26c60bc52c75b3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12273
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1877 0
20 B 49ms
46ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B95eEWN-DZazPJu3b5LcP3J6fcAAAAAA4AeAEAg&bg=!HR6lHlHNAAY3kmNgF5I7ADQBe5WfOA2iC3ZZZRj6aZwMSn2QC7SR1GLaQ3l0UrqzhIYwz22Z-nKjjeU5kGo8CHMYWnaaAgAAAEJSAAAAAWgBB5kDdR5L0fQ-NBp12rf5AUCc7d8epEC9SSp-q-YlLb0jgA5GmyTaES3uZkQ23UQPVonmEOzndsk6dlVwmd6W4dcZc9nu_Kz0LGvY3RN8IfjAt65omK2bAk0_fvLwLPpyUdv10g2Fmu0BzE_UYOsWR1Cx2wSF-aQoG2ymx6zb9xK81vouSb28kVjcHOY1xiqodDQgp9157Cg_EgQNgJe5rmjfBcpF9OBXKCSCQrMpft9fasz1uPCutoBkKCKDP08rYYY8Nyv4Z8qAeLXktq4C9SDXTmOc7Ss4-4nsqbyog8FUKjuCqtVeDwOVfjutEL3q1rr3VUDOTFaGRtrxJPtMGwiWz-U0mY4muFbCasWSK2jgT74cBR9uDMaxh-pnGfGjgu8eRkLgft4LaVJt17h6mldVFvH0zY7hXj6RO4-B1MDzm-FZALMZETCTkugYTrlnHY9gAZxdsoVWGTUWHKocr8fWwieUID6WkYPeXvIXh4vQ78maoFmjaUsG-IUf88iBvn7qVo2XvENXMfJv6jZx46XjplfAVuXQOjtbzAVoFDyKEYN5e6ppG8YkUd3Wv80m-GtGz_MNzUX7y2vFVHIlbavrOIb_rUjSOxeV13A7uCBFDbRSFnCZndbGOzRClXgNdTNMyilG3jK6dAobaBtMPPkUDqtcQrCsYkTs-35g_HXZZI4GMPE4HP8IOLs_oMpV6EQuiCbXoMDEcaWiywk6cF8TLF-QRLDYJOndTpPclIN6bWg3I5U_QfrizLfa8t8W480o-srxp3bjRH_1_Y1y8FEtCeeTZbvODczkaxr3BzO-EKDi6afs4RhfgAhAiwBccL3hDxmvIgtBaWXEdc2WXVhMHp2P8FMruZprqxV_szNfR_jcRsFh9gWdw67xdghOX6HBxPx8lKOtvAJ80Fg-XwDHxp7_zJalrQ8HQb8sZV67IQKlCif1Y2B-n5uAhARbIhwtgOVHC7X9jF1HDJCAiWxEYCLNhgBcFX287rgKepdXgW9wpeNiXiMfVQGzBVWjJmkxKfij66jj5lNIDzKAObVHP5IX9nzxNuRsE-ktFInLw6YgzkFMKMnhb9bhGllRbmwltwRj4NcGzB0pIIc9cwJBEK8D_qRlO4gfpJK5a9WPm0q64vBJ8PJpEJWvZKdQpObrYO_oeP6CB9ci6ZmIBjwuTfz_6gTljQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 6DE4 115 KB
14 KB 21ms
21ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h2n06t6rzbmppjfarrgd9gkj80ncr21f48jb2t7echjvpfmreb04gmezx2ewz40kw4wrhwv6re3bbz3mm8y7yp7spsdrcp02hzsjagm3kjas80xtzj1q8b68n1crggtrqfv4t08n4yk3c53qf7j1fe1dsb99cxvt3ztpw4y15njn9sspd5e1fdgt7f6p3cc1rm68ewrd9381de8dmgzt91r57nszfd4h12573fx1ayq65ksjrs2jjpv9x55t4jxra0nrcf8fw7edffygt9dfbj7bgj9a081z5xe1t53kq5mvaym9v7cdrwx583dtc65mjz6a589pv0ta2kkezhw4g6avckrzd7hwka547zq42pyg1eah5jtkb5basqbg1t19xj5sbj32j7xa5xrg9ssdj6xrzyp95kqnc0hngrrmeabjgpm9knbagb2we447csf3x00nr2b7r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtP8qWN-DZZPEM8TG5LcP86WskA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0AFP0JFozDTjksQ3ZJm3np-0PJUdnmyx9JRZqtyRwpBR-S-tUCXJSPW0QPYgTC__i0PWy9X1PciXnxdkSxhjrz1F0yqX9kIuGIrrusKtmm8IPU63FAZmlhJjs_XW5U6chSRorQC9aM_sHWql61rgb53XWqaLh6qn6aLrKJDa22IDOSqDfGf_cz1oF4Ke5gIa06YXtLun3a-9_193ykMJwp6WVD9B8rtzztESzR-m7g3-sd4d_XKxpaJ_R9rIIzlUudtSRVzeD63OpgxyP_EiMXTjgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_aGBtvefgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0s8O3PXvgX7MqlmNqmQIQ4lE6aFg%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1h2n06t6rzbmppjfarrgd9gkj80ncr21f48jb2t7echjvpfmreb04gmezx2ewz40kw4wrhwv6re3bbz3mm8y7yp7spsdrcp02hzsjagm3kjas80xtzj1q8b68n1crggtrqfv4t08n4yk3c53qf7j1fe1dsb99cxvt3ztpw4y15njn9sspd5e1fdgt7f6p3cc1rm68ewrd9381de8dmgzt91r57nszfd4h12573fx1ayq65ksjrs2jjpv9x55t4jxra0nrcf8fw7edffygt9dfbj7bgj9a081z5xe1t53kq5mvaym9v7cdrwx583dtc65mjz6a589pv0ta2kkezhw4g6avckrzd7hwka547zq42pyg1eah5jtkb5basqbg1t19xj5sbj32j7xa5xrg9ssdj6xrzyp95kqnc0hngrrmeabjgpm9knbagb2we447csf3x00nr2b7r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtP8qWN-DZZPEM8TG5LcP86WskA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0AFP0JFozDTjksQ3ZJm3np-0PJUdnmyx9JRZqtyRwpBR-S-tUCXJSPW0QPYgTC__i0PWy9X1PciXnxdkSxhjrz1F0yqX9kIuGIrrusKtmm8IPU63FAZmlhJjs_XW5U6chSRorQC9aM_sHWql61rgb53XWqaLh6qn6aLrKJDa22IDOSqDfGf_cz1oF4Ke5gIa06YXtLun3a-9_193ykMJwp6WVD9B8rtzztESzR-m7g3-sd4d_XKxpaJ_R9rIIzlUudtSRVzeD63OpgxyP_EiMXTjgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_aGBtvefgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0s8O3PXvgX7MqlmNqmQIQ4lE6aFg%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 706934
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P60wDXoPX6A%2FFU0glBQHWlrXpU0GfTlusc3rNepeIM8KvEMRYibng6UCmBhl0OdTimSQoANzexpyNRhQThWT0sLnh5algJJl2SL7bOxgaSOo%2FriQgjZR5H6gqJenXeoZtX2hCNmvd0I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 838e2b8d98ce1ca1-FRA
expires: Fri, 22 Dec 2023 06:46:49 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 6DE4 24 KB
10 KB 20ms
19ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h2n06t6rzbmppjfarrgd9gkj80ncr21f48jb2t7echjvpfmreb04gmezx2ewz40kw4wrhwv6re3bbz3mm8y7yp7spsdrcp02hzsjagm3kjas80xtzj1q8b68n1crggtrqfv4t08n4yk3c53qf7j1fe1dsb99cxvt3ztpw4y15njn9sspd5e1fdgt7f6p3cc1rm68ewrd9381de8dmgzt91r57nszfd4h12573fx1ayq65ksjrs2jjpv9x55t4jxra0nrcf8fw7edffygt9dfbj7bgj9a081z5xe1t53kq5mvaym9v7cdrwx583dtc65mjz6a589pv0ta2kkezhw4g6avckrzd7hwka547zq42pyg1eah5jtkb5basqbg1t19xj5sbj32j7xa5xrg9ssdj6xrzyp95kqnc0hngrrmeabjgpm9knbagb2we447csf3x00nr2b7r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtP8qWN-DZZPEM8TG5LcP86WskA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0AFP0JFozDTjksQ3ZJm3np-0PJUdnmyx9JRZqtyRwpBR-S-tUCXJSPW0QPYgTC__i0PWy9X1PciXnxdkSxhjrz1F0yqX9kIuGIrrusKtmm8IPU63FAZmlhJjs_XW5U6chSRorQC9aM_sHWql61rgb53XWqaLh6qn6aLrKJDa22IDOSqDfGf_cz1oF4Ke5gIa06YXtLun3a-9_193ykMJwp6WVD9B8rtzztESzR-m7g3-sd4d_XKxpaJ_R9rIIzlUudtSRVzeD63OpgxyP_EiMXTjgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_aGBtvefgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0s8O3PXvgX7MqlmNqmQIQ4lE6aFg%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 77519
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RkMHbnueN3S2X7Kg8JtD6zhNx22S55w6xqzz74jHXq3Tw2Wq%2FHqCiPPB2ncNvW8akW2CxSy%2BuDK6ejql1%2BsLaBJzduO1Kn2xw9Lg3OU%2F%2FsB9vX0lfBcX2wLGdJdSfGP9mFG4WMI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 838e2b8d98d01ca1-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 09:16:49 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C7A7 0
19 B 57ms
56ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkTusWN-DZaPkK-Gs5LcPxoOpsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0AFP0M7S66V-_N6N0zMyrEjmglbCvPqbapoXveHHpRfaxtnevTcZsJknDfmUOYCE8ts2ZlDuNc1Cr0ArLNbcZXRMO3YOhgmFg7KAmdVnCEIwYufA8dBZlTIwQ3VnEfrQTgGCPaa9OOjIqBPP2AnzNy-8z9RzVx3n_N1hwS_r_QQUEdYRk4y-XzkUyBb35KvVcBFI4NOj-NQd_x5VY9matjO-zad3YeZTpDpGwwG6_GzbjHeDAgrIyLL6il0v4509_ALYuU-__hiBDogG6XgNYsiPgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WK64-bX3n4MDgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU4ODQyOTQ0NzkzOTE2MzgYmdIh&sigh=ZCZXg54C0EY&uach_m=%5BUACH%5D&cid=CAQSKQAvHhf_3noDassnS6VFWsGFskkmoMQWtJFhQGaGWf8YEwoVuMrQbDKiGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208196&bpp=268&bdt=177&idt=428&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3665888830&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44807406%2C95320868%2C95320884&oid=2&pvsid=3211755927192484&tmod=1766228811&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uotmlotl2te&fsb=1&dtd=436
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 21 Dec 2023 06:46:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame C7A7 0
103 B 57ms
17ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kmkdnb3evkjdwf44ac4dxhby8z6rsz6sqgn5z5fz2960a4xm6kh74hpvaemf990ep2q2qmkajmj608r535kfk0e4pswtcmhj563v96xb25jgrjt3nbvhekzg386xvmnt0vxy60k58fjbvserp3gh4mz8sefdb1887rs1w91kv3hh0sfcw2f6s88f7wmewcb93vzh9j5nhwdmksmyj8q54eyn0pvv49s2yf5e2t0w61s6fcbhc4k7ej1f5119njsyb2z5jtnq1yyh3k7z5tm0jdgx1wvpesny242nwxfg2sq9he1vsxekcss9apty7kwshwqd81mmee06hct2s35jbqrcxr0n5gdmx94y9pxjr1pgg9xvz4pktg6avjw0qwyvaa3nw6qwjkpfm0&b=ZYPfWAAK8iMA-RZhAApBxqoKSrbjB5InvgJ4rw&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208196&bpp=268&bdt=177&idt=428&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3665888830&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C44807406%2C95320868%2C95320884&oid=2&pvsid=3211755927192484&tmod=1766228811&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uotmlotl2te&fsb=1&dtd=436
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 21 Dec 2023 06:46:49 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame CE75
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGRqJ0T4Ew9ijlzcDY9tlic&google_cver=1&google_push=AXcoOmR3cUSZsW7G512YqoenxI4CWZOEBMSq3yuRcCSTuX93_RNE-jdug3kRM71pw2fonQGCZwbjA8AY9Uo0_mWqwQHFbwYtLrPI1...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjg4Mzg3NzYwOTYwMzk5ODU0Ng==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGRqJ0T4Ew9ijlzcDY9tlic&google_cver=1

43 B
398 B

51ms
14ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGRqJ0T4Ew9ijlzcDY9tlic&google_cver=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 21 Dec 2023 06:46:48 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGRqJ0T4Ew9ijlzcDY9tlic&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame CE75 35 B
464 B 28ms
9ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOICf8IuEAKHugW2MXTieiw&google_cver=1&google_push=AXcoOmSrssUOAcWwE7DIzIkzjwYV9bbNOFTpPstqSTQrMCk0MBysfp0OmCSWzkx3jJBqBXFypdtOGPfSr0pJVLup3ziXaPHNAdT6D8GTwrc9M0kp33ivI42yQNjHd0oziECKermcV_Zp-twXvWjl83EJJvvJ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame CE75 0
104 B 135ms
65ms Image
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHZVfPbLjo4c6znKV13p6R0&google_cver=1&google_push=AXcoOmSvnp5RBq2dqDeQ_U11QC7sEQGMBXdX2P2goela3DuPEXHkoDHopXwk0qTl0EblDw6Pf4Yj8J69W9CTmUFZhIjW8sh9vwOcam9ODRkLHiTkkhpOSJuZ2R8Ur-vTyjBXU4wMTbC7OrFsI8rdZI62FaUW
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046730&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208191&bpp=298&bdt=172&idt=560&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3665888830&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31080103%2C95320868%2C95320885&oid=2&pvsid=2764356450645395&tmod=1193849312&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.31n52mj8brns&fsb=1&dtd=569
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CE75
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEL-a6B2dOoVs27JoLfr_vdc&google_cver=1&google_push=AXcoOmRukIuVl9lsy_0r9ta1BS2-k79hVXyNw-xQ3LsdQIj261Jv3rq1hsCTfIV1fHy3c5x9ETqFPUGa...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEL-a6B2dOoVs27JoLfr_vdc&google_cver=1&google_push=AXcoOmRukIuVl9lsy_0r9ta1BS2-k79hVXyNw-xQ3LsdQIj261Jv3rq1hsCTfIV1fHy3c5x9ETq...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU3NDUzMDg1NjMzNjE1Nzc1MA&google_push=AXcoOmRukIuVl9lsy_0r9ta1BS2-k79hVXyNw-xQ3LsdQIj261Jv3rq1hsCTfIV1fHy3c5x9ETqFPU...

170 B
188 B

20ms
20ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU3NDUzMDg1NjMzNjE1Nzc1MA&google_push=AXcoOmRukIuVl9lsy_0r9ta1BS2-k79hVXyNw-xQ3LsdQIj261Jv3rq1hsCTfIV1fHy3c5x9ETqFPUGaQmskeLpTps0lQ9q-NW4WNSoqdSSdqUjmGKivDZLHeWDs48njUYQT-KSwb8xev28uIfsWu3i6BK1p

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU3NDUzMDg1NjMzNjE1Nzc1MA&google_push=AXcoOmRukIuVl9lsy_0r9ta1BS2-k79hVXyNw-xQ3LsdQIj261Jv3rq1hsCTfIV1fHy3c5x9ETqFPUGaQmskeLpTps0lQ9q-NW4WNSoqdSSdqUjmGKivDZLHeWDs48njUYQT-KSwb8xev28uIfsWu3i6BK1p
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CE75
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBe5Lpf_SdSmjwRYsfn54_c&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBe5Lpf_SdSmjwRYsfn54_c&google_hm=ZYPfWSHpnNLfpWuV-LZDnQAACJkAAAIB&google_nid=index&google_push=AXcoOmRAFuMxjbZpD6egSyszxVW3Kt0Yxouxp...

170 B
188 B

21ms
20ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBe5Lpf_SdSmjwRYsfn54_c&google_hm=ZYPfWSHpnNLfpWuV-LZDnQAACJkAAAIB&google_nid=index&google_push=AXcoOmRAFuMxjbZpD6egSyszxVW3Kt0YxouxpvALkUEzow5iJXOHTphsi3i8hsDnjblfAXn77CeyPGRYDnRZYACnt7fTxnHIU7P5K0fojmYr15aAEhq3qaDl7LxRsKDPugCUDDgtoaal6GwmeofeslVJzLWK

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BE9mENWAXQdSahsUUTgdOWbfPClQuq9NkgAvzYy%2BwkJ5HnHNKQzYiASOlT4q9WH2IIBttML52VHN2ZJjrcwbIcGAZ58lrNmAWz%2FrE7sOp%2FUkNb4E5WksTUu8epBYViSz8P9Y6Xoy9T2d7A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBe5Lpf_SdSmjwRYsfn54_c&google_hm=ZYPfWSHpnNLfpWuV-LZDnQAACJkAAAIB&google_nid=index&google_push=AXcoOmRAFuMxjbZpD6egSyszxVW3Kt0YxouxpvALkUEzow5iJXOHTphsi3i8hsDnjblfAXn77CeyPGRYDnRZYACnt7fTxnHIU7P5K0fojmYr15aAEhq3qaDl7LxRsKDPugCUDDgtoaal6GwmeofeslVJzLWK
cache-control: no-cache
cf-ray: 838e2b8dab0530e4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame CE75 0
45 B 61ms
17ms Image
text/plain 178.32.210.230
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEOPDFDyisuH5AUazNyvlvVU&google_cver=1&google_push=AXcoOmQrR_FKhEAOHhCbSXS9lc8TnzKTvo7vfXW_4fb7OekJ22K641lSU56Y7XakkAlQGik7vvrSzAUF1sgnKPgoV_DJJAjfVY0-WQMX1sNSIDzA5z2y5SNpq675CyoSG-8tHxWs09CnjTNjlRYQjehqQnNl
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046730&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208191&bpp=298&bdt=172&idt=560&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3665888830&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31080103%2C95320868%2C95320885&oid=2&pvsid=2764356450645395&tmod=1193849312&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.31n52mj8brns&fsb=1&dtd=569
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.230 Ivry-sur-Seine, France, ASN16276 (OVH, FR),
Reverse DNS: ip230.ip-178-32-210.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:48 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CE75
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEBQDa0MdVZl1tR7X4TxIOmc&google_cver=1&google_push=AXcoOmRy6K9iCr9q4...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTExMDY4NDA1NzcxMDg0NTk0Mw%3D%3D&google_gid=CAESEBQDa0MdVZl1tR7X4TxIOmc&google_cver=1&google_push=AXcoOmRy6K9iCr9q41ptIGljwgVDJZfKil...

170 B
188 B

17ms
17ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTExMDY4NDA1NzcxMDg0NTk0Mw%3D%3D&google_gid=CAESEBQDa0MdVZl1tR7X4TxIOmc&google_cver=1&google_push=AXcoOmRy6K9iCr9q41ptIGljwgVDJZfKilLu9qMXooLVmP5Ytp7fPzeQa5hmdN_hVLcOOrzLFsehmIoKnJQdmrYYWYPYrtGsjUJRz-zN74Avj_v_YlCcsm6ha2H0QDYYXJy06NVC1Rw9wxtfL0PCUQZENSpQeA

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
an-x-request-uuid: 8baa28a2-48ac-4c08-bff0-0a017035b2ca
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTExMDY4NDA1NzcxMDg0NTk0Mw%3D%3D&google_gid=CAESEBQDa0MdVZl1tR7X4TxIOmc&google_cver=1&google_push=AXcoOmRy6K9iCr9q41ptIGljwgVDJZfKilLu9qMXooLVmP5Ytp7fPzeQa5hmdN_hVLcOOrzLFsehmIoKnJQdmrYYWYPYrtGsjUJRz-zN74Avj_v_YlCcsm6ha2H0QDYYXJy06NVC1Rw9wxtfL0PCUQZENSpQeA
x-proxy-origin: 80.255.10.196; 80.255.10.196; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame CE75 0
12 B 16ms
16ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LJiCnlf-YPvC7Bf9klR2sOzB4YNafpPdC9eHr2YkWqJkWXHWEdmtVXhBD70PRcjfpzSkBNjw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 3950 2 KB
1 KB 17ms
17ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 270995
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 838e2b8dc8f41ca1-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Thu, 21 Dec 2023 06:46:49 GMT
expires: Wed, 29 Nov 2023 11:19:10 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ejVyoaf%2FZ%2Bdpaq1vZRsnDSkx9IjDIkxVlzJXKrlBO9gQnzTZcax6TbY1bFDSsXEYTKdTUf5lv0WPQhJtVhiIiNuXpRHpTAtF9iRNQQzAomNzeDp0GKbWo6Qp6wimVkZIIDu1EYY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame D378
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPywhh-aYjmeTCeqmwOfgJE&google_cver=1

43 B
264 B

16ms
16ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPywhh-aYjmeTCeqmwOfgJE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY_4To4gEwAQ&v=APEucNXkWoIydk2-9rL-WRkGTYyOF8QD_zPsX_vduR0TuNIIZdRa9foWUGw_BICLpxzdzLO5dWFjObcM7ZBUVxwyWyY6yI831ULoNenGoSDFviLiIFROgcHpmWaGE68n2tnvX8DSwAUSQti9UoJZnwzUCAVcbs5pvdTVy39WoXjOxiQEuNZLCqs
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPywhh-aYjmeTCeqmwOfgJE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame D378 43 B
136 B 45ms
19ms Image
image/gif 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY_4To4gEwAQ&v=APEucNXkWoIydk2-9rL-WRkGTYyOF8QD_zPsX_vduR0TuNIIZdRa9foWUGw_BICLpxzdzLO5dWFjObcM7ZBUVxwyWyY6yI831ULoNenGoSDFviLiIFROgcHpmWaGE68n2tnvX8DSwAUSQti9UoJZnwzUCAVcbs5pvdTVy39WoXjOxiQEuNZLCqs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame D378
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEOxFtatrLacey-8WDbunsd4&google_cver=1

23 B
163 B

60ms
38ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEOxFtatrLacey-8WDbunsd4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY_4To4gEwAQ&v=APEucNXkWoIydk2-9rL-WRkGTYyOF8QD_zPsX_vduR0TuNIIZdRa9foWUGw_BICLpxzdzLO5dWFjObcM7ZBUVxwyWyY6yI831ULoNenGoSDFviLiIFROgcHpmWaGE68n2tnvX8DSwAUSQti9UoJZnwzUCAVcbs5pvdTVy39WoXjOxiQEuNZLCqs
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 21 Dec 2023 06:46:49 GMT
pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEOxFtatrLacey-8WDbunsd4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame D378 23 B
163 B 76ms
34ms Image
image/gif 104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY_4To4gEwAQ&v=APEucNXkWoIydk2-9rL-WRkGTYyOF8QD_zPsX_vduR0TuNIIZdRa9foWUGw_BICLpxzdzLO5dWFjObcM7ZBUVxwyWyY6yI831ULoNenGoSDFviLiIFROgcHpmWaGE68n2tnvX8DSwAUSQti9UoJZnwzUCAVcbs5pvdTVy39WoXjOxiQEuNZLCqs
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 21 Dec 2023 06:46:49 GMT
pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H3 200 main.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame 3CF5 3 KB
1 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=AchYfa73sJ&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=AchYfa73sJ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:36:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 639
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1100
x-xss-protection: 0
last-modified: Fri, 05 May 2023 10:07:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Dec 2023 06:51:10 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3CF5 8 KB
6 KB 50ms
50ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4292a19f65f9b0b138441b47765ce31079492df29bff370a588027566628d8e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5985
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 708A 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 55d388aa85d66b258516ed0f6a496408da452ec3ad9af691b42707df480af8d9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DBD3
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEM_h5SOFG2WO6KZFqnKGVe8&google_cver=1&google_push=AXcoOmTkI1nnwDhIrmiCb5SfltkKDRgET18e8xQ0NHk3jJPARKJnZ4YPelvBucN7cbhVKUM-i6dXMrcqg8FA2HHG...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=A4DkflFISVw7f9fUTww-Xw&google_push=AXcoOmTkI1nnwDhIrmiCb5SfltkKDRgET18e8xQ0NHk3jJPARKJnZ4YPelvBucN7cbhVKUM-i6dXMrcqg8FA2HHGH-anECr4PBu-WRu...

170 B
188 B

16ms
16ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=A4DkflFISVw7f9fUTww-Xw&google_push=AXcoOmTkI1nnwDhIrmiCb5SfltkKDRgET18e8xQ0NHk3jJPARKJnZ4YPelvBucN7cbhVKUM-i6dXMrcqg8FA2HHGH-anECr4PBu-WRu5KE7cdDdd4FDaVcLkglSnZtkQj-sVdSe_RQDG_uPP0MPhKNl0sHeI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208194&bpp=283&bdt=174&idt=501&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=4077711389&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31080103%2C44807405%2C95320885&oid=2&pvsid=4409605273235972&tmod=496843437&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ide632qfehe&fsb=1&dtd=509

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 21 Dec 2023 06:46:49 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=A4DkflFISVw7f9fUTww-Xw&google_push=AXcoOmTkI1nnwDhIrmiCb5SfltkKDRgET18e8xQ0NHk3jJPARKJnZ4YPelvBucN7cbhVKUM-i6dXMrcqg8FA2HHGH-anECr4PBu-WRu5KE7cdDdd4FDaVcLkglSnZtkQj-sVdSe_RQDG_uPP0MPhKNl0sHeI
x-host: tde-deliveryengine-production-784bc7b8df-hwwq9
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame DBD3 43 B
145 B 9ms
7ms Image
image/gif 35.156.190.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJFBTlp8pQZrCRNJNhYyGQM&google_cver=1&google_push=AXcoOmSDwc_pnZCI2i8d9g1ALdWU9OA2a2aa8a_ZiKKTBXwCII1JRoQPk9_qzCxtD3hm3a6ruCTujq3RLXy5cuxtxVgwmwmVVaOoQHd5WfLbbfk_RzJdHIlnH0eXMFYz8IoXCjjcDKL45IHR3qQp7r6ztfCY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208194&bpp=283&bdt=174&idt=501&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=4077711389&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31080103%2C44807405%2C95320885&oid=2&pvsid=4409605273235972&tmod=496843437&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ide632qfehe&fsb=1&dtd=509
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.190.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-190-4.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame DBD3 0
166 B 56ms
18ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKK01TzmSw9c-T2Om-k4zY0&google_cver=1&google_push=AXcoOmRr45qRBqH8aDskCM3AvVVH7ZttTydgjWq9sI2p2EsCji95lsJMOveSAb2xquDoMHS0mlpDMdeK-IiDOmF7XusyNjX56IHnLPY0dU0pLX4Ekww-dolgkmNh4k1EMB8MaVW7qytDi_1YoZTrbRgH1xnW
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208194&bpp=283&bdt=174&idt=501&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=4077711389&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31080103%2C44807405%2C95320885&oid=2&pvsid=4409605273235972&tmod=496843437&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ide632qfehe&fsb=1&dtd=509
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 21 Dec 2023 06:46:49 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DBD3
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBe5Lpf_SdSmjwRYsfn54_c&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBe5Lpf_SdSmjwRYsfn54_c&google_hm=ZYPfWSHpnNLfpWuV-LZDnQAACJkAAAIB&google_nid=index&google_push=AXcoOmRSU3SgiolP651TD4Uqm8jc-3cXqqm_3...

170 B
188 B

16ms
16ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBe5Lpf_SdSmjwRYsfn54_c&google_hm=ZYPfWSHpnNLfpWuV-LZDnQAACJkAAAIB&google_nid=index&google_push=AXcoOmRSU3SgiolP651TD4Uqm8jc-3cXqqm_3lGGDQTq1RYGn2nkRtcVS5qA8jsw7dC2ihwTQ9rV4Ih4wTqEykVRQSJo760oMdD2f9p_I7EA8NJ2tzNos8yfoZOlsiBDTAxk-vahYIdrhmEQG3QAOX7pDq0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208194&bpp=283&bdt=174&idt=501&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=4077711389&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31080103%2C44807405%2C95320885&oid=2&pvsid=4409605273235972&tmod=496843437&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ide632qfehe&fsb=1&dtd=509

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tK09KUR3U7MiqQk7KBKn3%2FG8WFSY%2BG%2FI34DR989XIImdHfufN2mFVIks2EbcWRjVSQO04VnejMh0fDkYQzFg2XHJZ%2B27AHSbnUozjHJIkHqzpi5UoAN18i%2BMawW%2BoJpB5WrLcUS6GA3wFg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBe5Lpf_SdSmjwRYsfn54_c&google_hm=ZYPfWSHpnNLfpWuV-LZDnQAACJkAAAIB&google_nid=index&google_push=AXcoOmRSU3SgiolP651TD4Uqm8jc-3cXqqm_3lGGDQTq1RYGn2nkRtcVS5qA8jsw7dC2ihwTQ9rV4Ih4wTqEykVRQSJo760oMdD2f9p_I7EA8NJ2tzNos8yfoZOlsiBDTAxk-vahYIdrhmEQG3QAOX7pDq0
cache-control: no-cache
cf-ray: 838e2b8e1b6430e4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DBD3
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPo2eh7qZWvBvLsaz2R6HC4&google_cver=1&google_push=AXcoOmQ4ZsAhoRuvburENV_np1COcwLE0lAm7S88XTtO3mcrjeUYrmKujIueVMsit7CYWo51c6tyjuEX1x9lLMkgt...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPo2eh7qZWvBvLsaz2R6HC4&google_cver=1&google_push=AXcoOmQ4ZsAhoRuvburENV_np1COcwLE0lAm7S88XTtO3mcrjeUYrmKujIueVMsit7CYWo51c6tyjuEX1x9lLMkgt...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQ4ZsAhoRuvburENV_np1COcwLE0lAm7S88XTtO3mcrjeUYrmKujIueVMsit7CYWo51c6tyjuEX1x9lLMkgtGgggiFUHmIhSpHKC0M1-JcfjthkeNXw5_Ua4bWqUj5ST...

170 B
188 B

18ms
17ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQ4ZsAhoRuvburENV_np1COcwLE0lAm7S88XTtO3mcrjeUYrmKujIueVMsit7CYWo51c6tyjuEX1x9lLMkgtGgggiFUHmIhSpHKC0M1-JcfjthkeNXw5_Ua4bWqUj5STZTsS10c0au7hk8MX6jsACIW&google_hm=H21WpGZHRJwVYKItSQOQ-hZK

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208194&bpp=283&bdt=174&idt=501&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=4077711389&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31080103%2C44807405%2C95320885&oid=2&pvsid=4409605273235972&tmod=496843437&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ide632qfehe&fsb=1&dtd=509

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 21 Dec 2023 06:46:49 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQ4ZsAhoRuvburENV_np1COcwLE0lAm7S88XTtO3mcrjeUYrmKujIueVMsit7CYWo51c6tyjuEX1x9lLMkgtGgggiFUHmIhSpHKC0M1-JcfjthkeNXw5_Ua4bWqUj5STZTsS10c0au7hk8MX6jsACIW&google_hm=H21WpGZHRJwVYKItSQOQ-hZK
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame DBD3 0
233 B 25ms
24ms Image
text/plain 2600:9000:2453:ae00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELIIXVp99qI8FQFMNy-w9wg&google_cver=1&google_push=AXcoOmT74sgWYKSXJumf3lchD2gQzB_R72LkV3NpkmOMSmxCsL3QZqp4WNCsQAtv7zUWwZsXu8dnlPVLFkn7C4nRl92jKJdipA_UDmZm1WtgwqXbuZRRmTuAwsrXPXZ9LyA4h4D-BKltuYoDyque9B9YJg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208194&bpp=283&bdt=174&idt=501&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=4077711389&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31080103%2C44807405%2C95320885&oid=2&pvsid=4409605273235972&tmod=496843437&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ide632qfehe&fsb=1&dtd=509
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2453:ae00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
cache-control: no-cache, must-revalidate
via: 1.1 71b26382155ee54bc1b92cacc095ce82.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: HAM50-P1
x-amz-cf-id: vFK0lC8sWwZ-dRPE9-OViS9L4iQ4CRuMB21AoxPP2_g48L07e2Jn9w==
x-cache: Hit from cloudfront

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame DBD3 43 B
145 B 9ms
8ms Image
image/gif 35.156.190.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEHwiWbGF-iQ2JbNm1E9KdGE&google_cver=1&google_push=AXcoOmT9IkwPZJBQbianuWHM5H_ILPBaSkV-9wqFjp7g6CfwikO6qalKzcVlPvIgISgYKDWQ75wuiHdfxCYy2f4rjAQHBx4lC-AkbPjggQQwrlYRWYUj0MtfWr7S4lJuRi-h9NxbJBFb3iNVwAK4fkIjTLYvOg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208194&bpp=283&bdt=174&idt=501&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=4077711389&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31080103%2C44807405%2C95320885&oid=2&pvsid=4409605273235972&tmod=496843437&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ide632qfehe&fsb=1&dtd=509
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.190.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-190-4.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame DBD3 0
12 B 15ms
14ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IUzZKahWyzgQ_6XjRcWpTrzUiFe-ZsecnR_78yoJgBW7CcCPX9rX-ujTqqNwsn7f89foPW3w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208194&bpp=283&bdt=174&idt=501&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=4077711389&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31080103%2C44807405%2C95320885&oid=2&pvsid=4409605273235972&tmod=496843437&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ide632qfehe&fsb=1&dtd=509

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 2FEA 38 KB
13 KB 10ms
10ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 164002
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 09:13:27 GMT
expires: Wed, 18 Dec 2024 09:13:27 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15415463092317913147/ Frame 92B8 1 KB
768 B 16ms
16ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=ixfvXlJh7S&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51c012cf2461bf8b29f345373366183c7fd121579b6178e942be0b61d8c7da14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 739
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 06:46:49 GMT
expires: Fri, 20 Dec 2024 06:46:49 GMT
last-modified: Thu, 27 Apr 2023 13:50:29 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 708A 0
0 53ms
52ms Fetch
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvwMWA6dOveLYgvcdYIdda2uote0O5g8y5d-0n3wAl0JTvQMHFQGqGGJ_EWibLaXA8nenZQNzCOIpGKHK5fjHgz4GdTM7oAIZSaTCYOQ2nkHNDyzCNE4vtT0RzWVyY88cByt-7FGkwR2T1yhPmoWrFTnH9YM7uUGVwWMvLsYD0jZ3pxNMetcWrO7ZoDpzaqvIKxy4PEHvoWVEE5LZ5tBD5Wk1v4o9raOruKer-oeDwLXOdO0KUEkM16CZnwzWV2PLSj-gP5lt8Gs9S4h6ZThl8YFNPNe5Dfk7yeABmiY8FHP3mH8t6pYnJJi5XkGsQ-vRlgROEYkRcvcEXFHxZTuqw8zGXI8sVleYehiogt8kJVlqq4hHCWmKVDmlPp9uAfIyjeMFmwbVwQYRaxYM3TxwWVWLfxWm3s_hGGEYayGgQrL4VwYrDkYfyuf_fD8JH0EOg88dxLHPgQ8u_C2erQlX34elq9ezpOhFHdKAy7c-FNqo5rmzOCwa3P81RygnkPERj241UOl6hErAdOjzOnAt4RjBJFmW-4U_G_zY5eRCF88ZBKSBYEW_0-VyAPRQJHFktDGjtGJfTBUMsMjrtJROVn5Bfdig9jehNC2yh-WVLYE54OYOtddr8gVIzuKko3Y8Gws2HWz7FkTe13_rLbHX4EAPDchkKM58qYhMiynuPS3ylU4uxvChRmZNmOdNIlTrorRe_4vhVBnin2Zo0FADEuqnzY9U7tVzK33fStvlc9eyb4CSqU_UCoK_5t4qK2FVKCaUpatvA34iE-wpXxj9s63Av57n7LAPCsnDZT-3Xt_3uxnF7H3k6oD0yv-eued0YODgTSDPHYfNTsca4j9_yO3f_IIuu4SizNwhACFGJTEQQWRXqIqiDNSDznGGgGTHvCvES8a9JBj7lPIaIfC3QHh3b5UV-BboC-LnFpnwlg2i5fxOLKgZyP2aDarCt1kAKw8-vKmzAQ1Et9-bvMQXedN9cwNRzH0jNL20LtvDvxFaJop6lLMFdLG6DBHEwEANp61EY8uQ59veDG-xFw3eRSLrhEpcgUBydSrID-tkHPDR5o0NxLNt9xVnqjWIN23Io-WfJDIukhJZ78vFcbg_VkRw_j92_vuy1sQA5BPuzjEPfHU1y5Fpyy6Ez0We2mRqJqBWhLR4cvcclVkA2Qdg-k6h3cg7eGecjVCUq3yyh93hDKIMeOgOrKGWm-Q9FbGH7G1WhbKB7pYpySPfgeiiJ85mPEd4kZj8HEDMTSsD4pxZ1MJ7T5-8W0LR8xrym4oUZJwEmSDnPoVJTK4WkQMzvNFggWOiy5vmweT0iaEsO1pIlrYEdoLeDfJV5usNG7L2Q7g8OLZqXPEFa0UlvFi_eIt2If7x3YKi8beIG4A_LAnYUKkkZKIxaRLlsqaFFJdnyGBG9MWEPCofTE8SNOluvSeziP85zeBg&sai=AMfl-YTgakZW67SOZBiNYCoBkwfs1qHfSmTWGyDPFzhR87OZ4-nZt3Stkasu1NtBFrFu_iXAJ3hk8PrNMFFqQGhtSfOOeEnhwHoePswKGlE82PweTgB6yRJ0SOgSA9oom1IVdb1TpwcJwCCXWjYLoVhVrbeyUBPkLnZlEuN7-EoRAnAIK6sAxPauYFKFVuykgIX5xx4oEihEWNRvk-XVNBeviz-lXff67unZFUBEathub5k1HKGnGXBnvPvPF4chCtdLI-5Le_40xkvsSd8j-u1rs-2ijVwW6APvtee7JLGztT_PB_NdENAkqvX0xBDRgBwnUPkes52DrUnH6w&sig=Cg0ArKJSzIY4sTaME-Y3EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sdWZ0aGFuc2EuY29tLGh0dHBzOi8vZXhhY3RhZy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=100&cbvp=1&cstd=96&cisv=r20231207.90184&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 21 Dec 2023 06:46:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 708A 43 B
1 KB 53ms
17ms Image
image/gif 213.202.235.8
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26915561&extCr=180481255&extPm=361577814&gdpr_consent=&gdpr=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.8 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Thu, 21 Dec 2023 06:46:48 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Do, 21 Dez 2023 06:46:49 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1119
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9BD9 17 KB
6 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 06:46:49 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3CF5 17 KB
6 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 06:46:49 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0BE5 0
19 B 50ms
50ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ChVXXWN-DZZPEM8TG5LcP86WskA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoEzQFP0JFozDTjksQ3ZJm3np-0PJUdnmyx9JRZqtyRwpBR-S-tUCXJSPW0QPYgTC__i0PWy9X1PciXnxdkSxhjrz1F0yqX9kIuGIrrusKtmm8IPU63FAZmlhJjs_XW5U6chSRorQC9aM_sHWql61rgb53XWqaLh6qn6aLrKJDa22IDOSqDfGf_cz1oF4Ke5gIa06YXtLun3a-9_193ykMJwp6WVD9B8rtzzpMQ7I1xF4q-eVlVa6j4N1BGU9BlKRdMZFuQDM4mm7PivtmuoLHqgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_aGBtvefgwOACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTg4NDI5NDQ3OTM5MTYzOBiZ0iE&sigh=PeSRmYXy0_E&uach_m=%5BUACH%5D&cid=CAQSKQAvHhf_bX_xLYDFSZaQppUPUODfbL-IOUObdwc7At--qoEOHF-2y4iPGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046730&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208191&bpp=298&bdt=172&idt=560&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3665888830&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31080103%2C95320868%2C95320885&oid=2&pvsid=2764356450645395&tmod=1193849312&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.31n52mj8brns&fsb=1&dtd=569
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 21 Dec 2023 06:46:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 0BE5 0
39 B 18ms
17ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1k0savzdjevfmy2r2wcsf7ezakaas4sa3b5famj25pkn3pgry83vh7t4bvvg5wg19d2jm9c6tm8tksqe1h0m2hkxmbq1d37n5tex79bbxw586f9nr5yb17ttx2nv8zya198hwwxfhymf8k0ay0v6wdptk9fancv1kb4jegcwbwechd9t2t3kn5aa34pnc8q8ztx205kf9t6cbm1s1b17pysd4hjwe8gvhzqsdbzyc8he0at5er9533xr0j3dvjmhxr36tdt0df1mmdtjmpww46zmbs2j8h74qjsww1gv5d5d81tp8sy26rervfg3fmkx9fbpwd2hyx6429m8qhnf14fmdm8k14mv7d70j3bp7p1js0drgjk957vpd6jg0w5ez5adsq6k8g7q6a8&b=ZYPfWAAM4hMA-SNEAAsS8xhm-5nIo5qEEBjTVA&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=3173046730&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208191&bpp=298&bdt=172&idt=560&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3665888830&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31080103%2C95320868%2C95320885&oid=2&pvsid=2764356450645395&tmod=1193849312&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.31n52mj8brns&fsb=1&dtd=569
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 21 Dec 2023 06:46:49 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 92B8 113 KB
38 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=ixfvXlJh7S&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=ixfvXlJh7S&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Dec 2023 06:46:49 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 92B8 118 KB
40 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=ixfvXlJh7S&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=ixfvXlJh7S&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 04:12:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9256
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Dec 2023 04:12:33 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame ADBA 0
0 51ms
50ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssAml7iuUFelu15qnfAjzo_bRdRcZLwNIqzV5RJl0UV3CWiIH5Riidr9WxKMOWO52GF8eE_Z9XzYiVmQJE1y72IrYSPWRGAYU5hh6Vkfsa4ihyGArwwhbvySgo-99ivlziBUDMf9o1rIC90KWNvZXxF97TW01JrcjzCX0rpd-r5N5zUW1Ctyq0iWoh0_gz-_frtW35yodykNAxGgcpX_0rModBPIL4j-y27V1XpiYUu6lSKQ-cal1AnO5_msG4dgULwlvBY-9ltWManoCRaeO7VXHKW96Xig68lrbhaEGmPvaAuB9V5_nPF2sJv8oQQeEBTqT7f-XYCllGPUbH45tvl2TF5UOEpkSuLszhdT-c2KBOxnXDVNPDpJ7L3c1nrBT4XpotrJsmP0LfqPlerYSM&sai=AMfl-YR2DOmgX0GdJ4qsjnWTh8WCwq8BJJyHmF3EFlqJxDlHpQkVPRu7_ZyrQwEGV2SLWdQ5nG9a-L-gwC0LZto&sig=Cg0ArKJSzLlQFrlYTjTmEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Dec 2023 06:46:49 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame ADBA 16 KB
12 KB 54ms
54ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

713e8d4375e4b41575b7e5f3b5ac9efab58258b34e77091247fee7da189c1ef1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12194
x-xss-protection: 0

GET
H3 200 728x90_de-de_performance.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame 3CF5 80 KB
19 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e44e8a9cf91c3d915be31bc1d006e1df1cd438c981b592f966c059739694ad2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=AchYfa73sJ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19263
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 14:40:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Dec 2023 07:01:43 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 78B8 2 KB
1 KB 21ms
20ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 270995
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 838e2b8e594d1ca1-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Thu, 21 Dec 2023 06:46:49 GMT
expires: Wed, 29 Nov 2023 11:19:10 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2FTdGi44orMFniYxeJXOja4pD4bWed0awtyzTqdXbmgo8BrvMIuhOPcI%2FwdkwBechqyjZkH5n%2BRUKNu1boVaWC4aM7Cw9aqTX9dddjJTz0UU3rawUERp%2BfNW6EYqrTa9ZFx8gCo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 2FEA 39 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 13:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Dec 2024 13:11:09 GMT

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 44ms
33ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 838e2b8e7c234d7a-FRA
content-length: 24
content-type: text/plain
date: Thu, 21 Dec 2023 06:46:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lIbdQOA%2Br5R44s1DvpRDaMdG1IXIvluNz8cXtqaKFSRYnY%2FAAlJIq8SKTUevVWJF6ueDuEGWlMgFMVysStJRP2zKy9Xfr1cfq3NFoJyGa346q9jVr0uiD08pvvizf5Ps6uqCz6s%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-zz7l

POST
H3 200 rs Show response
ad4m.at/ Frame 41BA 2 KB
2 KB 31ms
31ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83d520f8993b0bad11f50123f21084783cfb2da00ee872b42bd475f91291087c

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKYBgxbyR8digTXjqOJ9fnvyabp%2FVQ1QMG2O3LD5tkaZ2mMXa%2BdemlDh4LdepXzIMmkaCSbbG19wgYogJWp0kokrZOBXVkLGaYHec7pVaGjj%2FzsJyr1w0GeexeEwRl%2BS%2Bm2%2FQQM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 838e2b8eac5a4d7a-FRA
x-backend-server: aa-reachservice-group-europe-west1-zz7l
alt-svc: h3=":443"; ma=86400

GET
H3 200 star_alliance.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame 3CF5 6 KB
2 KB 8ms
8ms Fetch
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=AchYfa73sJ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:36:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 640
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2334
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 11:06:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Dec 2023 06:51:09 GMT

GET
H3 200 lh_logotype_single.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame 3CF5 5 KB
2 KB 13ms
13ms Fetch
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=AchYfa73sJ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:42:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2151
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Dec 2023 06:57:04 GMT

GET
H3 200 lh_crane.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame 3CF5 2 KB
1 KB 10ms
10ms Fetch
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=AchYfa73sJ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Dec 2023 06:58:13 GMT

GET
H3 200 NH_D_NA_New-York-Best-Age_728x90.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame 3CF5 53 KB
53 KB 14ms
13ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4703548/NH_D_NA_New-York-Best-Age_728x90.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5de7bf572ade3048f8668bd24935731e84aae70020bef8a6e223e95ae3e3ec96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=AchYfa73sJ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:45:11 GMT
x-content-type-options: nosniff
age: 98
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54542
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 09:16:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Dec 2023 07:00:11 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E223 13 KB
5 KB 11ms
7ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 41316
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 19:18:13 GMT
expires: Thu, 19 Dec 2024 19:18:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9077 829 B
561 B 20ms
17ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d8be15ab8b5dc320b0b20139ff9c8c7bc03c81c4932162add14acaccc9409e3e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4QYcPNoWHhLHZE6uP1VkQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-4QYcPNoWHhLHZE6uP1VkQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 06:46:49 GMT
expires: Thu, 21 Dec 2023 06:46:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame 3CF5 50 KB
50 KB 11ms
8ms Font
font/woff2 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=AchYfa73sJ&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:32:08 GMT
x-content-type-options: nosniff
age: 881
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51548
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 11:46:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Dec 2023 06:47:08 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B876 0
0 44ms
43ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQADhVQFZRMDN3wqz4iQ8N0sjM3WbKNv6ZCcOkaNRGxMXg5TY_urSDTnXxBHsItHx-ZaO0U-lOdfcdTN_lyuJrdHBNDmu8opl-hTlYaDCVFmlXPaDcxSOpHIfnwJzlWpYoXtTPZNNNYV1VAN_LG3c3NrcIbivcuNnNU0xErufmwnGrJCgtxiMGW9DBNEC3KtrNr-0Q85nrFazcpnSIC7sAM6Q1V94qWepPqUiUtZmTi9eTeSX2oaq2B_arIqxQ6lcdJ0Yzvc5NCe5bpJzWEmJ4odbVPbf4gdXXUEUzIEcq0eADBKxjim0NrbAvWWScxUauiM7wu-2kxejq-rq6FIXuhgtQgTV9iPqA98uGxuCstsPyKmyKahtR9s7ADN7RHfkJC9L0A70RAVWvT8AZzPA&sai=AMfl-YTuTiPu_9LxeeRY9ke5nnR3-Ni9UY7b1OnipP7tqoEcAPPqZYnDQoZC-1LtMZpzewWliVcfxj8FVG9K1Wc&sig=Cg0ArKJSzIzQCYdbA4soEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Dec 2023 06:46:49 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B876 16 KB
12 KB 55ms
55ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f2fc38627219c74a3bc13ec4a9cfd6b07517ce347434cda64d7ae142aa85768

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12102
x-xss-protection: 0

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 5023 2 KB
3 KB 30ms
30ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hmdhs9f53dpzrd6yd31nkbagxg8tx6q5adyn6z488vwyxsmn3bs35d31aret2mfxghkn40714tc0dqcqwyse0x3rrdvrwc4dy4raww32skgze6pcbzp6hmy9axq4dprzft2ns4wa0dhkwwvne25p5bg2b0qxqqryk2r14xm68amvs1cs1152pz5pdy583xgc402x2fhp23y2awpmm602q14zx1b48yddpf677xzdw3rghf66j6m01f4wxpd9jf0m439qyx4wn19v21737zajyr8tmph44ekrnrhhn1vhk917cpee2br338rg6h89aq87rcse41mezsmzjj4d1n4enp69ejhkmdryhtvyb4netzxprxdjj7p8nt2fxbg3z1qnmkdg31g16f44ydcyxyecyrr7crx5sn6sqjce6kft7mn6tbnc754pzfwnqjb8r5cek7xcvkcxc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO7sSWN-DZYKnOZbvsgf3varACpDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAujw45njXLI-qAMByAMCqgTQAU_QL5zorZeNcsPxh9fJTlYRHEozvvaTPXCZ5cgPYd-70MnYumWc21rIVOqwrBMIEbl30NvMFvje0E3jCvRLQdT9g2FCVT6iuth5tYn8-MEWiB0MUn0IMf8MYPEaw5UMmgCOmyhM3umN1WycDwMUo9i9blxuVA6lqP7cfdY5HrXe9aP4bNejXrtnmMJcKxtF58FWqSR4ED6UWCffsvwVZ2i8ELBS5SzP3M-bHLxtIQRq4E73kJ9feztn1MbL8tbi7GLPonbZZnycGK5GKlxpX9-ABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli4gIe295-DA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_JXcTwlnbwpUX7EJ9yAcBvwHEeQ%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208189&bpp=313&bdt=171&idt=660&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=0&ifk=4082199518&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079758%2C44798934%2C95320885&oid=2&pvsid=3853718522373933&tmod=1669376511&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.hbg5n0rfinfl&fsb=1&dtd=663

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5eeecac9281d5b283f2f7a89636fa7caf5b78a0ca5fe7c3e00df80e7f867340

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 838e2b8ec9971ca1-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 06:46:49 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 06E3 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208189&bpp=313&bdt=171&idt=660&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=0&ifk=4082199518&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079758%2C44798934%2C95320885&oid=2&pvsid=3853718522373933&tmod=1669376511&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.hbg5n0rfinfl&fsb=1&dtd=663

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 13:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61505
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 13:41:44 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F364 1 KB
643 B 9ms
8ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208189&bpp=313&bdt=171&idt=660&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=0&ifk=4082199518&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079758%2C44798934%2C95320885&oid=2&pvsid=3853718522373933&tmod=1669376511&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.hbg5n0rfinfl&fsb=1&dtd=663

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77599
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 09:13:30 GMT
etag: 48472445140208031
expires: Thu, 21 Dec 2023 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 06E3 20 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208189&bpp=313&bdt=171&idt=660&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=0&ifk=4082199518&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079758%2C44798934%2C95320885&oid=2&pvsid=3853718522373933&tmod=1669376511&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.hbg5n0rfinfl&fsb=1&dtd=663

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17550
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 01:54:19 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 06E3 203 KB
64 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208189&bpp=313&bdt=171&idt=660&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=0&ifk=4082199518&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079758%2C44798934%2C95320885&oid=2&pvsid=3853718522373933&tmod=1669376511&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.hbg5n0rfinfl&fsb=1&dtd=663

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Dec 2023 06:46:49 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame ADBA 17 KB
6 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 06:46:49 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 708A 0
0 46ms
45ms Fetch
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvwMWA6dOveLYgvcdYIdda2uote0O5g8y5d-0n3wAl0JTvQMHFQGqGGJ_EWibLaXA8nenZQNzCOIpGKHK5fjHgz4GdTM7oAIZSaTCYOQ2nkHNDyzCNE4vtT0RzWVyY88cByt-7FGkwR2T1yhPmoWrFTnH9YM7uUGVwWMvLsYD0jZ3pxNMetcWrO7ZoDpzaqvIKxy4PEHvoWVEE5LZ5tBD5Wk1v4o9raOruKer-oeDwLXOdO0KUEkM16CZnwzWV2PLSj-gP5lt8Gs9S4h6ZThl8YFNPNe5Dfk7yeABmiY8FHP3mH8t6pYnJJi5XkGsQ-vRlgROEYkRcvcEXFHxZTuqw8zGXI8sVleYehiogt8kJVlqq4hHCWmKVDmlPp9uAfIyjeMFmwbVwQYRaxYM3TxwWVWLfxWm3s_hGGEYayGgQrL4VwYrDkYfyuf_fD8JH0EOg88dxLHPgQ8u_C2erQlX34elq9ezpOhFHdKAy7c-FNqo5rmzOCwa3P81RygnkPERj241UOl6hErAdOjzOnAt4RjBJFmW-4U_G_zY5eRCF88ZBKSBYEW_0-VyAPRQJHFktDGjtGJfTBUMsMjrtJROVn5Bfdig9jehNC2yh-WVLYE54OYOtddr8gVIzuKko3Y8Gws2HWz7FkTe13_rLbHX4EAPDchkKM58qYhMiynuPS3ylU4uxvChRmZNmOdNIlTrorRe_4vhVBnin2Zo0FADEuqnzY9U7tVzK33fStvlc9eyb4CSqU_UCoK_5t4qK2FVKCaUpatvA34iE-wpXxj9s63Av57n7LAPCsnDZT-3Xt_3uxnF7H3k6oD0yv-eued0YODgTSDPHYfNTsca4j9_yO3f_IIuu4SizNwhACFGJTEQQWRXqIqiDNSDznGGgGTHvCvES8a9JBj7lPIaIfC3QHh3b5UV-BboC-LnFpnwlg2i5fxOLKgZyP2aDarCt1kAKw8-vKmzAQ1Et9-bvMQXedN9cwNRzH0jNL20LtvDvxFaJop6lLMFdLG6DBHEwEANp61EY8uQ59veDG-xFw3eRSLrhEpcgUBydSrID-tkHPDR5o0NxLNt9xVnqjWIN23Io-WfJDIukhJZ78vFcbg_VkRw_j92_vuy1sQA5BPuzjEPfHU1y5Fpyy6Ez0We2mRqJqBWhLR4cvcclVkA2Qdg-k6h3cg7eGecjVCUq3yyh93hDKIMeOgOrKGWm-Q9FbGH7G1WhbKB7pYpySPfgeiiJ85mPEd4kZj8HEDMTSsD4pxZ1MJ7T5-8W0LR8xrym4oUZJwEmSDnPoVJTK4WkQMzvNFggWOiy5vmweT0iaEsO1pIlrYEdoLeDfJV5usNG7L2Q7g8OLZqXPEFa0UlvFi_eIt2If7x3YKi8beIG4A_LAnYUKkkZKIxaRLlsqaFFJdnyGBG9MWEPCofTE8SNOluvSeziP85zeBg&sai=AMfl-YTgakZW67SOZBiNYCoBkwfs1qHfSmTWGyDPFzhR87OZ4-nZt3Stkasu1NtBFrFu_iXAJ3hk8PrNMFFqQGhtSfOOeEnhwHoePswKGlE82PweTgB6yRJ0SOgSA9oom1IVdb1TpwcJwCCXWjYLoVhVrbeyUBPkLnZlEuN7-EoRAnAIK6sAxPauYFKFVuykgIX5xx4oEihEWNRvk-XVNBeviz-lXff67unZFUBEathub5k1HKGnGXBnvPvPF4chCtdLI-5Le_40xkvsSd8j-u1rs-2ijVwW6APvtee7JLGztT_PB_NdENAkqvX0xBDRgBwnUPkes52DrUnH6w&sig=Cg0ArKJSzIY4sTaME-Y3EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sdWZ0aGFuc2EuY29tLGh0dHBzOi8vZXhhY3RhZy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=210&vt=11&dtpt=110&dett=3&cstd=96&cisv=r20231207.90184&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0A14 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstpgJzLUVChUgr6QTj6QvyvyWCO0Y_92RyjhHoNdu8bJe1BOSlmWyymVieHQ9zSUWL7LgK2rte9pjmQ8ciEYUN2xrR5vMKEWe0FxXsH1LOEKiJo8vcrYRr3365SZc2qd71EaMM1_9ZiqlB7hjFXswwaAyZx6hHPHKz9C8x4VNQ4zyHAZpypTUm4E3Ope3FLA_jpj8Enbz8HNyP64KOzK6QVMeJCx-smKSEFLa78gunQdZAM1e5mycMpzBMRg9n78HZrDdV0nmzly9nh20LPGq8J01k3fBGScI5WiSvwQ0ewP7xZ07KAUWEOWQhWnW0XTJZ4hmMggaApSDZ8DW-tstPYA7Kw_Jfx28aGfxlcZWl2rzf3lNYvz5DexQqa_q-O8SicoAx5jZtG7RZzDqzqtNS8&sai=AMfl-YQbgEGt69g4282cuywKk9ZcgQPANg-pNs7UxjpCMin7peBbSnkIHn4leFVFi2cs1QMh-otfoyWI98xgNQk&sig=Cg0ArKJSzADHGlJdAHkSEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Dec 2023 06:46:49 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0A14 16 KB
12 KB 56ms
54ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eebae9fff2a10d5c5be121a6196e5c6885f5908ff98533ed828d8e3a0cf57950

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12107
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame D3FC 39 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 13:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Dec 2024 13:11:09 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 8C06 9 KB
4 KB 39ms
39ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=15573%2C19769%2C117569&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=744f0ce759df0a71eb76083db091d9e4%2F10002011977700085702&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209313&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jrb01d2knbfkqcexkyf2mwg9xze9spjd17mk12zzxmy87t292hcyzhmstf4dzrs70nxzp1941ddst8chfxzhhmese0tb2y1gz6hwwvh0veh5zckx8rxvp22wf2wemmw9t7pzm2qfv47p52nz4j43mdw308f9f53j3pw2nnst5xhdvcdertrgjh5ccenkkw76g2smpvm91fn5dc736xznzabwbwsqsegcev1pftqqz6y44t3kcb3gvqyztvs8g34d38x22grbrah95w90ds53kgd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvCJZWN-DZaPkK-Gs5LcPxoOpsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0wFP0M7S66V-_N6N0zMyrEjmglbCvPqbapoXveHHpRfaxtnevTcZsJknDfmUOYCE8ts2ZlDuNc1Cr0ArLNbcZXRMO3YOhgmFg7KAmdVnCEIwYufA8dBZlTIwQ3VnEfrQTgGCPaa9OOjIqBPP2AnzNy-8z9RzVx3n_N1hwS_r_QQUEdYRk4y-XzkUyBb35KvVcBFI4NOj-NQd_x5VY9matjO-zad3YeZTpDpGw0O43f4MdfDDyo2AXmizGK8W95eQ9izAZM99t4p5mpYq8a3R_YhH0Yy6gAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WK64-bX3n4MD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_38jD7TGM3zFR0IQ_LVfTQceZ5rCA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44a50c698138148313b119150ca6eb07948336ebbda7d9a64a8403e192772706

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1gkkknac84h3pnth786hnfzkn5dyszx60c5vr1vhr697tsn7zmzqp5vhewvds2f0njcwn36v72zks5616czkgt8gtq075sfwc39vzcaevycmpcv9n39888j4zrkxe2nv9yng4twvk1hsnmqa85gzdsr5yzex5p83wdfe15teykg5w85c78jdeh752wyhjfh4sm7bjk4sb95db41sajcf5g497x4vkqh4232p5e91vjwh4kmr0dbg067btkw3dnx18r1pfxjpteahk8cd110n7kc5fsazdgna8qzdbx21r51ejf8e8kejk3w8kb9j8kv7xqgyz4xkvk66bnabgnq4sjcsymzy7khch943yfk9dtv3p17heafndsccshgksnp7qwzmhacesgcdqt7kgs6619h6hbhsavm4as3mxvm2wn3haa6fzdyrz0y00z3tpvyzpqfptnyydc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvCJZWN-DZaPkK-Gs5LcPxoOpsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0wFP0M7S66V-_N6N0zMyrEjmglbCvPqbapoXveHHpRfaxtnevTcZsJknDfmUOYCE8ts2ZlDuNc1Cr0ArLNbcZXRMO3YOhgmFg7KAmdVnCEIwYufA8dBZlTIwQ3VnEfrQTgGCPaa9OOjIqBPP2AnzNy-8z9RzVx3n_N1hwS_r_QQUEdYRk4y-XzkUyBb35KvVcBFI4NOj-NQd_x5VY9matjO-zad3YeZTpDpGw0O43f4MdfDDyo2AXmizGK8W95eQ9izAZM99t4p5mpYq8a3R_YhH0Yy6gAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WK64-bX3n4MD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_38jD7TGM3zFR0IQ_LVfTQceZ5rCA%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 838e2b8ef9c71ca1-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 06:46:49 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 5023 115 KB
14 KB 19ms
19ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hmdhs9f53dpzrd6yd31nkbagxg8tx6q5adyn6z488vwyxsmn3bs35d31aret2mfxghkn40714tc0dqcqwyse0x3rrdvrwc4dy4raww32skgze6pcbzp6hmy9axq4dprzft2ns4wa0dhkwwvne25p5bg2b0qxqqryk2r14xm68amvs1cs1152pz5pdy583xgc402x2fhp23y2awpmm602q14zx1b48yddpf677xzdw3rghf66j6m01f4wxpd9jf0m439qyx4wn19v21737zajyr8tmph44ekrnrhhn1vhk917cpee2br338rg6h89aq87rcse41mezsmzjj4d1n4enp69ejhkmdryhtvyb4netzxprxdjj7p8nt2fxbg3z1qnmkdg31g16f44ydcyxyecyrr7crx5sn6sqjce6kft7mn6tbnc754pzfwnqjb8r5cek7xcvkcxc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO7sSWN-DZYKnOZbvsgf3varACpDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAujw45njXLI-qAMByAMCqgTQAU_QL5zorZeNcsPxh9fJTlYRHEozvvaTPXCZ5cgPYd-70MnYumWc21rIVOqwrBMIEbl30NvMFvje0E3jCvRLQdT9g2FCVT6iuth5tYn8-MEWiB0MUn0IMf8MYPEaw5UMmgCOmyhM3umN1WycDwMUo9i9blxuVA6lqP7cfdY5HrXe9aP4bNejXrtnmMJcKxtF58FWqSR4ED6UWCffsvwVZ2i8ELBS5SzP3M-bHLxtIQRq4E73kJ9feztn1MbL8tbi7GLPonbZZnycGK5GKlxpX9-ABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli4gIe295-DA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_JXcTwlnbwpUX7EJ9yAcBvwHEeQ%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hmdhs9f53dpzrd6yd31nkbagxg8tx6q5adyn6z488vwyxsmn3bs35d31aret2mfxghkn40714tc0dqcqwyse0x3rrdvrwc4dy4raww32skgze6pcbzp6hmy9axq4dprzft2ns4wa0dhkwwvne25p5bg2b0qxqqryk2r14xm68amvs1cs1152pz5pdy583xgc402x2fhp23y2awpmm602q14zx1b48yddpf677xzdw3rghf66j6m01f4wxpd9jf0m439qyx4wn19v21737zajyr8tmph44ekrnrhhn1vhk917cpee2br338rg6h89aq87rcse41mezsmzjj4d1n4enp69ejhkmdryhtvyb4netzxprxdjj7p8nt2fxbg3z1qnmkdg31g16f44ydcyxyecyrr7crx5sn6sqjce6kft7mn6tbnc754pzfwnqjb8r5cek7xcvkcxc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO7sSWN-DZYKnOZbvsgf3varACpDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAujw45njXLI-qAMByAMCqgTQAU_QL5zorZeNcsPxh9fJTlYRHEozvvaTPXCZ5cgPYd-70MnYumWc21rIVOqwrBMIEbl30NvMFvje0E3jCvRLQdT9g2FCVT6iuth5tYn8-MEWiB0MUn0IMf8MYPEaw5UMmgCOmyhM3umN1WycDwMUo9i9blxuVA6lqP7cfdY5HrXe9aP4bNejXrtnmMJcKxtF58FWqSR4ED6UWCffsvwVZ2i8ELBS5SzP3M-bHLxtIQRq4E73kJ9feztn1MbL8tbi7GLPonbZZnycGK5GKlxpX9-ABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli4gIe295-DA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_JXcTwlnbwpUX7EJ9yAcBvwHEeQ%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 706934
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hec%2FHAx6JJbkHtCpfaAN7eTLR9u%2FKqpnXTnp2uEFFL89KKDHsaWBX5J4LIUMIJ6sThv%2BW3Nj9MB7LrJKlCQrpfrmvhA39OnJvpm7Ysv%2BcRC88Us7QhkT294YIzqXBWBGg7CSjWRMDU4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 838e2b8f19d91ca1-FRA
expires: Fri, 22 Dec 2023 06:46:49 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 5023 24 KB
10 KB 20ms
20ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hmdhs9f53dpzrd6yd31nkbagxg8tx6q5adyn6z488vwyxsmn3bs35d31aret2mfxghkn40714tc0dqcqwyse0x3rrdvrwc4dy4raww32skgze6pcbzp6hmy9axq4dprzft2ns4wa0dhkwwvne25p5bg2b0qxqqryk2r14xm68amvs1cs1152pz5pdy583xgc402x2fhp23y2awpmm602q14zx1b48yddpf677xzdw3rghf66j6m01f4wxpd9jf0m439qyx4wn19v21737zajyr8tmph44ekrnrhhn1vhk917cpee2br338rg6h89aq87rcse41mezsmzjj4d1n4enp69ejhkmdryhtvyb4netzxprxdjj7p8nt2fxbg3z1qnmkdg31g16f44ydcyxyecyrr7crx5sn6sqjce6kft7mn6tbnc754pzfwnqjb8r5cek7xcvkcxc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO7sSWN-DZYKnOZbvsgf3varACpDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAujw45njXLI-qAMByAMCqgTQAU_QL5zorZeNcsPxh9fJTlYRHEozvvaTPXCZ5cgPYd-70MnYumWc21rIVOqwrBMIEbl30NvMFvje0E3jCvRLQdT9g2FCVT6iuth5tYn8-MEWiB0MUn0IMf8MYPEaw5UMmgCOmyhM3umN1WycDwMUo9i9blxuVA6lqP7cfdY5HrXe9aP4bNejXrtnmMJcKxtF58FWqSR4ED6UWCffsvwVZ2i8ELBS5SzP3M-bHLxtIQRq4E73kJ9feztn1MbL8tbi7GLPonbZZnycGK5GKlxpX9-ABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli4gIe295-DA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_JXcTwlnbwpUX7EJ9yAcBvwHEeQ%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 77519
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UL%2FLDyBemS3D5va9USIIs5Tgi5ncbfzlA7F9M8O5woH8vtEzNEJY0w%2FtWgnpf2ukypMu%2BvRVMq4TfeG5W6el7ztfu3Dk32jMcpMTkr%2FO%2FE15Cf7tPkUFtR9o%2FgivdG5ng6Jmaw0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 838e2b8f19da1ca1-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 09:16:49 GMT

GET
DATA 200
OK truncated
/ Frame 06E3 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d83765df9c0a17c075f398cecee0a3498629b3bd4550ba214d60f1f630834fa9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B876 17 KB
6 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 06:46:49 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame F364 0
103 B 15ms
12ms Image
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHZVfPbLjo4c6znKV13p6R0&google_cver=1&google_push=AXcoOmTWwKJjiup-QlweD2mO3UAG5w_8m_HTHQSHvygQ2PzrXF6S6mNJdECmn-CN6c-mS2vsv6c9mdrSsUS2jeavdyMGakCzVPuHEw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208189&bpp=313&bdt=171&idt=660&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=0&ifk=4082199518&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079758%2C44798934%2C95320885&oid=2&pvsid=3853718522373933&tmod=1669376511&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.hbg5n0rfinfl&fsb=1&dtd=663
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F364
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEC5MVYh-hmqq1_PaVBTSfSo&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UGJSWDJ3Z0gxUmdjUHY1&google_gid=CAESEC5MVYh-hmqq1_PaVBTSfSo&google_cver=1&google_push=AXcoOmTz75ZmVETnU-NtJ9zYVra4_NnotmwovEw2zLDFWtk...

170 B
188 B

17ms
17ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UGJSWDJ3Z0gxUmdjUHY1&google_gid=CAESEC5MVYh-hmqq1_PaVBTSfSo&google_cver=1&google_push=AXcoOmTz75ZmVETnU-NtJ9zYVra4_NnotmwovEw2zLDFWtk4EkU3LmRmamvUaxnJ6O3BPBrBZXIzyA10Dw8B4EaTGXrTWmTJqjoH

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208189&bpp=313&bdt=171&idt=660&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=0&ifk=4082199518&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079758%2C44798934%2C95320885&oid=2&pvsid=3853718522373933&tmod=1669376511&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.hbg5n0rfinfl&fsb=1&dtd=663

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 21 Dec 2023 06:46:48 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-006fa252bd7417634@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UGJSWDJ3Z0gxUmdjUHY1&google_gid=CAESEC5MVYh-hmqq1_PaVBTSfSo&google_cver=1&google_push=AXcoOmTz75ZmVETnU-NtJ9zYVra4_NnotmwovEw2zLDFWtk4EkU3LmRmamvUaxnJ6O3BPBrBZXIzyA10Dw8B4EaTGXrTWmTJqjoH
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame F364 43 B
145 B 10ms
7ms Image
image/gif 35.156.190.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJFBTlp8pQZrCRNJNhYyGQM&google_cver=1&google_push=AXcoOmQsLiDSFqb93gruksSpNQnAe4XbUDNS83BIqXCqUhJxTJBZb2p3u5J-5eZRDVoWz8Zuaaoo6a_qdKoMhMkywnYNAMDh4HOyqw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208189&bpp=313&bdt=171&idt=660&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=0&ifk=4082199518&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079758%2C44798934%2C95320885&oid=2&pvsid=3853718522373933&tmod=1669376511&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.hbg5n0rfinfl&fsb=1&dtd=663
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.190.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-190-4.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame F364 0
41 B 15ms
12ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKK01TzmSw9c-T2Om-k4zY0&google_cver=1&google_push=AXcoOmQVKS9QgnFqZB8JxvyzAYZnnLGRczTwhkhCXKz-DNFXUBzk03B96zXZF1KLeDn6C0gQ31JmPbAqlos4av3Th9IcrLCdwnfm
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208189&bpp=313&bdt=171&idt=660&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=0&ifk=4082199518&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079758%2C44798934%2C95320885&oid=2&pvsid=3853718522373933&tmod=1669376511&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.hbg5n0rfinfl&fsb=1&dtd=663
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 21 Dec 2023 06:46:48 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F364
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBe5Lpf_SdSmjwRYsfn54_c&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBe5Lpf_SdSmjwRYsfn54_c&google_hm=ZYPfWSHpnNLfpWuV-LZDnQAACJkAAAIB&google_nid=index&google_push=AXcoOmTZYWc6nWk7iGo2JLn90DSzIeo71nrQG...

170 B
188 B

16ms
16ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBe5Lpf_SdSmjwRYsfn54_c&google_hm=ZYPfWSHpnNLfpWuV-LZDnQAACJkAAAIB&google_nid=index&google_push=AXcoOmTZYWc6nWk7iGo2JLn90DSzIeo71nrQG4B6QemS6fmWYamxEb2VSAdm4GZXBw_zv2vEDGpmUpokH9EmhVOn2TxLYB0xHy7W5g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208189&bpp=313&bdt=171&idt=660&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=0&ifk=4082199518&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079758%2C44798934%2C95320885&oid=2&pvsid=3853718522373933&tmod=1669376511&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.hbg5n0rfinfl&fsb=1&dtd=663

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ouee60obEW76uSwPnFKC0cpO2nClHyomliToO84gRgJjQzHNigeXva8%2FyzTg6glBvYYCQ5JOwFwkzSe0EySs7qfp9Lr8osoLnEP3iONDdEVy8YtPoG1Gt7Ey7nwZMmIfpNS4DUjFoMviag%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBe5Lpf_SdSmjwRYsfn54_c&google_hm=ZYPfWSHpnNLfpWuV-LZDnQAACJkAAAIB&google_nid=index&google_push=AXcoOmTZYWc6nWk7iGo2JLn90DSzIeo71nrQG4B6QemS6fmWYamxEb2VSAdm4GZXBw_zv2vEDGpmUpokH9EmhVOn2TxLYB0xHy7W5g
cache-control: no-cache
cf-ray: 838e2b8f3c7430e4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F364
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEM...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmTIE5tws7xVdM2p0k9UoxdZZvy0-LAjODAU9zzsS4AaOLat6agY3yBNW2AWOhoXDIe91fQSXo12YEhCEeL320qu_NT_bsrKQQ&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-f469cf96-bcfb-4c37-82d8-aaaee8bc7a46-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTIE5tws7xVdM2p0k9Uo...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTIE5tws7xVdM2p0k9UoxdZZvy0-LAjODAU9zzsS4AaOLat6agY3yBNW2AWOhoXDIe91fQSXo12YEhCEeL320qu_NT_bsrKQQ&google_hm=A_Rpz5a8-0w3gtiqrui8ekY

170 B
188 B

18ms
18ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTIE5tws7xVdM2p0k9UoxdZZvy0-LAjODAU9zzsS4AaOLat6agY3yBNW2AWOhoXDIe91fQSXo12YEhCEeL320qu_NT_bsrKQQ&google_hm=A_Rpz5a8-0w3gtiqrui8ekY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208189&bpp=313&bdt=171&idt=660&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=0&ifk=4082199518&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079758%2C44798934%2C95320885&oid=2&pvsid=3853718522373933&tmod=1669376511&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.hbg5n0rfinfl&fsb=1&dtd=663

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTIE5tws7xVdM2p0k9UoxdZZvy0-LAjODAU9zzsS4AaOLat6agY3yBNW2AWOhoXDIe91fQSXo12YEhCEeL320qu_NT_bsrKQQ&google_hm=A_Rpz5a8-0w3gtiqrui8ekY
date: Thu, 21 Dec 2023 06:46:49 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXf469cf96bcfb4c3782d8aaaee8bc7a46003
content-type: text/html

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame F364 43 B
145 B 11ms
8ms Image
image/gif 35.156.190.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEHwiWbGF-iQ2JbNm1E9KdGE&google_cver=1&google_push=AXcoOmR8AVklBEuVf6roo7JGFDFFi_pIVOnhvzBb7YrhFLLa0LamZxrLPDlVkhgh-_4kW3PKxZOP7jQsxDEIpAU6dcj2QMeopaMDE0M
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208189&bpp=313&bdt=171&idt=660&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=0&ifk=4082199518&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079758%2C44798934%2C95320885&oid=2&pvsid=3853718522373933&tmod=1669376511&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.hbg5n0rfinfl&fsb=1&dtd=663
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.190.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-190-4.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F364 0
12 B 15ms
15ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ll4sQWkI8-C8aI5WudAs0TTuYe1r74wbk7IYQLlpOEIr12V5hSKZ4QgMBLZ_h2tmdi_MQrkQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208189&bpp=313&bdt=171&idt=660&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=0&ifk=4082199518&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079758%2C44798934%2C95320885&oid=2&pvsid=3853718522373933&tmod=1669376511&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.hbg5n0rfinfl&fsb=1&dtd=663

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9077 0
0 41ms
41ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=224282422352283&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 main.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame 92B8 3 KB
1 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=ixfvXlJh7S&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=ixfvXlJh7S&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:36:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 639
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1100
x-xss-protection: 0
last-modified: Fri, 05 May 2023 10:07:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Dec 2023 06:51:10 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 92B8 8 KB
6 KB 49ms
49ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ed423cb6a28678f3ba7777396579f0055554797beaff42bfa1da78e2d049650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5905
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3F38 13 KB
5 KB 8ms
8ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 41316
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 19:18:13 GMT
expires: Thu, 19 Dec 2024 19:18:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 977E 829 B
560 B 17ms
16ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3e2db64c7527b5dcfe99dc3876bde8b9d6e85241d973ece281297285c6b995f6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kSAxFpedAp_ct23xHLG6Xg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-kSAxFpedAp_ct23xHLG6Xg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 06:46:49 GMT
expires: Thu, 21 Dec 2023 06:46:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0A14 17 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 06:46:49 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 8C06 115 KB
14 KB 22ms
21ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C19769%2C117569&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=744f0ce759df0a71eb76083db091d9e4%2F10002011977700085702&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209313&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jrb01d2knbfkqcexkyf2mwg9xze9spjd17mk12zzxmy87t292hcyzhmstf4dzrs70nxzp1941ddst8chfxzhhmese0tb2y1gz6hwwvh0veh5zckx8rxvp22wf2wemmw9t7pzm2qfv47p52nz4j43mdw308f9f53j3pw2nnst5xhdvcdertrgjh5ccenkkw76g2smpvm91fn5dc736xznzabwbwsqsegcev1pftqqz6y44t3kcb3gvqyztvs8g34d38x22grbrah95w90ds53kgd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvCJZWN-DZaPkK-Gs5LcPxoOpsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0wFP0M7S66V-_N6N0zMyrEjmglbCvPqbapoXveHHpRfaxtnevTcZsJknDfmUOYCE8ts2ZlDuNc1Cr0ArLNbcZXRMO3YOhgmFg7KAmdVnCEIwYufA8dBZlTIwQ3VnEfrQTgGCPaa9OOjIqBPP2AnzNy-8z9RzVx3n_N1hwS_r_QQUEdYRk4y-XzkUyBb35KvVcBFI4NOj-NQd_x5VY9matjO-zad3YeZTpDpGw0O43f4MdfDDyo2AXmizGK8W95eQ9izAZM99t4p5mpYq8a3R_YhH0Yy6gAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WK64-bX3n4MD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_38jD7TGM3zFR0IQ_LVfTQceZ5rCA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=15573%2C19769%2C117569&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=744f0ce759df0a71eb76083db091d9e4%2F10002011977700085702&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209313&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jrb01d2knbfkqcexkyf2mwg9xze9spjd17mk12zzxmy87t292hcyzhmstf4dzrs70nxzp1941ddst8chfxzhhmese0tb2y1gz6hwwvh0veh5zckx8rxvp22wf2wemmw9t7pzm2qfv47p52nz4j43mdw308f9f53j3pw2nnst5xhdvcdertrgjh5ccenkkw76g2smpvm91fn5dc736xznzabwbwsqsegcev1pftqqz6y44t3kcb3gvqyztvs8g34d38x22grbrah95w90ds53kgd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvCJZWN-DZaPkK-Gs5LcPxoOpsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0wFP0M7S66V-_N6N0zMyrEjmglbCvPqbapoXveHHpRfaxtnevTcZsJknDfmUOYCE8ts2ZlDuNc1Cr0ArLNbcZXRMO3YOhgmFg7KAmdVnCEIwYufA8dBZlTIwQ3VnEfrQTgGCPaa9OOjIqBPP2AnzNy-8z9RzVx3n_N1hwS_r_QQUEdYRk4y-XzkUyBb35KvVcBFI4NOj-NQd_x5VY9matjO-zad3YeZTpDpGw0O43f4MdfDDyo2AXmizGK8W95eQ9izAZM99t4p5mpYq8a3R_YhH0Yy6gAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WK64-bX3n4MD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_38jD7TGM3zFR0IQ_LVfTQceZ5rCA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 706934
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMPx%2BF4g2CuIFfyQJVjIY7gQInm%2B6Q6q79noXmnU37tlC8iOiOXUzowRfMJmj6SI4%2FGUcrQ51kQ5kOiQtZINY7F85rH8sfbn61PHc%2BetdU%2F0MkZKbNh1014yW2fnywgYCcuEg2aH9AM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 838e2b8f4a031ca1-FRA
expires: Fri, 22 Dec 2023 06:46:49 GMT

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 8C06 9 KB
9 KB 40ms
23ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C19769%2C117569&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=744f0ce759df0a71eb76083db091d9e4%2F10002011977700085702&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209313&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jrb01d2knbfkqcexkyf2mwg9xze9spjd17mk12zzxmy87t292hcyzhmstf4dzrs70nxzp1941ddst8chfxzhhmese0tb2y1gz6hwwvh0veh5zckx8rxvp22wf2wemmw9t7pzm2qfv47p52nz4j43mdw308f9f53j3pw2nnst5xhdvcdertrgjh5ccenkkw76g2smpvm91fn5dc736xznzabwbwsqsegcev1pftqqz6y44t3kcb3gvqyztvs8g34d38x22grbrah95w90ds53kgd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvCJZWN-DZaPkK-Gs5LcPxoOpsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0wFP0M7S66V-_N6N0zMyrEjmglbCvPqbapoXveHHpRfaxtnevTcZsJknDfmUOYCE8ts2ZlDuNc1Cr0ArLNbcZXRMO3YOhgmFg7KAmdVnCEIwYufA8dBZlTIwQ3VnEfrQTgGCPaa9OOjIqBPP2AnzNy-8z9RzVx3n_N1hwS_r_QQUEdYRk4y-XzkUyBb35KvVcBFI4NOj-NQd_x5VY9matjO-zad3YeZTpDpGw0O43f4MdfDDyo2AXmizGK8W95eQ9izAZM99t4p5mpYq8a3R_YhH0Yy6gAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WK64-bX3n4MD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_38jD7TGM3zFR0IQ_LVfTQceZ5rCA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3550341
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 8772
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:13:38 GMT
server: cloudflare
etag: "15b1f39d668aa86c2ba2ba17d94cc733"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5GslUnOaUPXj7pXphwjpb41%2Bc%2FojULLlccuIaeMcWCjKGwoJzdULOc2iYDSL%2BVHsiLqQ9x2AE4iJZGFy3QAbjwUgHWVX8qhNJssIaaZWnH%2FF38HPKYesE%2B%2BdetNswEySQ%2B3kTFS7BVQkBUtO"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 838e2b8f6d7c18e4-FRA

GET
H2 200 7959CC8A5841863E2029D11337BD9743816B11539BB7B5FE82C05DA418BFFEA9B2B39CC1367019AB169ACFDD5A75E84454CFD285683B9548532D984CEBD8DAF8
assets.ad4m.at/product_image/ Frame 8C06 21 KB
21 KB 39ms
22ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/7959CC8A5841863E2029D11337BD9743816B11539BB7B5FE82C05DA418BFFEA9B2B39CC1367019AB169ACFDD5A75E84454CFD285683B9548532D984CEBD8DAF8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C19769%2C117569&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=744f0ce759df0a71eb76083db091d9e4%2F10002011977700085702&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209313&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jrb01d2knbfkqcexkyf2mwg9xze9spjd17mk12zzxmy87t292hcyzhmstf4dzrs70nxzp1941ddst8chfxzhhmese0tb2y1gz6hwwvh0veh5zckx8rxvp22wf2wemmw9t7pzm2qfv47p52nz4j43mdw308f9f53j3pw2nnst5xhdvcdertrgjh5ccenkkw76g2smpvm91fn5dc736xznzabwbwsqsegcev1pftqqz6y44t3kcb3gvqyztvs8g34d38x22grbrah95w90ds53kgd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvCJZWN-DZaPkK-Gs5LcPxoOpsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0wFP0M7S66V-_N6N0zMyrEjmglbCvPqbapoXveHHpRfaxtnevTcZsJknDfmUOYCE8ts2ZlDuNc1Cr0ArLNbcZXRMO3YOhgmFg7KAmdVnCEIwYufA8dBZlTIwQ3VnEfrQTgGCPaa9OOjIqBPP2AnzNy-8z9RzVx3n_N1hwS_r_QQUEdYRk4y-XzkUyBb35KvVcBFI4NOj-NQd_x5VY9matjO-zad3YeZTpDpGw0O43f4MdfDDyo2AXmizGK8W95eQ9izAZM99t4p5mpYq8a3R_YhH0Yy6gAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WK64-bX3n4MD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_38jD7TGM3zFR0IQ_LVfTQceZ5rCA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 086201b1717dc01de92caf616dba26dac813fabb51aa117fb6c42502b4b1e08c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1726481
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 21332
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:10:58 GMT
server: cloudflare
etag: "50190e2f2596fbaf0b3827698ee24008"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T5kvytKzdrWUAXILdXWO4YUlFLiI%2B3E%2F3lXk%2FxGqF9hrSzIfXOaC%2FI6gotdbmXN%2FnOM4cpUy5aNSiTYmvuZg0sz1DGMhNpSPwFLMGayTZYAi5HF5gEW24Jre72gY7YfLBdfJlQxgO20K1XVe"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 838e2b8f6d7918e4-FRA

GET
H2 200 2aed39855b5f46b72660fe7fe4b2634f
pv.medialead.de/trck/epv/ Frame 8C06 0
327 B 67ms
18ms Image
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/epv/2aed39855b5f46b72660fe7fe4b2634f?t=htlp&subid=oneidG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C19769%2C117569&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=744f0ce759df0a71eb76083db091d9e4%2F10002011977700085702&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209313&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jrb01d2knbfkqcexkyf2mwg9xze9spjd17mk12zzxmy87t292hcyzhmstf4dzrs70nxzp1941ddst8chfxzhhmese0tb2y1gz6hwwvh0veh5zckx8rxvp22wf2wemmw9t7pzm2qfv47p52nz4j43mdw308f9f53j3pw2nnst5xhdvcdertrgjh5ccenkkw76g2smpvm91fn5dc736xznzabwbwsqsegcev1pftqqz6y44t3kcb3gvqyztvs8g34d38x22grbrah95w90ds53kgd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvCJZWN-DZaPkK-Gs5LcPxoOpsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0wFP0M7S66V-_N6N0zMyrEjmglbCvPqbapoXveHHpRfaxtnevTcZsJknDfmUOYCE8ts2ZlDuNc1Cr0ArLNbcZXRMO3YOhgmFg7KAmdVnCEIwYufA8dBZlTIwQ3VnEfrQTgGCPaa9OOjIqBPP2AnzNy-8z9RzVx3n_N1hwS_r_QQUEdYRk4y-XzkUyBb35KvVcBFI4NOj-NQd_x5VY9matjO-zad3YeZTpDpGw0O43f4MdfDDyo2AXmizGK8W95eQ9izAZM99t4p5mpYq8a3R_YhH0Yy6gAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WK64-bX3n4MD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_38jD7TGM3zFR0IQ_LVfTQceZ5rCA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
attribution-reporting-register-source: {"source_event_id":"17200573720104378","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 8C06 4 KB
5 KB 19ms
19ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C19769%2C117569&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=744f0ce759df0a71eb76083db091d9e4%2F10002011977700085702&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209313&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jrb01d2knbfkqcexkyf2mwg9xze9spjd17mk12zzxmy87t292hcyzhmstf4dzrs70nxzp1941ddst8chfxzhhmese0tb2y1gz6hwwvh0veh5zckx8rxvp22wf2wemmw9t7pzm2qfv47p52nz4j43mdw308f9f53j3pw2nnst5xhdvcdertrgjh5ccenkkw76g2smpvm91fn5dc736xznzabwbwsqsegcev1pftqqz6y44t3kcb3gvqyztvs8g34d38x22grbrah95w90ds53kgd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvCJZWN-DZaPkK-Gs5LcPxoOpsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0wFP0M7S66V-_N6N0zMyrEjmglbCvPqbapoXveHHpRfaxtnevTcZsJknDfmUOYCE8ts2ZlDuNc1Cr0ArLNbcZXRMO3YOhgmFg7KAmdVnCEIwYufA8dBZlTIwQ3VnEfrQTgGCPaa9OOjIqBPP2AnzNy-8z9RzVx3n_N1hwS_r_QQUEdYRk4y-XzkUyBb35KvVcBFI4NOj-NQd_x5VY9matjO-zad3YeZTpDpGw0O43f4MdfDDyo2AXmizGK8W95eQ9izAZM99t4p5mpYq8a3R_YhH0Yy6gAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WK64-bX3n4MD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_38jD7TGM3zFR0IQ_LVfTQceZ5rCA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24870
cf-polished: qual=85, origFmt=jpeg, origSize=7258
alt-svc: h3=":443"; ma=86400
content-length: 4294
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 09:56:16 GMT
server: cloudflare
etag: "679602b08629bcaaabfcfad4e68fe53a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dpr9ipH%2FvRE4qpLD%2BcTTwP6yH7PSVckaVkFKYofCBN%2F4pgTuyDfLTIObEf9OGleFq3tZYpMXYCXA4bIB353fGmoB73rVc8YQHPT8%2BigcWjBCDoIuZW3oA5pvZmngTYL%2Fo8i4VRfGWE0ePAAy"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 838e2b8f7d8818e4-FRA

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 8C06 15 KB
16 KB 22ms
22ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C19769%2C117569&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=744f0ce759df0a71eb76083db091d9e4%2F10002011977700085702&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209313&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jrb01d2knbfkqcexkyf2mwg9xze9spjd17mk12zzxmy87t292hcyzhmstf4dzrs70nxzp1941ddst8chfxzhhmese0tb2y1gz6hwwvh0veh5zckx8rxvp22wf2wemmw9t7pzm2qfv47p52nz4j43mdw308f9f53j3pw2nnst5xhdvcdertrgjh5ccenkkw76g2smpvm91fn5dc736xznzabwbwsqsegcev1pftqqz6y44t3kcb3gvqyztvs8g34d38x22grbrah95w90ds53kgd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvCJZWN-DZaPkK-Gs5LcPxoOpsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0wFP0M7S66V-_N6N0zMyrEjmglbCvPqbapoXveHHpRfaxtnevTcZsJknDfmUOYCE8ts2ZlDuNc1Cr0ArLNbcZXRMO3YOhgmFg7KAmdVnCEIwYufA8dBZlTIwQ3VnEfrQTgGCPaa9OOjIqBPP2AnzNy-8z9RzVx3n_N1hwS_r_QQUEdYRk4y-XzkUyBb35KvVcBFI4NOj-NQd_x5VY9matjO-zad3YeZTpDpGw0O43f4MdfDDyo2AXmizGK8W95eQ9izAZM99t4p5mpYq8a3R_YhH0Yy6gAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WK64-bX3n4MD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_38jD7TGM3zFR0IQ_LVfTQceZ5rCA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1986794
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 15521
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:09:52 GMT
server: cloudflare
etag: "269bd58060bc660c3aec98b388bae571"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jhSy4KT9fXf7AJPHdpEd0hoa1Az32Qw%2B6VsX9e9IMhEG%2BsTJcZ52SViwz3G0KkWr0cdD6EnRwOHgdrWaWwLmkaHRPkOm3zWYOYMAkguRLiVa5jGzCjsd6rYn%2BMFbNYnYXkbpSKtE9%2Fb65ow"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 838e2b8f7d8a18e4-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 8C06 43 B
704 B 95ms
56ms Image
image/gif 92.123.148.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C19769%2C117569&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=744f0ce759df0a71eb76083db091d9e4%2F10002011977700085702&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209313&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jrb01d2knbfkqcexkyf2mwg9xze9spjd17mk12zzxmy87t292hcyzhmstf4dzrs70nxzp1941ddst8chfxzhhmese0tb2y1gz6hwwvh0veh5zckx8rxvp22wf2wemmw9t7pzm2qfv47p52nz4j43mdw308f9f53j3pw2nnst5xhdvcdertrgjh5ccenkkw76g2smpvm91fn5dc736xznzabwbwsqsegcev1pftqqz6y44t3kcb3gvqyztvs8g34d38x22grbrah95w90ds53kgd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvCJZWN-DZaPkK-Gs5LcPxoOpsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0wFP0M7S66V-_N6N0zMyrEjmglbCvPqbapoXveHHpRfaxtnevTcZsJknDfmUOYCE8ts2ZlDuNc1Cr0ArLNbcZXRMO3YOhgmFg7KAmdVnCEIwYufA8dBZlTIwQ3VnEfrQTgGCPaa9OOjIqBPP2AnzNy-8z9RzVx3n_N1hwS_r_QQUEdYRk4y-XzkUyBb35KvVcBFI4NOj-NQd_x5VY9matjO-zad3YeZTpDpGw0O43f4MdfDDyo2AXmizGK8W95eQ9izAZM99t4p5mpYq8a3R_YhH0Yy6gAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WK64-bX3n4MD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_38jD7TGM3zFR0IQ_LVfTQceZ5rCA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-148-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Dec 2023 06:46:49 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 8C06 2 KB
2 KB 20ms
19ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C19769%2C117569&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=744f0ce759df0a71eb76083db091d9e4%2F10002011977700085702&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209313&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jrb01d2knbfkqcexkyf2mwg9xze9spjd17mk12zzxmy87t292hcyzhmstf4dzrs70nxzp1941ddst8chfxzhhmese0tb2y1gz6hwwvh0veh5zckx8rxvp22wf2wemmw9t7pzm2qfv47p52nz4j43mdw308f9f53j3pw2nnst5xhdvcdertrgjh5ccenkkw76g2smpvm91fn5dc736xznzabwbwsqsegcev1pftqqz6y44t3kcb3gvqyztvs8g34d38x22grbrah95w90ds53kgd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvCJZWN-DZaPkK-Gs5LcPxoOpsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0wFP0M7S66V-_N6N0zMyrEjmglbCvPqbapoXveHHpRfaxtnevTcZsJknDfmUOYCE8ts2ZlDuNc1Cr0ArLNbcZXRMO3YOhgmFg7KAmdVnCEIwYufA8dBZlTIwQ3VnEfrQTgGCPaa9OOjIqBPP2AnzNy-8z9RzVx3n_N1hwS_r_QQUEdYRk4y-XzkUyBb35KvVcBFI4NOj-NQd_x5VY9matjO-zad3YeZTpDpGw0O43f4MdfDDyo2AXmizGK8W95eQ9izAZM99t4p5mpYq8a3R_YhH0Yy6gAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WK64-bX3n4MD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_38jD7TGM3zFR0IQ_LVfTQceZ5rCA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 34151
cf-polished: origFmt=png, origSize=2170
alt-svc: h3=":443"; ma=86400
content-length: 1662
cf-bgj: imgq:85,h2pri
last-modified: Mon, 13 Nov 2023 08:38:25 GMT
server: cloudflare
etag: "4721aa7c2d5fa652c8092463f9a485bd"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Frppy4vntr1Mg86Rbi5FOuDr1XOFg%2FPd9xq5Tv7wrp4ncI8RFyYuGznAjH5XfRzFlkpJaprcxFIITpZZWXQYlA5YgLwlP%2Bs9uk2VsB3Ghxhi03lA%2BLEU9sMVxunHE03HfAAOqqR%2FTvl7lUKs"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 838e2b8f7d8b18e4-FRA

GET
H2 200 B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame 8C06 23 KB
23 KB 20ms
20ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C19769%2C117569&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=744f0ce759df0a71eb76083db091d9e4%2F10002011977700085702&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209313&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jrb01d2knbfkqcexkyf2mwg9xze9spjd17mk12zzxmy87t292hcyzhmstf4dzrs70nxzp1941ddst8chfxzhhmese0tb2y1gz6hwwvh0veh5zckx8rxvp22wf2wemmw9t7pzm2qfv47p52nz4j43mdw308f9f53j3pw2nnst5xhdvcdertrgjh5ccenkkw76g2smpvm91fn5dc736xznzabwbwsqsegcev1pftqqz6y44t3kcb3gvqyztvs8g34d38x22grbrah95w90ds53kgd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCvCJZWN-DZaPkK-Gs5LcPxoOpsAWQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0wFP0M7S66V-_N6N0zMyrEjmglbCvPqbapoXveHHpRfaxtnevTcZsJknDfmUOYCE8ts2ZlDuNc1Cr0ArLNbcZXRMO3YOhgmFg7KAmdVnCEIwYufA8dBZlTIwQ3VnEfrQTgGCPaa9OOjIqBPP2AnzNy-8z9RzVx3n_N1hwS_r_QQUEdYRk4y-XzkUyBb35KvVcBFI4NOj-NQd_x5VY9matjO-zad3YeZTpDpGw0O43f4MdfDDyo2AXmizGK8W95eQ9izAZM99t4p5mpYq8a3R_YhH0Yy6gAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WK64-bX3n4MD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_38jD7TGM3zFR0IQ_LVfTQceZ5rCA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3370142
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 23392
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:08:23 GMT
server: cloudflare
etag: "faa9f958d13ef03f911b71f117846705"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a2clO4O%2B7jObesKmitqKTD4Veg67kiEPlTY7KwTaGNY0MZ%2Bdjll2WnCjuU62wdcszRiM4AAh2z%2BX8q8wnhHMSskfT%2FCN7lR3vQO3tGMaL3Hax0Z39RYXcbGnk0pm16o4%2F%2BIJCBaaIXP7eT7f"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 838e2b8f7d8d18e4-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 8C06 43 B
704 B 126ms
88ms Image
image/gif 92.123.148.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-148-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Dec 2023 06:46:49 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame E223 39 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 13:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Dec 2024 13:11:09 GMT

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 31ms
31ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 838e2b8f7d144d7a-FRA
content-length: 24
content-type: text/plain
date: Thu, 21 Dec 2023 06:46:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c3d7JxEjneFAxjLvYjPWFzp8MA9OTBGmdZQU2oWpnU0tUUji8KtqPiwudXHr0Mjbv%2Bwg0xnVdKFDmykiUAeitUuplAn3KwoJ1Oon%2BeZWNcs1KocF55E6FlkmO7h7eIvyM1cACYc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-zz7l

POST
H3 200 rs Show response
ad4m.at/ Frame 6DE4 2 KB
2 KB 35ms
33ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 827b681b94bf2cfceec96e66d640306f3777beae04d28acdb97d80c83f03453d

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V4TNBgAoUNxYSI5nhd%2FU9nZmYdsx%2FrisM3ritmU7WYMDJr3uSofXjnZ9ZB8LjwOI21n0QHd0J6ULX%2BaGuXd3D5bwIZsRmrUlVRTHw8sfcfo6SfVn9LT6uhQuZM1QTS59hRSBZ3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 838e2b8fbd8b4d7a-FRA
x-backend-server: aa-reachservice-group-europe-west1-zz7l
alt-svc: h3=":443"; ma=86400

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B202 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 41316
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 19:18:13 GMT
expires: Thu, 19 Dec 2024 19:18:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BA54 829 B
558 B 17ms
17ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

35a1daa37454a8e44959a9fd08fc0f7f73fdaea2415af1116ca1ea4f05826646

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-B-WMivfyEHHCegt-h26Cdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-B-WMivfyEHHCegt-h26Cdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 06:46:49 GMT
expires: Thu, 21 Dec 2023 06:46:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 5023 350 B
903 B 58ms
19ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1825054
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=af05mUSRB9Fl3t1tKWSNpvDJXYqIAt5HoHsAa7ErRGCjzEojFL7AeoPigjK0eh60zseXgP2DnDwtORRuLaGXkYuynQqEsYTovaun0LG11ko8Q2wJROVhYsJXsyNBl7Dfd5hFT93XihFJLgqU2PNeyHFX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 838e2b8fdf196931-FRA
expires: Fri, 29 Nov 2024 03:49:15 GMT

GET
H3 200 728x90_de-de_performance.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame 92B8 80 KB
19 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e44e8a9cf91c3d915be31bc1d006e1df1cd438c981b592f966c059739694ad2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=ixfvXlJh7S&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19263
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 14:40:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Dec 2023 07:01:43 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 92B8 17 KB
6 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 06:46:49 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EFB4 13 KB
5 KB 8ms
8ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 41316
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 19:18:13 GMT
expires: Thu, 19 Dec 2024 19:18:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5A73 829 B
560 B 17ms
16ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

05f18d7deb515f03df5a908dd7f5cca70dc22807643ead22e1d8a351d882da4e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4RqFvTGAn4Hdw_em9fS_Kg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-4RqFvTGAn4Hdw_em9fS_Kg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 06:46:49 GMT
expires: Thu, 21 Dec 2023 06:46:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 6D79 2 KB
1 KB 20ms
19ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 270995
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 838e2b8faa511ca1-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Thu, 21 Dec 2023 06:46:49 GMT
expires: Wed, 29 Nov 2023 11:19:10 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWK%2Bg4Fj0dUZzT0pCwxkkt5lDd9zLOuGQb%2Ftdo6cAlnsC5gDCLSkkxCs3irxaFZ2hhhs%2Fx2nYVkheV7XBjRs%2BsoRpWwZAPF4ILgMB4SVv4rDXn6WG5X9%2BhHBk7fSXHTLX62U8wE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2FEA 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BBeOFWN-DZauCMKKR5LcPp6a2oA0AAAAAOAHgBAI&bg=!Tk2lTQLNAAY3kmNgF5I7ADQBe5WfOHBF1SlmwxJYOoashHB_521AQBhxz5sKaOrNjE0BVsWjNGq_JfH_rmf34UISoD9vAgAAAKJSAAAAAmgBB5kDbhmuGezES4wegyIDy-BeN08HQiba3ie8RZaoCSrjfVzjPXbQkltQMo6mx3yMB1BV4_N36Gq3xhwtR-_WLXniuIqTM4-AL4XGUwR9C98rjhsneo5rYdf_hRl5NQbBbjZeC8VOeFTR_xTOmI9dThguBrtWz5DXS3M5xDLjN3tPBc30u-iJbfWUOekq_Wka6j6xUm7EIu8ZiuLaEMMOJNYb36Kcr_br62iCAVlc5tJOngHHclg6DS8F36bP4li8A_guq3hBq-2xWXi8Hdj2UP9X4q8EC-ZSPoXqQDBInWN2ALV_eJiFj1LdBwkmrWNOfVLL_doNTCzuhspwVS1s8_lFGLv8UNhr3-RAILb7FSIlBcLUAj2TKtnJzMyu20Tulv6bFaMx6VUMpAkpX4obPAUoAP2zTI3HZyDcGyOQh72nE6DgsZZTBLC5o6F6NLS9OQoVNfAQX8AMBongG73QkCLbFF7U9ddX42xY3pWTo2Obfoso03Se9pJrFG6Pzgg9rvO2mQi0B7HxJ4FS38xm4sMOva5rOwcfRFkgtsZ8EVa6G9a9BAfNn-gE9GAjqEYAdvJfnx-GdbGmj14Dnl6SL56wAxUkzFNo07CiGIXmweuLw-3cO0JtkfkzR18eevw4lEU69mWDOXOVFdMjimaeOztlrzXEx6F_x21rHiVJlhDqtkwJlKTGzFWu8QaossuFKjjRV7yhXWVBk4VR3p6C4ZNKN4ZkxVCF5t-aiHb0Uh76SPDiA63b8Y_byFjOLLroo6auGZZ_zpmivXPX1wZLomKPK2BbT2YuvleBoxtXfBjfdVdguqFOz-DcTP9ZARKqx8cRFHf9f4boOWiM_6g_Wr22qovdo-V-_cU93uEL8FF5eKVaXkPLOuDDrSkJfK4ONp4kNHTA0jnntKRmEBDgoc4S5uvdaoca8CpWGx1CKcExRQhg5v8Xso38DPAOM0mlOmdFRkwaJKBty_e3QWb3wmb-JIXjg7HnJJb6q8IiKy1qAZggTaMLlh4nXyg_QFgw-u2aN1y8vRgijc_aszveKXE3uAsuBZfZ4mU_yoWYlA7LZ7V0Zcikjpbyg4HYKXuKI5TsXWgkadX8LbHcVxeT5_2DfouiQidQTQf7NvODeeXi0RJ-1fbkMIsonlaLp5b9jn4Q-a6ghLa9hgABUbAj4sNP

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 977E 0
0 42ms
42ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=3211755927192484&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 3F38 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 13:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Dec 2024 13:11:09 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BA54 0
0 41ms
41ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=2764356450645395&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame B202 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 13:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Dec 2024 13:11:09 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame E830 11 KB
5 KB 37ms
37ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=182475%2C23576%2C537178&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=120&d=600&e=&g=8cf6a43591fccc20b0076b929fc30251%2F17241071206054002637&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209477&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kwxbp6bhvsjns3e5r1aey05bpp84wt7pehs5s81dpttje05ckd1z11k686y63f2mwknk9mv8f4hp87gqgxwrtfc0j3cfzpwmjk09fsvrsvg731jb1jdxbcx0p2wwbrwncfez2ddsfx1xcvkbnkzk4bm2t5aa3vm5wznqc1ymrfpk28qkbek21ybs28nww26s3syytr6v1r2vb7f2zf8585k85rknc8gf4qw7qvwp3mnp6qkddvfkbc0whvg8rzrw66tyhbq414dj1g1dw64p15g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtP8qWN-DZZPEM8TG5LcP86WskA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0AFP0JFozDTjksQ3ZJm3np-0PJUdnmyx9JRZqtyRwpBR-S-tUCXJSPW0QPYgTC__i0PWy9X1PciXnxdkSxhjrz1F0yqX9kIuGIrrusKtmm8IPU63FAZmlhJjs_XW5U6chSRorQC9aM_sHWql61rgb53XWqaLh6qn6aLrKJDa22IDOSqDfGf_cz1oF4Ke5gIa06YXtLun3a-9_193ykMJwp6WVD9B8rtzztESzR-m7g3-sd4d_XKxpaJ_R9rIIzlUudtSRVzeD63OpgxyP_EiMXTjgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_aGBtvefgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0s8O3PXvgX7MqlmNqmQIQ4lE6aFg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

162130d3448f12a15730a0ff8ac91f75b69f7ac115770b1aa31330d1cf33264e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1h2n06t6rzbmppjfarrgd9gkj80ncr21f48jb2t7echjvpfmreb04gmezx2ewz40kw4wrhwv6re3bbz3mm8y7yp7spsdrcp02hzsjagm3kjas80xtzj1q8b68n1crggtrqfv4t08n4yk3c53qf7j1fe1dsb99cxvt3ztpw4y15njn9sspd5e1fdgt7f6p3cc1rm68ewrd9381de8dmgzt91r57nszfd4h12573fx1ayq65ksjrs2jjpv9x55t4jxra0nrcf8fw7edffygt9dfbj7bgj9a081z5xe1t53kq5mvaym9v7cdrwx583dtc65mjz6a589pv0ta2kkezhw4g6avckrzd7hwka547zq42pyg1eah5jtkb5basqbg1t19xj5sbj32j7xa5xrg9ssdj6xrzyp95kqnc0hngrrmeabjgpm9knbagb2we447csf3x00nr2b7r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtP8qWN-DZZPEM8TG5LcP86WskA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0AFP0JFozDTjksQ3ZJm3np-0PJUdnmyx9JRZqtyRwpBR-S-tUCXJSPW0QPYgTC__i0PWy9X1PciXnxdkSxhjrz1F0yqX9kIuGIrrusKtmm8IPU63FAZmlhJjs_XW5U6chSRorQC9aM_sHWql61rgb53XWqaLh6qn6aLrKJDa22IDOSqDfGf_cz1oF4Ke5gIa06YXtLun3a-9_193ykMJwp6WVD9B8rtzztESzR-m7g3-sd4d_XKxpaJ_R9rIIzlUudtSRVzeD63OpgxyP_EiMXTjgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_aGBtvefgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0s8O3PXvgX7MqlmNqmQIQ4lE6aFg%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 838e2b8ffa981ca1-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 06:46:49 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 06E3 0
19 B 50ms
50ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cz_g8WN-DZYKnOZbvsgf3varACpDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAujw45njXLI-qAMByAMCqgTNAU_QL5zorZeNcsPxh9fJTlYRHEozvvaTPXCZ5cgPYd-70MnYumWc21rIVOqwrBMIEbl30NvMFvje0E3jCvRLQdT9g2FCVT6iuth5tYn8-MEWiB0MUn0IMf8MYPEaw5UMmgCOmyhM3umN1WycDwMUo9i9blxuVA6lqP7cfdY5HrXe9aP4bNejXrtnmMJcKxtF58FWqSR4ED6UWCffsvwVZ2i8ELBS5SzPns26jmuUpkSiZwZhStbNiQJz3mvB3M4_bKCGMI5NeFCEzXLZapSABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli4gIe295-DA4AKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01ODg0Mjk0NDc5MzkxNjM4GJnSIQ&sigh=1skuUFk0K7s&uach_m=%5BUACH%5D&cid=CAQSKQAvHhf_AkEAexBsVJaX0eP-Z949Gp7fHsnwFTqKzhZGHledEaJe4JcGGAE&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208189&bpp=313&bdt=171&idt=660&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=0&ifk=4082199518&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079758%2C44798934%2C95320885&oid=2&pvsid=3853718522373933&tmod=1669376511&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.hbg5n0rfinfl&fsb=1&dtd=663

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208189&bpp=313&bdt=171&idt=660&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=0&ifk=4082199518&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079758%2C44798934%2C95320885&oid=2&pvsid=3853718522373933&tmod=1669376511&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.hbg5n0rfinfl&fsb=1&dtd=663
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 21 Dec 2023 06:46:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame 06E3 0
11 B 19ms
18ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kbfcwh1exm70zn3e5rttf0ep3pk5fxrvbqd07v1whndhzv3c9bv34dv09eyc4gywjg72r7vjzvejzae3nb2f6vhdj0m90q7mqt5t3e03ch4jw72bxeyd451c7edqhsge3922jm4x2pkmnnsn7v3z6caeydrg619dbc38y3tydv7989cwjww8egnbwmmtvpjcrx9873d7shafz9zjm2367n8rcxarrhk84zrfr7r8tw1s5bdch3h75g1fhxeg4jyw4zr2t7qbxgrawet4natq3k2d8e433wf52ghd1p0xta1kzeg6wr3qm8hvd8gxks69v1ksxadsmxr6sj6b31j10pdfqa65rfv90j7zc7hwyzmtmybvgy7sjyfnb8x82azcdqyp5qjfvg0an0&b=ZYPfWAAOU4IK7LeWAAqe975g6QVbCQCSm8w0mA&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703141208189&bpp=313&bdt=171&idt=660&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=403&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=0&ifk=4082199518&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079758%2C44798934%2C95320885&oid=2&pvsid=3853718522373933&tmod=1669376511&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.hbg5n0rfinfl&fsb=1&dtd=663
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 21 Dec 2023 06:46:49 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 643E 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 13:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Dec 2024 13:11:09 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5A73 0
0 41ms
41ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=4409605273235972&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 star_alliance.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame 92B8 6 KB
2 KB 7ms
7ms Fetch
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=ixfvXlJh7S&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:36:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 640
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2334
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 11:06:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Dec 2023 06:51:09 GMT

GET
H3 200 lh_logotype_single.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame 92B8 5 KB
2 KB 8ms
8ms Fetch
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=ixfvXlJh7S&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:42:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2151
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Dec 2023 06:57:04 GMT

GET
H3 200 lh_crane.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame 92B8 2 KB
1 KB 9ms
9ms Fetch
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=ixfvXlJh7S&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Dec 2023 06:58:13 GMT

GET
H3 200 NH_D_NA_New-York-Best-Age_728x90.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame 92B8 53 KB
53 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4703548/NH_D_NA_New-York-Best-Age_728x90.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5de7bf572ade3048f8668bd24935731e84aae70020bef8a6e223e95ae3e3ec96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=ixfvXlJh7S&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:45:11 GMT
x-content-type-options: nosniff
age: 98
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54542
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 09:16:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Dec 2023 07:00:11 GMT

GET
H3 200 LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame 92B8 50 KB
50 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=ixfvXlJh7S&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:32:08 GMT
x-content-type-options: nosniff
age: 881
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51548
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 11:46:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Dec 2023 06:47:08 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame EFB4 39 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 13:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Dec 2024 13:11:09 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame E830 115 KB
14 KB 21ms
20ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C23576%2C537178&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=120&d=600&e=&g=8cf6a43591fccc20b0076b929fc30251%2F17241071206054002637&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209477&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kwxbp6bhvsjns3e5r1aey05bpp84wt7pehs5s81dpttje05ckd1z11k686y63f2mwknk9mv8f4hp87gqgxwrtfc0j3cfzpwmjk09fsvrsvg731jb1jdxbcx0p2wwbrwncfez2ddsfx1xcvkbnkzk4bm2t5aa3vm5wznqc1ymrfpk28qkbek21ybs28nww26s3syytr6v1r2vb7f2zf8585k85rknc8gf4qw7qvwp3mnp6qkddvfkbc0whvg8rzrw66tyhbq414dj1g1dw64p15g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtP8qWN-DZZPEM8TG5LcP86WskA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0AFP0JFozDTjksQ3ZJm3np-0PJUdnmyx9JRZqtyRwpBR-S-tUCXJSPW0QPYgTC__i0PWy9X1PciXnxdkSxhjrz1F0yqX9kIuGIrrusKtmm8IPU63FAZmlhJjs_XW5U6chSRorQC9aM_sHWql61rgb53XWqaLh6qn6aLrKJDa22IDOSqDfGf_cz1oF4Ke5gIa06YXtLun3a-9_193ykMJwp6WVD9B8rtzztESzR-m7g3-sd4d_XKxpaJ_R9rIIzlUudtSRVzeD63OpgxyP_EiMXTjgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_aGBtvefgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0s8O3PXvgX7MqlmNqmQIQ4lE6aFg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=182475%2C23576%2C537178&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=120&d=600&e=&g=8cf6a43591fccc20b0076b929fc30251%2F17241071206054002637&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209477&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kwxbp6bhvsjns3e5r1aey05bpp84wt7pehs5s81dpttje05ckd1z11k686y63f2mwknk9mv8f4hp87gqgxwrtfc0j3cfzpwmjk09fsvrsvg731jb1jdxbcx0p2wwbrwncfez2ddsfx1xcvkbnkzk4bm2t5aa3vm5wznqc1ymrfpk28qkbek21ybs28nww26s3syytr6v1r2vb7f2zf8585k85rknc8gf4qw7qvwp3mnp6qkddvfkbc0whvg8rzrw66tyhbq414dj1g1dw64p15g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtP8qWN-DZZPEM8TG5LcP86WskA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0AFP0JFozDTjksQ3ZJm3np-0PJUdnmyx9JRZqtyRwpBR-S-tUCXJSPW0QPYgTC__i0PWy9X1PciXnxdkSxhjrz1F0yqX9kIuGIrrusKtmm8IPU63FAZmlhJjs_XW5U6chSRorQC9aM_sHWql61rgb53XWqaLh6qn6aLrKJDa22IDOSqDfGf_cz1oF4Ke5gIa06YXtLun3a-9_193ykMJwp6WVD9B8rtzztESzR-m7g3-sd4d_XKxpaJ_R9rIIzlUudtSRVzeD63OpgxyP_EiMXTjgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_aGBtvefgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0s8O3PXvgX7MqlmNqmQIQ4lE6aFg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 706934
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PD4IExJrME0e9kjuKjL5vCOACFDyoms6Bowz9brmShRMR7vt1APsfY1scTNC%2BJRs0GrB8eUsnwoCMgJdpTNfCBSbH3pKgNdz9VylS4orsITI0FuZZt8p9n6KtkgR%2FqKxq3OxiwWPc%2Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 838e2b907aea1ca1-FRA
expires: Fri, 22 Dec 2023 06:46:49 GMT

GET
H3 200 B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
assets.ad4m.at/logo/ Frame E830 5 KB
5 KB 22ms
22ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C23576%2C537178&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=120&d=600&e=&g=8cf6a43591fccc20b0076b929fc30251%2F17241071206054002637&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209477&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kwxbp6bhvsjns3e5r1aey05bpp84wt7pehs5s81dpttje05ckd1z11k686y63f2mwknk9mv8f4hp87gqgxwrtfc0j3cfzpwmjk09fsvrsvg731jb1jdxbcx0p2wwbrwncfez2ddsfx1xcvkbnkzk4bm2t5aa3vm5wznqc1ymrfpk28qkbek21ybs28nww26s3syytr6v1r2vb7f2zf8585k85rknc8gf4qw7qvwp3mnp6qkddvfkbc0whvg8rzrw66tyhbq414dj1g1dw64p15g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtP8qWN-DZZPEM8TG5LcP86WskA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0AFP0JFozDTjksQ3ZJm3np-0PJUdnmyx9JRZqtyRwpBR-S-tUCXJSPW0QPYgTC__i0PWy9X1PciXnxdkSxhjrz1F0yqX9kIuGIrrusKtmm8IPU63FAZmlhJjs_XW5U6chSRorQC9aM_sHWql61rgb53XWqaLh6qn6aLrKJDa22IDOSqDfGf_cz1oF4Ke5gIa06YXtLun3a-9_193ykMJwp6WVD9B8rtzztESzR-m7g3-sd4d_XKxpaJ_R9rIIzlUudtSRVzeD63OpgxyP_EiMXTjgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_aGBtvefgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0s8O3PXvgX7MqlmNqmQIQ4lE6aFg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ff66b97bd8767ce16889bf15fc6e18e59fb7e60edc88bf9ee41416d3031bd24

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45050
cf-polished: origFmt=png, origSize=5231
alt-svc: h3=":443"; ma=86400
content-length: 4680
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 09:43:53 GMT
server: cloudflare
etag: "f16f7910a6ef14de318e485901cfa4a3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=quExmDA%2FXLw7gYFfO%2FELRnFyiBrlxBX2luU%2FXAC6itmcbCipMEa7uaBTo0JNxz2QcT594OiEzGIvo2I0JcId11HVEqDqprB6Niy0ca6ccGU%2BNYlnkFdY4L4WMWtpHEDZccsb5fPzMu24YDLA"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 838e2b907aeb1ca1-FRA

GET
H3 200 B7B46C67E32C8811CDC434C085DAC11692C95AC4470651A2A0ED9ED376F6F61F2A60C696B2F96D97291A7B9462A184BB5383BBC9E9ECDB66ACD89DA815902BC8
assets.ad4m.at/product_image/ Frame E830 34 KB
35 KB 23ms
23ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B7B46C67E32C8811CDC434C085DAC11692C95AC4470651A2A0ED9ED376F6F61F2A60C696B2F96D97291A7B9462A184BB5383BBC9E9ECDB66ACD89DA815902BC8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C23576%2C537178&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=120&d=600&e=&g=8cf6a43591fccc20b0076b929fc30251%2F17241071206054002637&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209477&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kwxbp6bhvsjns3e5r1aey05bpp84wt7pehs5s81dpttje05ckd1z11k686y63f2mwknk9mv8f4hp87gqgxwrtfc0j3cfzpwmjk09fsvrsvg731jb1jdxbcx0p2wwbrwncfez2ddsfx1xcvkbnkzk4bm2t5aa3vm5wznqc1ymrfpk28qkbek21ybs28nww26s3syytr6v1r2vb7f2zf8585k85rknc8gf4qw7qvwp3mnp6qkddvfkbc0whvg8rzrw66tyhbq414dj1g1dw64p15g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtP8qWN-DZZPEM8TG5LcP86WskA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0AFP0JFozDTjksQ3ZJm3np-0PJUdnmyx9JRZqtyRwpBR-S-tUCXJSPW0QPYgTC__i0PWy9X1PciXnxdkSxhjrz1F0yqX9kIuGIrrusKtmm8IPU63FAZmlhJjs_XW5U6chSRorQC9aM_sHWql61rgb53XWqaLh6qn6aLrKJDa22IDOSqDfGf_cz1oF4Ke5gIa06YXtLun3a-9_193ykMJwp6WVD9B8rtzztESzR-m7g3-sd4d_XKxpaJ_R9rIIzlUudtSRVzeD63OpgxyP_EiMXTjgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_aGBtvefgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0s8O3PXvgX7MqlmNqmQIQ4lE6aFg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 274092432a2d58df5ad52ba6b516d96166bada65843299fdca4b8dd6db1d9e89

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1738887
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 35068
cf-bgj: imgq:85,h2pri
last-modified: Thu, 23 Nov 2023 08:00:13 GMT
server: cloudflare
etag: "b517cdc8d5c29fc9ccb387e83f875610"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H38G6ieuCz19YnPQAGIDx41OjLV6ngCzGnN6HWxWp3qCBD%2BVBzaJbQ7wtUKkKyx0Jl3H9sLQP%2FqGhSPedM0qJXn3bdQeNDViEzgeYnxUXOmYHIQSYmNoznWhJDk6SRFv%2FqD1PAGeP6nc3AXk"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 838e2b907aec1ca1-FRA

GET
H3 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame E830 8 KB
8 KB 20ms
19ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C23576%2C537178&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=120&d=600&e=&g=8cf6a43591fccc20b0076b929fc30251%2F17241071206054002637&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209477&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kwxbp6bhvsjns3e5r1aey05bpp84wt7pehs5s81dpttje05ckd1z11k686y63f2mwknk9mv8f4hp87gqgxwrtfc0j3cfzpwmjk09fsvrsvg731jb1jdxbcx0p2wwbrwncfez2ddsfx1xcvkbnkzk4bm2t5aa3vm5wznqc1ymrfpk28qkbek21ybs28nww26s3syytr6v1r2vb7f2zf8585k85rknc8gf4qw7qvwp3mnp6qkddvfkbc0whvg8rzrw66tyhbq414dj1g1dw64p15g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtP8qWN-DZZPEM8TG5LcP86WskA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0AFP0JFozDTjksQ3ZJm3np-0PJUdnmyx9JRZqtyRwpBR-S-tUCXJSPW0QPYgTC__i0PWy9X1PciXnxdkSxhjrz1F0yqX9kIuGIrrusKtmm8IPU63FAZmlhJjs_XW5U6chSRorQC9aM_sHWql61rgb53XWqaLh6qn6aLrKJDa22IDOSqDfGf_cz1oF4Ke5gIa06YXtLun3a-9_193ykMJwp6WVD9B8rtzztESzR-m7g3-sd4d_XKxpaJ_R9rIIzlUudtSRVzeD63OpgxyP_EiMXTjgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_aGBtvefgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0s8O3PXvgX7MqlmNqmQIQ4lE6aFg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35401
cf-polished: qual=85, origFmt=jpeg, origSize=12951
alt-svc: h3=":443"; ma=86400
content-length: 7758
cf-bgj: imgq:85,h2pri
last-modified: Fri, 20 Oct 2023 22:22:01 GMT
server: cloudflare
etag: "12e3523b35b31c7ddfe7c77dcdb14a34"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kudZwQue5CRwJSsvi8VtQj6RtlNDoWbCOC%2FYFUPbGenoP%2BteFgPQSAtSM%2BD%2BaCfu1KpT%2FqqAZyamANkYS0hIdmPGU%2FAT4eZYCZc6pMydvVj%2F5%2FalYGy46jx6AaBxRRrr7Cv0mlgckcS5u4S%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 838e2b909b031ca1-FRA

GET
H3 200 F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame E830 20 KB
21 KB 23ms
22ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C23576%2C537178&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=120&d=600&e=&g=8cf6a43591fccc20b0076b929fc30251%2F17241071206054002637&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209477&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kwxbp6bhvsjns3e5r1aey05bpp84wt7pehs5s81dpttje05ckd1z11k686y63f2mwknk9mv8f4hp87gqgxwrtfc0j3cfzpwmjk09fsvrsvg731jb1jdxbcx0p2wwbrwncfez2ddsfx1xcvkbnkzk4bm2t5aa3vm5wznqc1ymrfpk28qkbek21ybs28nww26s3syytr6v1r2vb7f2zf8585k85rknc8gf4qw7qvwp3mnp6qkddvfkbc0whvg8rzrw66tyhbq414dj1g1dw64p15g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtP8qWN-DZZPEM8TG5LcP86WskA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0AFP0JFozDTjksQ3ZJm3np-0PJUdnmyx9JRZqtyRwpBR-S-tUCXJSPW0QPYgTC__i0PWy9X1PciXnxdkSxhjrz1F0yqX9kIuGIrrusKtmm8IPU63FAZmlhJjs_XW5U6chSRorQC9aM_sHWql61rgb53XWqaLh6qn6aLrKJDa22IDOSqDfGf_cz1oF4Ke5gIa06YXtLun3a-9_193ykMJwp6WVD9B8rtzztESzR-m7g3-sd4d_XKxpaJ_R9rIIzlUudtSRVzeD63OpgxyP_EiMXTjgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_aGBtvefgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0s8O3PXvgX7MqlmNqmQIQ4lE6aFg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8be82f349b2994d7f0ed7fcba5e50ffb8a960f135e513b34730af4578cab9883

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27054
cf-polished: qual=85, origFmt=jpeg, origSize=23329
alt-svc: h3=":443"; ma=86400
content-length: 20802
cf-bgj: imgq:85,h2pri
last-modified: Tue, 31 Oct 2023 16:54:32 GMT
server: cloudflare
etag: "e320c43993ae8577c544483e96756c59"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qpkkfTF%2BhTjytoGFs0IM5QU5sGr300aSuFLg6dmyBgdPW1r2BN4AYyN%2FJJ2NqwxQ09m5oLDe8nAubqeZsQBZjgZkIDHRK1HQhzWPvkA14AqTpk%2B4eCJmAj1YrZDoxejazcdW%2FozR76khAho"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 838e2b909b041ca1-FRA

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame E830
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CMDRubb3n4MDFSmY_Qcd_BIFow;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023122107464991488367715X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite...

49 B
1 KB

53ms
20ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023122107464991488367715X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023122107464991488367715X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=120211&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C23576%2C537178&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=120&d=600&e=&g=8cf6a43591fccc20b0076b929fc30251%2F17241071206054002637&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209477&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kwxbp6bhvsjns3e5r1aey05bpp84wt7pehs5s81dpttje05ckd1z11k686y63f2mwknk9mv8f4hp87gqgxwrtfc0j3cfzpwmjk09fsvrsvg731jb1jdxbcx0p2wwbrwncfez2ddsfx1xcvkbnkzk4bm2t5aa3vm5wznqc1ymrfpk28qkbek21ybs28nww26s3syytr6v1r2vb7f2zf8585k85rknc8gf4qw7qvwp3mnp6qkddvfkbc0whvg8rzrw66tyhbq414dj1g1dw64p15g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtP8qWN-DZZPEM8TG5LcP86WskA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0AFP0JFozDTjksQ3ZJm3np-0PJUdnmyx9JRZqtyRwpBR-S-tUCXJSPW0QPYgTC__i0PWy9X1PciXnxdkSxhjrz1F0yqX9kIuGIrrusKtmm8IPU63FAZmlhJjs_XW5U6chSRorQC9aM_sHWql61rgb53XWqaLh6qn6aLrKJDa22IDOSqDfGf_cz1oF4Ke5gIa06YXtLun3a-9_193ykMJwp6WVD9B8rtzztESzR-m7g3-sd4d_XKxpaJ_R9rIIzlUudtSRVzeD63OpgxyP_EiMXTjgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_aGBtvefgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0s8O3PXvgX7MqlmNqmQIQ4lE6aFg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 21 Dec 2023 06:46:49 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023122107464991488367715X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023122107464991488367715X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=120211&partnerid=12218
date: Thu, 21 Dec 2023 06:46:49 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame E830 7 KB
7 KB 29ms
28ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C23576%2C537178&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=120&d=600&e=&g=8cf6a43591fccc20b0076b929fc30251%2F17241071206054002637&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209477&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kwxbp6bhvsjns3e5r1aey05bpp84wt7pehs5s81dpttje05ckd1z11k686y63f2mwknk9mv8f4hp87gqgxwrtfc0j3cfzpwmjk09fsvrsvg731jb1jdxbcx0p2wwbrwncfez2ddsfx1xcvkbnkzk4bm2t5aa3vm5wznqc1ymrfpk28qkbek21ybs28nww26s3syytr6v1r2vb7f2zf8585k85rknc8gf4qw7qvwp3mnp6qkddvfkbc0whvg8rzrw66tyhbq414dj1g1dw64p15g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtP8qWN-DZZPEM8TG5LcP86WskA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0AFP0JFozDTjksQ3ZJm3np-0PJUdnmyx9JRZqtyRwpBR-S-tUCXJSPW0QPYgTC__i0PWy9X1PciXnxdkSxhjrz1F0yqX9kIuGIrrusKtmm8IPU63FAZmlhJjs_XW5U6chSRorQC9aM_sHWql61rgb53XWqaLh6qn6aLrKJDa22IDOSqDfGf_cz1oF4Ke5gIa06YXtLun3a-9_193ykMJwp6WVD9B8rtzztESzR-m7g3-sd4d_XKxpaJ_R9rIIzlUudtSRVzeD63OpgxyP_EiMXTjgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_aGBtvefgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0s8O3PXvgX7MqlmNqmQIQ4lE6aFg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30803
cf-polished: qual=85, origFmt=jpeg, origSize=8714
alt-svc: h3=":443"; ma=86400
content-length: 6672
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 08:50:26 GMT
server: cloudflare
etag: "52953af169f970e1ac17ba40d8c26548"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c556R0SCTO8a1O656%2FjuexIOoc5G75tDGLOnyJ1l7qzbzoRPaDBhOBwbX28SFLeuF8s3YzDzgqEglS7XhnBTdnjfiVEmVWTOVbitN1HPu8L7VWxTudprxps%2Fg21ggccthSII1AKVamaRap67"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 838e2b909b051ca1-FRA

GET
H3 200 E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
assets.ad4m.at/ Frame E830 25 KB
25 KB 22ms
21ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C23576%2C537178&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=120&d=600&e=&g=8cf6a43591fccc20b0076b929fc30251%2F17241071206054002637&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209477&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kwxbp6bhvsjns3e5r1aey05bpp84wt7pehs5s81dpttje05ckd1z11k686y63f2mwknk9mv8f4hp87gqgxwrtfc0j3cfzpwmjk09fsvrsvg731jb1jdxbcx0p2wwbrwncfez2ddsfx1xcvkbnkzk4bm2t5aa3vm5wznqc1ymrfpk28qkbek21ybs28nww26s3syytr6v1r2vb7f2zf8585k85rknc8gf4qw7qvwp3mnp6qkddvfkbc0whvg8rzrw66tyhbq414dj1g1dw64p15g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtP8qWN-DZZPEM8TG5LcP86WskA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0AFP0JFozDTjksQ3ZJm3np-0PJUdnmyx9JRZqtyRwpBR-S-tUCXJSPW0QPYgTC__i0PWy9X1PciXnxdkSxhjrz1F0yqX9kIuGIrrusKtmm8IPU63FAZmlhJjs_XW5U6chSRorQC9aM_sHWql61rgb53XWqaLh6qn6aLrKJDa22IDOSqDfGf_cz1oF4Ke5gIa06YXtLun3a-9_193ykMJwp6WVD9B8rtzztESzR-m7g3-sd4d_XKxpaJ_R9rIIzlUudtSRVzeD63OpgxyP_EiMXTjgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_aGBtvefgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0s8O3PXvgX7MqlmNqmQIQ4lE6aFg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d276da068fea1049fbb29d0aaeda5b9fa8a38e50b3f55741ffe2899cd52e6d5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1290152
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 25413
cf-bgj: imgq:85,h2pri
last-modified: Wed, 06 Dec 2023 08:24:17 GMT
server: cloudflare
etag: "7e811696e8763f5dce86bbb648013620"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Ra0muptbOZ6G3OrddyF%2BHnXgUfmqbspxFp%2FtiQDHImHLvYu94Y00Hq9rXanAX4UhiRAdA3j%2BbNV9q25NXNlk9sC%2Bm4T26l1hZ81Jy4eGqMbeft4gLqhs%2F12bwmUD0eT9JCrQvrclhDOGYvt"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 838e2b909b061ca1-FRA

GET
H2

200

ztpv.php
www.conrad.de/ Frame E830
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneiddk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPWoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1703141209_b794a160-9fcc-11ee-8661-22610dd0df18&insert=AW&&gdpr=0&gdpr_consent=

0
492 B

57ms
23ms

Image
text/html

2606:4700::6810:c0cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1703141209_b794a160-9fcc-11ee-8661-22610dd0df18&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C23576%2C537178&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=120&d=600&e=&g=8cf6a43591fccc20b0076b929fc30251%2F17241071206054002637&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209477&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kwxbp6bhvsjns3e5r1aey05bpp84wt7pehs5s81dpttje05ckd1z11k686y63f2mwknk9mv8f4hp87gqgxwrtfc0j3cfzpwmjk09fsvrsvg731jb1jdxbcx0p2wwbrwncfez2ddsfx1xcvkbnkzk4bm2t5aa3vm5wznqc1ymrfpk28qkbek21ybs28nww26s3syytr6v1r2vb7f2zf8585k85rknc8gf4qw7qvwp3mnp6qkddvfkbc0whvg8rzrw66tyhbq414dj1g1dw64p15g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtP8qWN-DZZPEM8TG5LcP86WskA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0AFP0JFozDTjksQ3ZJm3np-0PJUdnmyx9JRZqtyRwpBR-S-tUCXJSPW0QPYgTC__i0PWy9X1PciXnxdkSxhjrz1F0yqX9kIuGIrrusKtmm8IPU63FAZmlhJjs_XW5U6chSRorQC9aM_sHWql61rgb53XWqaLh6qn6aLrKJDa22IDOSqDfGf_cz1oF4Ke5gIa06YXtLun3a-9_193ykMJwp6WVD9B8rtzztESzR-m7g3-sd4d_XKxpaJ_R9rIIzlUudtSRVzeD63OpgxyP_EiMXTjgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_aGBtvefgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0s8O3PXvgX7MqlmNqmQIQ4lE6aFg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6810:c0cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
cf-ray: 838e2b911b9a901f-FRA
content-length: 0
expires: -1

Redirect headers

Date: Thu, 21 Dec 2023 06:46:49 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1703141209_b794a160-9fcc-11ee-8661-22610dd0df18&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E223 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?89BMVg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7DAF 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumUXh5d36IdIawiNMu2WhHWPQvIRXnpgHV_yMDJMo87oQU5OWpsSzv1tdaRlfxXMawCIrIXDZBZPc9bgul0BdV6bZ0POb0JDKTcdxse-xiHlp2j3NtmGhXQlA7mm1UHVKdH261IuB700RiixT2b24CWVxomn-TNPtDKdm6R8lKYHfOAsd1X97_EMp6PFYnsphfhMon1iFIRtxihy3J6EbCNhtDacFADEzkw1HmyxYUjgnQZU5GrO_X6xOYri2gXzfB5l0oyCFqHXOu1w3NqRJ9p9uoty41DEK9BpStSXpgung7Je5Q9kBAwVa5FvJZLzqy6uAHQ6010uuzPqR1QVuWoH7NLyXUnUh7HHW3jmNVuuatV_HjhWp-sAgXnmnxl6MPR7CRhmwqZPHlESsGTR4_&sai=AMfl-YQIDwVMYOGS6_mxKKDm2a1BXZLAvRuzNsQe-qbdGqcC3hjB3iI8iAxHZ2pum-nboi2MpZvmtzCfi4L0yGI&sig=Cg0ArKJSzL5c2xu5zoFBEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Dec 2023 06:46:49 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7DAF 16 KB
12 KB 54ms
54ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b9e64afb7fb15e604c6b4822a72a933073e8ad51479872ebe77152a6b413c14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12054
x-xss-protection: 0

POST
H3 200 rs Show response
ad4m.at/ Frame 5023 2 KB
2 KB 31ms
31ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97c1b5fb5a01fa52b1063fccf1cbf7dd91a6749cafec6407f04ffd7824295d30

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZRuLct4lHuZeZIUtYNpEoW%2Fek2cB6OA08Rm0HcBSGQwtjCbx9vCDb8slZrse%2FZR2krQLQsRoVNsY0Smo9iHZDlcUo1ZPJSPO7KDUv67Ros8QrnqsXmJH2jPi0ZUw4gvbS4K%2Fys%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 838e2b910ede4d7a-FRA
x-backend-server: aa-reachservice-group-europe-west1-zz7l
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 27ms
27ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 838e2b90deb44d7a-FRA
content-length: 24
content-type: text/plain
date: Thu, 21 Dec 2023 06:46:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Rta0s%2F0joj1Bn3bUlPQSmhc7d%2F93s5vnGsw2Oo%2FxIMp6IOuQRM0COP2WMRBOoWKbJHEnLSlKkLyhdQbR3sJleiAINBXIo8AWma2Owe9blaFBEeH9Dj0K31%2FzH2jEdg9YLJdQBI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-zz7l

GET
H2 200 link.html Show response
track.webgains.com/ Frame E830 2 KB
2 KB 141ms
80ms Script
text/html 3.9.151.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3766871&wgcampaignid=1384975&wgprogramid=287405&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jv7g7z56z22zjxprb52zg22b4062hx8s6ket8j13d57v9bpf2yvr8634w83fmdas88zq8efkd51x0f32z77q65j9sa8gpe78jes07hq5d0716s50t0bxn4tbkn47hq9gmxh6c524gabnfrpfcckkye7b1vw5pg3196ctyxadm3xdp6thc1v0necbj30wnb1gv1a8jcazpr3dwyw6v49mk5rw4htt32n4q8p3jdffymrks6ja9n4w37mhnfq3r9bypwh0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kwxbp6bhvsjns3e5r1aey05bpp84wt7pehs5s81dpttje05ckd1z11k686y63f2mwknk9mv8f4hp87gqgxwrtfc0j3cfzpwmjk09fsvrsvg731jb1jdxbcx0p2wwbrwncfez2ddsfx1xcvkbnkzk4bm2t5aa3vm5wznqc1ymrfpk28qkbek21ybs28nww26s3syytr6v1r2vb7f2zf8585k85rknc8gf4qw7qvwp3mnp6qkddvfkbc0whvg8rzrw66tyhbq414dj1g1dw64p15g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCtP8qWN-DZZPEM8TG5LcP86WskA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0AFP0JFozDTjksQ3ZJm3np-0PJUdnmyx9JRZqtyRwpBR-S-tUCXJSPW0QPYgTC__i0PWy9X1PciXnxdkSxhjrz1F0yqX9kIuGIrrusKtmm8IPU63FAZmlhJjs_XW5U6chSRorQC9aM_sHWql61rgb53XWqaLh6qn6aLrKJDa22IDOSqDfGf_cz1oF4Ke5gIa06YXtLun3a-9_193ykMJwp6WVD9B8rtzztESzR-m7g3-sd4d_XKxpaJ_R9rIIzlUudtSRVzeD63OpgxyP_EiMXTjgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_aGBtvefgwP6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0s8O3PXvgX7MqlmNqmQIQ4lE6aFg%252526client%25253Dca-pub-5884294479391638%252526adurl%25253D&clickref=oneid41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vwoneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keboneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C23576%2C537178&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=120&d=600&e=&g=8cf6a43591fccc20b0076b929fc30251%2F17241071206054002637&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209477&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kwxbp6bhvsjns3e5r1aey05bpp84wt7pehs5s81dpttje05ckd1z11k686y63f2mwknk9mv8f4hp87gqgxwrtfc0j3cfzpwmjk09fsvrsvg731jb1jdxbcx0p2wwbrwncfez2ddsfx1xcvkbnkzk4bm2t5aa3vm5wznqc1ymrfpk28qkbek21ybs28nww26s3syytr6v1r2vb7f2zf8585k85rknc8gf4qw7qvwp3mnp6qkddvfkbc0whvg8rzrw66tyhbq414dj1g1dw64p15g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtP8qWN-DZZPEM8TG5LcP86WskA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0AFP0JFozDTjksQ3ZJm3np-0PJUdnmyx9JRZqtyRwpBR-S-tUCXJSPW0QPYgTC__i0PWy9X1PciXnxdkSxhjrz1F0yqX9kIuGIrrusKtmm8IPU63FAZmlhJjs_XW5U6chSRorQC9aM_sHWql61rgb53XWqaLh6qn6aLrKJDa22IDOSqDfGf_cz1oF4Ke5gIa06YXtLun3a-9_193ykMJwp6WVD9B8rtzztESzR-m7g3-sd4d_XKxpaJ_R9rIIzlUudtSRVzeD63OpgxyP_EiMXTjgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_aGBtvefgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0s8O3PXvgX7MqlmNqmQIQ4lE6aFg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.151.155 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-151-155.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: e3d83495e1ff638b52407ed3152bdfb99cd837e6fd744e9943f46056c5e53d94

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
last-modified: Thu, 21 Dec 2023 06:46:49 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 21 Dec 2023 06:47:49 GMT

GET
H/1.1 200
OK f5bfe45bb2 Show response
tm.simptrack.com/tm/a/channel/tracker/ Frame CE7A 44 B
1 KB 43ms
15ms Document
image/gif 144.76.159.126
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2?pub=ad4mat
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C23576%2C537178&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=120&d=600&e=&g=8cf6a43591fccc20b0076b929fc30251%2F17241071206054002637&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209477&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kwxbp6bhvsjns3e5r1aey05bpp84wt7pehs5s81dpttje05ckd1z11k686y63f2mwknk9mv8f4hp87gqgxwrtfc0j3cfzpwmjk09fsvrsvg731jb1jdxbcx0p2wwbrwncfez2ddsfx1xcvkbnkzk4bm2t5aa3vm5wznqc1ymrfpk28qkbek21ybs28nww26s3syytr6v1r2vb7f2zf8585k85rknc8gf4qw7qvwp3mnp6qkddvfkbc0whvg8rzrw66tyhbq414dj1g1dw64p15g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtP8qWN-DZZPEM8TG5LcP86WskA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0AFP0JFozDTjksQ3ZJm3np-0PJUdnmyx9JRZqtyRwpBR-S-tUCXJSPW0QPYgTC__i0PWy9X1PciXnxdkSxhjrz1F0yqX9kIuGIrrusKtmm8IPU63FAZmlhJjs_XW5U6chSRorQC9aM_sHWql61rgb53XWqaLh6qn6aLrKJDa22IDOSqDfGf_cz1oF4Ke5gIa06YXtLun3a-9_193ykMJwp6WVD9B8rtzztESzR-m7g3-sd4d_XKxpaJ_R9rIIzlUudtSRVzeD63OpgxyP_EiMXTjgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_aGBtvefgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0s8O3PXvgX7MqlmNqmQIQ4lE6aFg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.159.126 Sankt Augustin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.126.159.76.144.clients.your-server.de
Software: nginx /
Resource Hash: e86d3703af27920836907968ada5890309f2e37d05fafe361cb5d25e9ce02a67

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 44
Content-Type: image/gif
Date: Thu, 21 Dec 2023 06:46:49 GMT
Expires: 0
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: nginx

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7DAF 17 KB
6 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Dec 2023 06:46:49 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3F38 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ZiJkDQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B202 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?0_OwzA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D81A 13 KB
5 KB 9ms
8ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 41316
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Dec 2023 19:18:13 GMT
expires: Thu, 19 Dec 2024 19:18:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7147 829 B
560 B 18ms
18ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b939749db948eaea84109ee57894dd3ed57f7118e239e341c202d97ca58afd45

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Rf7cZL6ZubF2TpebfxPMZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Rf7cZL6ZubF2TpebfxPMZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 06:46:49 GMT
expires: Thu, 21 Dec 2023 06:46:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EFB4 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?KwXOLw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 8F7C 14 KB
5 KB 36ms
36ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862%2C196439%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wV%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C61wtef3fMW9mfeHmHYtEC5kmtYS1T33PTERYG%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=120&d=600&e=&g=3226e58fd0d164c23e4edbb7835f13d7%2F5993780862426970040&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209693&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1khzmcrpwn2as9d8mamhypsznt10xx01mxsgtzxww7y7d8m7m8hsn32h11sqjxr9m64qxqy5s2hdqangym0k5tsq4mvnkz827czbv4a5zzxa0rpkqhw8m2w441pcezm7h2vhqy6hpvsek14m31p99rpxswmqtd2nfzv6r8kbs1ns6vp3q78fnhnfcxawyn5jtrw82tg1qh6ct8qkwwnh7af11sav3y2mrx4c4h67d8vcpqs94w7qcxhpasydheh0swfwe5w8fxzfy4pa0qmx6bjv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCO7sSWN-DZYKnOZbvsgf3varACpDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAujw45njXLI-qAMByAMCqgTQAU_QL5zorZeNcsPxh9fJTlYRHEozvvaTPXCZ5cgPYd-70MnYumWc21rIVOqwrBMIEbl30NvMFvje0E3jCvRLQdT9g2FCVT6iuth5tYn8-MEWiB0MUn0IMf8MYPEaw5UMmgCOmyhM3umN1WycDwMUo9i9blxuVA6lqP7cfdY5HrXe9aP4bNejXrtnmMJcKxtF58FWqSR4ED6UWCffsvwVZ2i8ELBS5SzP3M-bHLxtIQRq4E73kJ9feztn1MbL8tbi7GLPonbZZnycGK5GKlxpX9-ABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli4gIe295-DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3_JXcTwlnbwpUX7EJ9yAcBvwHEeQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9803714dfd9b56be5037e4cf66cb087f8ad9041a8a3d134a2272fcef57e873ee

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hmdhs9f53dpzrd6yd31nkbagxg8tx6q5adyn6z488vwyxsmn3bs35d31aret2mfxghkn40714tc0dqcqwyse0x3rrdvrwc4dy4raww32skgze6pcbzp6hmy9axq4dprzft2ns4wa0dhkwwvne25p5bg2b0qxqqryk2r14xm68amvs1cs1152pz5pdy583xgc402x2fhp23y2awpmm602q14zx1b48yddpf677xzdw3rghf66j6m01f4wxpd9jf0m439qyx4wn19v21737zajyr8tmph44ekrnrhhn1vhk917cpee2br338rg6h89aq87rcse41mezsmzjj4d1n4enp69ejhkmdryhtvyb4netzxprxdjj7p8nt2fxbg3z1qnmkdg31g16f44ydcyxyecyrr7crx5sn6sqjce6kft7mn6tbnc754pzfwnqjb8r5cek7xcvkcxc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO7sSWN-DZYKnOZbvsgf3varACpDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAujw45njXLI-qAMByAMCqgTQAU_QL5zorZeNcsPxh9fJTlYRHEozvvaTPXCZ5cgPYd-70MnYumWc21rIVOqwrBMIEbl30NvMFvje0E3jCvRLQdT9g2FCVT6iuth5tYn8-MEWiB0MUn0IMf8MYPEaw5UMmgCOmyhM3umN1WycDwMUo9i9blxuVA6lqP7cfdY5HrXe9aP4bNejXrtnmMJcKxtF58FWqSR4ED6UWCffsvwVZ2i8ELBS5SzP3M-bHLxtIQRq4E73kJ9feztn1MbL8tbi7GLPonbZZnycGK5GKlxpX9-ABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli4gIe295-DA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3_JXcTwlnbwpUX7EJ9yAcBvwHEeQ%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 838e2b914b981ca1-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 06:46:49 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame D81A 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 13:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Dec 2024 13:11:09 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7147 0
0 42ms
42ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=3853718522373933&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 8F7C 115 KB
14 KB 21ms
20ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C196439%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wV%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C61wtef3fMW9mfeHmHYtEC5kmtYS1T33PTERYG%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=120&d=600&e=&g=3226e58fd0d164c23e4edbb7835f13d7%2F5993780862426970040&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209693&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1khzmcrpwn2as9d8mamhypsznt10xx01mxsgtzxww7y7d8m7m8hsn32h11sqjxr9m64qxqy5s2hdqangym0k5tsq4mvnkz827czbv4a5zzxa0rpkqhw8m2w441pcezm7h2vhqy6hpvsek14m31p99rpxswmqtd2nfzv6r8kbs1ns6vp3q78fnhnfcxawyn5jtrw82tg1qh6ct8qkwwnh7af11sav3y2mrx4c4h67d8vcpqs94w7qcxhpasydheh0swfwe5w8fxzfy4pa0qmx6bjv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCO7sSWN-DZYKnOZbvsgf3varACpDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAujw45njXLI-qAMByAMCqgTQAU_QL5zorZeNcsPxh9fJTlYRHEozvvaTPXCZ5cgPYd-70MnYumWc21rIVOqwrBMIEbl30NvMFvje0E3jCvRLQdT9g2FCVT6iuth5tYn8-MEWiB0MUn0IMf8MYPEaw5UMmgCOmyhM3umN1WycDwMUo9i9blxuVA6lqP7cfdY5HrXe9aP4bNejXrtnmMJcKxtF58FWqSR4ED6UWCffsvwVZ2i8ELBS5SzP3M-bHLxtIQRq4E73kJ9feztn1MbL8tbi7GLPonbZZnycGK5GKlxpX9-ABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli4gIe295-DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3_JXcTwlnbwpUX7EJ9yAcBvwHEeQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862%2C196439%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wV%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C61wtef3fMW9mfeHmHYtEC5kmtYS1T33PTERYG%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=120&d=600&e=&g=3226e58fd0d164c23e4edbb7835f13d7%2F5993780862426970040&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209693&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1khzmcrpwn2as9d8mamhypsznt10xx01mxsgtzxww7y7d8m7m8hsn32h11sqjxr9m64qxqy5s2hdqangym0k5tsq4mvnkz827czbv4a5zzxa0rpkqhw8m2w441pcezm7h2vhqy6hpvsek14m31p99rpxswmqtd2nfzv6r8kbs1ns6vp3q78fnhnfcxawyn5jtrw82tg1qh6ct8qkwwnh7af11sav3y2mrx4c4h67d8vcpqs94w7qcxhpasydheh0swfwe5w8fxzfy4pa0qmx6bjv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCO7sSWN-DZYKnOZbvsgf3varACpDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAujw45njXLI-qAMByAMCqgTQAU_QL5zorZeNcsPxh9fJTlYRHEozvvaTPXCZ5cgPYd-70MnYumWc21rIVOqwrBMIEbl30NvMFvje0E3jCvRLQdT9g2FCVT6iuth5tYn8-MEWiB0MUn0IMf8MYPEaw5UMmgCOmyhM3umN1WycDwMUo9i9blxuVA6lqP7cfdY5HrXe9aP4bNejXrtnmMJcKxtF58FWqSR4ED6UWCffsvwVZ2i8ELBS5SzP3M-bHLxtIQRq4E73kJ9feztn1MbL8tbi7GLPonbZZnycGK5GKlxpX9-ABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli4gIe295-DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3_JXcTwlnbwpUX7EJ9yAcBvwHEeQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 706934
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6KdJghtF3n7c71mMM6AjWj%2Fn%2FotXsDEva0cqGN2pq7j0XJViDRwcIwKOJSP8Mu8JlG4KoEvhdzNoagkByOUOefdTGfo29K5jhWjb08Xl7cDbO%2FLbV88Fl9IwMe2Wq7aiPKY5Xdhv8RM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 838e2b918bd51ca1-FRA
expires: Fri, 22 Dec 2023 06:46:49 GMT

GET
H3 200 AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
assets.ad4m.at/logo/ Frame 8F7C 8 KB
8 KB 19ms
19ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C196439%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wV%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C61wtef3fMW9mfeHmHYtEC5kmtYS1T33PTERYG%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=120&d=600&e=&g=3226e58fd0d164c23e4edbb7835f13d7%2F5993780862426970040&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209693&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1khzmcrpwn2as9d8mamhypsznt10xx01mxsgtzxww7y7d8m7m8hsn32h11sqjxr9m64qxqy5s2hdqangym0k5tsq4mvnkz827czbv4a5zzxa0rpkqhw8m2w441pcezm7h2vhqy6hpvsek14m31p99rpxswmqtd2nfzv6r8kbs1ns6vp3q78fnhnfcxawyn5jtrw82tg1qh6ct8qkwwnh7af11sav3y2mrx4c4h67d8vcpqs94w7qcxhpasydheh0swfwe5w8fxzfy4pa0qmx6bjv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCO7sSWN-DZYKnOZbvsgf3varACpDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAujw45njXLI-qAMByAMCqgTQAU_QL5zorZeNcsPxh9fJTlYRHEozvvaTPXCZ5cgPYd-70MnYumWc21rIVOqwrBMIEbl30NvMFvje0E3jCvRLQdT9g2FCVT6iuth5tYn8-MEWiB0MUn0IMf8MYPEaw5UMmgCOmyhM3umN1WycDwMUo9i9blxuVA6lqP7cfdY5HrXe9aP4bNejXrtnmMJcKxtF58FWqSR4ED6UWCffsvwVZ2i8ELBS5SzP3M-bHLxtIQRq4E73kJ9feztn1MbL8tbi7GLPonbZZnycGK5GKlxpX9-ABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli4gIe295-DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3_JXcTwlnbwpUX7EJ9yAcBvwHEeQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1126261762db36bce53560ac36f5ede1954662d33a6d6eeb62d84b715070e7bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32827
cf-polished: qual=85, origFmt=jpeg, origSize=10446
alt-svc: h3=":443"; ma=86400
content-length: 7728
cf-bgj: imgq:85,h2pri
last-modified: Sat, 04 Nov 2023 16:41:23 GMT
server: cloudflare
etag: "bddcb815cd8abad672404f9cdec6f97c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ITF%2B69%2BDtZa%2Bzd5PmI3u%2F8H5OGQK2GzB4n9uY7xDnXvnA8%2B62rRJpgUdydUgsve1GYn13AOCWga3u1b3SeQmuoIXbduyabK0E8QVUCzPBajNDAuOpF%2BFUKOm8dafpI33Dipaq8JMXy%2B62tnj"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 838e2b918bd61ca1-FRA

GET
H3 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 8F7C 11 KB
12 KB 20ms
20ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C196439%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wV%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C61wtef3fMW9mfeHmHYtEC5kmtYS1T33PTERYG%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=120&d=600&e=&g=3226e58fd0d164c23e4edbb7835f13d7%2F5993780862426970040&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209693&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1khzmcrpwn2as9d8mamhypsznt10xx01mxsgtzxww7y7d8m7m8hsn32h11sqjxr9m64qxqy5s2hdqangym0k5tsq4mvnkz827czbv4a5zzxa0rpkqhw8m2w441pcezm7h2vhqy6hpvsek14m31p99rpxswmqtd2nfzv6r8kbs1ns6vp3q78fnhnfcxawyn5jtrw82tg1qh6ct8qkwwnh7af11sav3y2mrx4c4h67d8vcpqs94w7qcxhpasydheh0swfwe5w8fxzfy4pa0qmx6bjv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCO7sSWN-DZYKnOZbvsgf3varACpDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAujw45njXLI-qAMByAMCqgTQAU_QL5zorZeNcsPxh9fJTlYRHEozvvaTPXCZ5cgPYd-70MnYumWc21rIVOqwrBMIEbl30NvMFvje0E3jCvRLQdT9g2FCVT6iuth5tYn8-MEWiB0MUn0IMf8MYPEaw5UMmgCOmyhM3umN1WycDwMUo9i9blxuVA6lqP7cfdY5HrXe9aP4bNejXrtnmMJcKxtF58FWqSR4ED6UWCffsvwVZ2i8ELBS5SzP3M-bHLxtIQRq4E73kJ9feztn1MbL8tbi7GLPonbZZnycGK5GKlxpX9-ABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli4gIe295-DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3_JXcTwlnbwpUX7EJ9yAcBvwHEeQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7f7f5265aeb0202ce88e8a6dfcc0ca25a7b990bb9ffac2f9e430ae6af2b6154

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24806
cf-polished: qual=85, origFmt=jpeg, origSize=13532
alt-svc: h3=":443"; ma=86400
content-length: 11268
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Nov 2023 22:13:51 GMT
server: cloudflare
etag: "d9fd29c7a268fd485230a60f0d2e0192"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RcW6M2Vz0vq%2B0UepuQPn8jfW0J%2BqPMPxbipM5rDzPhhIU1c%2B79cVMSjTeX6Phu0XlsFURtNfxUzIMs8LBPb2pV2iUyYofqi1WdEbrC4imyQCHaMZWwNro8AQblc0yn75buENcxXqez3VItHX"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 838e2b918bd71ca1-FRA

GET
H3 200 F1668CEEF41AAD8A0C029F9D23FE46EC6F8068CDC15DA60F85AFC1E3BD14A8C560B4DF91D88D53A78DBCC7160246BC21A8B17CCED604428331EE91402A545B83
assets.ad4m.at/logo/ Frame 8F7C 9 KB
10 KB 20ms
20ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F1668CEEF41AAD8A0C029F9D23FE46EC6F8068CDC15DA60F85AFC1E3BD14A8C560B4DF91D88D53A78DBCC7160246BC21A8B17CCED604428331EE91402A545B83
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C196439%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wV%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C61wtef3fMW9mfeHmHYtEC5kmtYS1T33PTERYG%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=120&d=600&e=&g=3226e58fd0d164c23e4edbb7835f13d7%2F5993780862426970040&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209693&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1khzmcrpwn2as9d8mamhypsznt10xx01mxsgtzxww7y7d8m7m8hsn32h11sqjxr9m64qxqy5s2hdqangym0k5tsq4mvnkz827czbv4a5zzxa0rpkqhw8m2w441pcezm7h2vhqy6hpvsek14m31p99rpxswmqtd2nfzv6r8kbs1ns6vp3q78fnhnfcxawyn5jtrw82tg1qh6ct8qkwwnh7af11sav3y2mrx4c4h67d8vcpqs94w7qcxhpasydheh0swfwe5w8fxzfy4pa0qmx6bjv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCO7sSWN-DZYKnOZbvsgf3varACpDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAujw45njXLI-qAMByAMCqgTQAU_QL5zorZeNcsPxh9fJTlYRHEozvvaTPXCZ5cgPYd-70MnYumWc21rIVOqwrBMIEbl30NvMFvje0E3jCvRLQdT9g2FCVT6iuth5tYn8-MEWiB0MUn0IMf8MYPEaw5UMmgCOmyhM3umN1WycDwMUo9i9blxuVA6lqP7cfdY5HrXe9aP4bNejXrtnmMJcKxtF58FWqSR4ED6UWCffsvwVZ2i8ELBS5SzP3M-bHLxtIQRq4E73kJ9feztn1MbL8tbi7GLPonbZZnycGK5GKlxpX9-ABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli4gIe295-DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3_JXcTwlnbwpUX7EJ9yAcBvwHEeQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dd5bb9fda081a3cb1bd6d513edb1a71746031bec07d8c646abe5813ba9dd4c4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 558465
cf-polished: qual=85, origFmt=jpeg, origSize=13332
alt-svc: h3=":443"; ma=86400
content-length: 9604
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Nov 2023 17:02:02 GMT
server: cloudflare
etag: "23e86ef8ba51d351917574e3e8d33ca5"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INslOMqTgbu8hVdenUOJMR82Ofi2rKQ6GRwxANCPbpKKSrP7aFc0WIC9JoxKdD7pT%2BarmZroRTzm6W%2FwioBhy4tcXWRvp2%2FV3cJCE%2F44WGuZvCyDqtpE9mhJg%2FVzV9WYD%2FU1iwQq0DD5LypW"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 838e2b919bda1ca1-FRA

GET
H3 200 96AA637161FCFF7D0AE42DD0E3CF6E6A33D7A2D96B5FF2BDA5B1A8E0996EEB464D78D8CE114DFCCD8F5FCF559382B5A858EE2F2DD03A6307DB4B399DF7A75EC6
assets.ad4m.at/product_image/ Frame 8F7C 38 KB
39 KB 25ms
24ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/96AA637161FCFF7D0AE42DD0E3CF6E6A33D7A2D96B5FF2BDA5B1A8E0996EEB464D78D8CE114DFCCD8F5FCF559382B5A858EE2F2DD03A6307DB4B399DF7A75EC6
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C196439%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wV%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C61wtef3fMW9mfeHmHYtEC5kmtYS1T33PTERYG%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=120&d=600&e=&g=3226e58fd0d164c23e4edbb7835f13d7%2F5993780862426970040&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209693&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1khzmcrpwn2as9d8mamhypsznt10xx01mxsgtzxww7y7d8m7m8hsn32h11sqjxr9m64qxqy5s2hdqangym0k5tsq4mvnkz827czbv4a5zzxa0rpkqhw8m2w441pcezm7h2vhqy6hpvsek14m31p99rpxswmqtd2nfzv6r8kbs1ns6vp3q78fnhnfcxawyn5jtrw82tg1qh6ct8qkwwnh7af11sav3y2mrx4c4h67d8vcpqs94w7qcxhpasydheh0swfwe5w8fxzfy4pa0qmx6bjv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCO7sSWN-DZYKnOZbvsgf3varACpDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAujw45njXLI-qAMByAMCqgTQAU_QL5zorZeNcsPxh9fJTlYRHEozvvaTPXCZ5cgPYd-70MnYumWc21rIVOqwrBMIEbl30NvMFvje0E3jCvRLQdT9g2FCVT6iuth5tYn8-MEWiB0MUn0IMf8MYPEaw5UMmgCOmyhM3umN1WycDwMUo9i9blxuVA6lqP7cfdY5HrXe9aP4bNejXrtnmMJcKxtF58FWqSR4ED6UWCffsvwVZ2i8ELBS5SzP3M-bHLxtIQRq4E73kJ9feztn1MbL8tbi7GLPonbZZnycGK5GKlxpX9-ABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli4gIe295-DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3_JXcTwlnbwpUX7EJ9yAcBvwHEeQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f69ebf9ca7ae850e32198a052f55963edf2902c4c59db49df9bfa7a00e1cbca3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29367
cf-polished: qual=85, origFmt=jpeg, origSize=40773
alt-svc: h3=":443"; ma=86400
content-length: 38886
cf-bgj: imgq:85,h2pri
last-modified: Thu, 02 Nov 2023 08:21:41 GMT
server: cloudflare
etag: "a04ac696e19d12e5d2c10644577cb8fe"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lsUlgnU4MEipxEhRzjc4vMy%2FvVRDhCZkgQsO0o3d7YC03DjLFILitunSIPiO8EpBDihyH3AnPY5YpCcYv3iXizzwIfSbq6i6KX7JOCOVHm83MZTmipzlAIDvH4PM5Ig0DKBQHkhJUrMkpEOO"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 838e2b919bdc1ca1-FRA

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 8F7C
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CKu3w7b3n4MDFUaSgwcdP1UGUA;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wVoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1703141209_b7b521b0-9fcc-11ee-9488-2234841a3abe

0
549 B

58ms
14ms

Image
text/plain

87.118.116.9
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1703141209_b7b521b0-9fcc-11ee-9488-2234841a3abe
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C196439%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wV%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C61wtef3fMW9mfeHmHYtEC5kmtYS1T33PTERYG%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=120&d=600&e=&g=3226e58fd0d164c23e4edbb7835f13d7%2F5993780862426970040&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209693&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1khzmcrpwn2as9d8mamhypsznt10xx01mxsgtzxww7y7d8m7m8hsn32h11sqjxr9m64qxqy5s2hdqangym0k5tsq4mvnkz827czbv4a5zzxa0rpkqhw8m2w441pcezm7h2vhqy6hpvsek14m31p99rpxswmqtd2nfzv6r8kbs1ns6vp3q78fnhnfcxawyn5jtrw82tg1qh6ct8qkwwnh7af11sav3y2mrx4c4h67d8vcpqs94w7qcxhpasydheh0swfwe5w8fxzfy4pa0qmx6bjv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCO7sSWN-DZYKnOZbvsgf3varACpDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAujw45njXLI-qAMByAMCqgTQAU_QL5zorZeNcsPxh9fJTlYRHEozvvaTPXCZ5cgPYd-70MnYumWc21rIVOqwrBMIEbl30NvMFvje0E3jCvRLQdT9g2FCVT6iuth5tYn8-MEWiB0MUn0IMf8MYPEaw5UMmgCOmyhM3umN1WycDwMUo9i9blxuVA6lqP7cfdY5HrXe9aP4bNejXrtnmMJcKxtF58FWqSR4ED6UWCffsvwVZ2i8ELBS5SzP3M-bHLxtIQRq4E73kJ9feztn1MbL8tbi7GLPonbZZnycGK5GKlxpX9-ABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli4gIe295-DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3_JXcTwlnbwpUX7EJ9yAcBvwHEeQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 87.118.116.9 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: km36617.keymachine.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Dec 2023 06:46:49 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Thu, 21 Dec 2023 06:46:49 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1703141209_b7b521b0-9fcc-11ee-9488-2234841a3abe
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 71822252443746CAFD12D9E55FD268C1CD4E723FC7E6FEA7C619297C18F60F705EDC75D8C302298612ADE97D145F0B4D195653C63CDD1F77FE140282FF3AC22A
assets.ad4m.at/logo/ Frame 8F7C 10 KB
10 KB 21ms
21ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/71822252443746CAFD12D9E55FD268C1CD4E723FC7E6FEA7C619297C18F60F705EDC75D8C302298612ADE97D145F0B4D195653C63CDD1F77FE140282FF3AC22A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C196439%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wV%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C61wtef3fMW9mfeHmHYtEC5kmtYS1T33PTERYG%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=120&d=600&e=&g=3226e58fd0d164c23e4edbb7835f13d7%2F5993780862426970040&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209693&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1khzmcrpwn2as9d8mamhypsznt10xx01mxsgtzxww7y7d8m7m8hsn32h11sqjxr9m64qxqy5s2hdqangym0k5tsq4mvnkz827czbv4a5zzxa0rpkqhw8m2w441pcezm7h2vhqy6hpvsek14m31p99rpxswmqtd2nfzv6r8kbs1ns6vp3q78fnhnfcxawyn5jtrw82tg1qh6ct8qkwwnh7af11sav3y2mrx4c4h67d8vcpqs94w7qcxhpasydheh0swfwe5w8fxzfy4pa0qmx6bjv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCO7sSWN-DZYKnOZbvsgf3varACpDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAujw45njXLI-qAMByAMCqgTQAU_QL5zorZeNcsPxh9fJTlYRHEozvvaTPXCZ5cgPYd-70MnYumWc21rIVOqwrBMIEbl30NvMFvje0E3jCvRLQdT9g2FCVT6iuth5tYn8-MEWiB0MUn0IMf8MYPEaw5UMmgCOmyhM3umN1WycDwMUo9i9blxuVA6lqP7cfdY5HrXe9aP4bNejXrtnmMJcKxtF58FWqSR4ED6UWCffsvwVZ2i8ELBS5SzP3M-bHLxtIQRq4E73kJ9feztn1MbL8tbi7GLPonbZZnycGK5GKlxpX9-ABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli4gIe295-DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3_JXcTwlnbwpUX7EJ9yAcBvwHEeQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40df2b78182e4ea8c29b45c73a0e7bef10dc5ab61798ce22238d039d2bd81b92

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32094
cf-polished: origFmt=png, origSize=10653
alt-svc: h3=":443"; ma=86400
content-length: 9924
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Nov 2023 11:11:38 GMT
server: cloudflare
etag: "ca1cf24fc82b7541b262f0d4b15a8100"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2t50fQY8qyKIXZoOHPn53Igf%2FGAv%2BJNw83756ka0JqB83FscimgAmtlIinqWBhk4cSX64Bc62X6AmkdLJZlX5Rc%2BJl4yPcSWQK6gDyslSwlsd%2FmjLqEqxDXNKN6g05GKhjVPLaotAQsXD5dP"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 838e2b919bdd1ca1-FRA

GET
H3 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame 8F7C 28 KB
28 KB 25ms
25ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C196439%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wV%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C61wtef3fMW9mfeHmHYtEC5kmtYS1T33PTERYG%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=120&d=600&e=&g=3226e58fd0d164c23e4edbb7835f13d7%2F5993780862426970040&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209693&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1khzmcrpwn2as9d8mamhypsznt10xx01mxsgtzxww7y7d8m7m8hsn32h11sqjxr9m64qxqy5s2hdqangym0k5tsq4mvnkz827czbv4a5zzxa0rpkqhw8m2w441pcezm7h2vhqy6hpvsek14m31p99rpxswmqtd2nfzv6r8kbs1ns6vp3q78fnhnfcxawyn5jtrw82tg1qh6ct8qkwwnh7af11sav3y2mrx4c4h67d8vcpqs94w7qcxhpasydheh0swfwe5w8fxzfy4pa0qmx6bjv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCO7sSWN-DZYKnOZbvsgf3varACpDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAujw45njXLI-qAMByAMCqgTQAU_QL5zorZeNcsPxh9fJTlYRHEozvvaTPXCZ5cgPYd-70MnYumWc21rIVOqwrBMIEbl30NvMFvje0E3jCvRLQdT9g2FCVT6iuth5tYn8-MEWiB0MUn0IMf8MYPEaw5UMmgCOmyhM3umN1WycDwMUo9i9blxuVA6lqP7cfdY5HrXe9aP4bNejXrtnmMJcKxtF58FWqSR4ED6UWCffsvwVZ2i8ELBS5SzP3M-bHLxtIQRq4E73kJ9feztn1MbL8tbi7GLPonbZZnycGK5GKlxpX9-ABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli4gIe295-DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3_JXcTwlnbwpUX7EJ9yAcBvwHEeQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dc0b8445f80ad134748d7c83953db4326302247a34ba6fa2239b61836930842

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3206544
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 28452
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:10:32 GMT
server: cloudflare
etag: "ad60aab65075d58e4390c75c7ea7b04e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LYttoHCIOqQU7FBFI4Ebb29uZ%2Bca1lri3j%2FJLLG89HCFmSWgEov9DYyrqWEiG3ZWzTIfgpu3BLaQgSeT2FNufEqt83msxFLdvoxRJ3BJjhKvdaDh1eZ%2FY%2B70qKmK3mRVatRVGuoTR8BweGQp"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 838e2b919bde1ca1-FRA

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D81A 0
10 B 9ms
7ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?29wP0w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 link.html Show response
track.webgains.com/ Frame 8F7C 2 KB
2 KB 72ms
71ms Script
text/html 3.9.151.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&wgprogramid=286305&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jwq6v255zq4eqdw7k5xbka2den0jkkkjff793xr8n4ry4sc2xpekqbjqnrfwvpph6g4h54bq46zwwe6jhgwg2h5c6mhtay4dbz13z1hhx32trct00vs2pjhj9s1b95scdc3yn2c73ekawnvtd8xbg5fn0zqgf0kghf3vfwcae93at9q7tg6n4sy755xstpfyvsnyjd4x6fgxvap13g535d31kvwpzrt8dtdtz2rmyrfjn8qk01f924x8ek2pdqfp6zg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1khzmcrpwn2as9d8mamhypsznt10xx01mxsgtzxww7y7d8m7m8hsn32h11sqjxr9m64qxqy5s2hdqangym0k5tsq4mvnkz827czbv4a5zzxa0rpkqhw8m2w441pcezm7h2vhqy6hpvsek14m31p99rpxswmqtd2nfzv6r8kbs1ns6vp3q78fnhnfcxawyn5jtrw82tg1qh6ct8qkwwnh7af11sav3y2mrx4c4h67d8vcpqs94w7qcxhpasydheh0swfwe5w8fxzfy4pa0qmx6bjv%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCO7sSWN-DZYKnOZbvsgf3varACpDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAujw45njXLI-qAMByAMCqgTQAU_QL5zorZeNcsPxh9fJTlYRHEozvvaTPXCZ5cgPYd-70MnYumWc21rIVOqwrBMIEbl30NvMFvje0E3jCvRLQdT9g2FCVT6iuth5tYn8-MEWiB0MUn0IMf8MYPEaw5UMmgCOmyhM3umN1WycDwMUo9i9blxuVA6lqP7cfdY5HrXe9aP4bNejXrtnmMJcKxtF58FWqSR4ED6UWCffsvwVZ2i8ELBS5SzP3M-bHLxtIQRq4E73kJ9feztn1MbL8tbi7GLPonbZZnycGK5GKlxpX9-ABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli4gIe295-DA_oLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3_JXcTwlnbwpUX7EJ9yAcBvwHEeQ%252526client%25253Dca-pub-5884294479391638%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C196439%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wV%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C61wtef3fMW9mfeHmHYtEC5kmtYS1T33PTERYG%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=120&d=600&e=&g=3226e58fd0d164c23e4edbb7835f13d7%2F5993780862426970040&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209693&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1khzmcrpwn2as9d8mamhypsznt10xx01mxsgtzxww7y7d8m7m8hsn32h11sqjxr9m64qxqy5s2hdqangym0k5tsq4mvnkz827czbv4a5zzxa0rpkqhw8m2w441pcezm7h2vhqy6hpvsek14m31p99rpxswmqtd2nfzv6r8kbs1ns6vp3q78fnhnfcxawyn5jtrw82tg1qh6ct8qkwwnh7af11sav3y2mrx4c4h67d8vcpqs94w7qcxhpasydheh0swfwe5w8fxzfy4pa0qmx6bjv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCO7sSWN-DZYKnOZbvsgf3varACpDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAujw45njXLI-qAMByAMCqgTQAU_QL5zorZeNcsPxh9fJTlYRHEozvvaTPXCZ5cgPYd-70MnYumWc21rIVOqwrBMIEbl30NvMFvje0E3jCvRLQdT9g2FCVT6iuth5tYn8-MEWiB0MUn0IMf8MYPEaw5UMmgCOmyhM3umN1WycDwMUo9i9blxuVA6lqP7cfdY5HrXe9aP4bNejXrtnmMJcKxtF58FWqSR4ED6UWCffsvwVZ2i8ELBS5SzP3M-bHLxtIQRq4E73kJ9feztn1MbL8tbi7GLPonbZZnycGK5GKlxpX9-ABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli4gIe295-DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3_JXcTwlnbwpUX7EJ9yAcBvwHEeQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.151.155 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-151-155.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 2c105909f98456ad56f1f95391eb57cf6e64d8060d67485d166a0256ae621f95

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
last-modified: Thu, 21 Dec 2023 06:46:49 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 21 Dec 2023 06:47:49 GMT

GET
H2 429 link.html
track.webgains.com/ Frame 8F7C 0
0 27ms
27ms Script
text/html 3.9.151.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2370525&wgcampaignid=1384975&wgprogramid=265645&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kwpvpxpd7gvxvnbawrsd8z3xrcjxcw817jgvmqfy0wkeby77pygkaeprkmjc6nfaj16eh5k3ynpw7915mdbd5jb9r4ep33fcs42ft1h3c0rczsd88ddy85qd83hp0wfx6jjavx1k80nqwk5nneddgez0c30751s6qqweznczc3dmh8r6853kxq9cg127b68qy70k25k7m1kz3vhvyhrdd6y9myed2c9frh1td7cpt2s8rjzj60wvmzybdsw9xtyngd0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1khzmcrpwn2as9d8mamhypsznt10xx01mxsgtzxww7y7d8m7m8hsn32h11sqjxr9m64qxqy5s2hdqangym0k5tsq4mvnkz827czbv4a5zzxa0rpkqhw8m2w441pcezm7h2vhqy6hpvsek14m31p99rpxswmqtd2nfzv6r8kbs1ns6vp3q78fnhnfcxawyn5jtrw82tg1qh6ct8qkwwnh7af11sav3y2mrx4c4h67d8vcpqs94w7qcxhpasydheh0swfwe5w8fxzfy4pa0qmx6bjv%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCO7sSWN-DZYKnOZbvsgf3varACpDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAujw45njXLI-qAMByAMCqgTQAU_QL5zorZeNcsPxh9fJTlYRHEozvvaTPXCZ5cgPYd-70MnYumWc21rIVOqwrBMIEbl30NvMFvje0E3jCvRLQdT9g2FCVT6iuth5tYn8-MEWiB0MUn0IMf8MYPEaw5UMmgCOmyhM3umN1WycDwMUo9i9blxuVA6lqP7cfdY5HrXe9aP4bNejXrtnmMJcKxtF58FWqSR4ED6UWCffsvwVZ2i8ELBS5SzP3M-bHLxtIQRq4E73kJ9feztn1MbL8tbi7GLPonbZZnycGK5GKlxpX9-ABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli4gIe295-DA_oLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3_JXcTwlnbwpUX7EJ9yAcBvwHEeQ%252526client%25253Dca-pub-5884294479391638%252526adurl%25253D&clickref=oneid9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneidZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C196439%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wV%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C61wtef3fMW9mfeHmHYtEC5kmtYS1T33PTERYG%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=120&d=600&e=&g=3226e58fd0d164c23e4edbb7835f13d7%2F5993780862426970040&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209693&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1khzmcrpwn2as9d8mamhypsznt10xx01mxsgtzxww7y7d8m7m8hsn32h11sqjxr9m64qxqy5s2hdqangym0k5tsq4mvnkz827czbv4a5zzxa0rpkqhw8m2w441pcezm7h2vhqy6hpvsek14m31p99rpxswmqtd2nfzv6r8kbs1ns6vp3q78fnhnfcxawyn5jtrw82tg1qh6ct8qkwwnh7af11sav3y2mrx4c4h67d8vcpqs94w7qcxhpasydheh0swfwe5w8fxzfy4pa0qmx6bjv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCO7sSWN-DZYKnOZbvsgf3varACpDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAujw45njXLI-qAMByAMCqgTQAU_QL5zorZeNcsPxh9fJTlYRHEozvvaTPXCZ5cgPYd-70MnYumWc21rIVOqwrBMIEbl30NvMFvje0E3jCvRLQdT9g2FCVT6iuth5tYn8-MEWiB0MUn0IMf8MYPEaw5UMmgCOmyhM3umN1WycDwMUo9i9blxuVA6lqP7cfdY5HrXe9aP4bNejXrtnmMJcKxtF58FWqSR4ED6UWCffsvwVZ2i8ELBS5SzP3M-bHLxtIQRq4E73kJ9feztn1MbL8tbi7GLPonbZZnycGK5GKlxpX9-ABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli4gIe295-DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3_JXcTwlnbwpUX7EJ9yAcBvwHEeQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.151.155 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-151-155.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 06:46:49 GMT
server: awselb/2.0
content-length: 45
content-type: text/html

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame E830 53 KB
19 KB 75ms
17ms Script
application/javascript 52.85.92.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3766871&wgcampaignid=1384975&wgprogramid=287405&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jv7g7z56z22zjxprb52zg22b4062hx8s6ket8j13d57v9bpf2yvr8634w83fmdas88zq8efkd51x0f32z77q65j9sa8gpe78jes07hq5d0716s50t0bxn4tbkn47hq9gmxh6c524gabnfrpfcckkye7b1vw5pg3196ctyxadm3xdp6thc1v0necbj30wnb1gv1a8jcazpr3dwyw6v49mk5rw4htt32n4q8p3jdffymrks6ja9n4w37mhnfq3r9bypwh0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kwxbp6bhvsjns3e5r1aey05bpp84wt7pehs5s81dpttje05ckd1z11k686y63f2mwknk9mv8f4hp87gqgxwrtfc0j3cfzpwmjk09fsvrsvg731jb1jdxbcx0p2wwbrwncfez2ddsfx1xcvkbnkzk4bm2t5aa3vm5wznqc1ymrfpk28qkbek21ybs28nww26s3syytr6v1r2vb7f2zf8585k85rknc8gf4qw7qvwp3mnp6qkddvfkbc0whvg8rzrw66tyhbq414dj1g1dw64p15g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCtP8qWN-DZZPEM8TG5LcP86WskA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0AFP0JFozDTjksQ3ZJm3np-0PJUdnmyx9JRZqtyRwpBR-S-tUCXJSPW0QPYgTC__i0PWy9X1PciXnxdkSxhjrz1F0yqX9kIuGIrrusKtmm8IPU63FAZmlhJjs_XW5U6chSRorQC9aM_sHWql61rgb53XWqaLh6qn6aLrKJDa22IDOSqDfGf_cz1oF4Ke5gIa06YXtLun3a-9_193ykMJwp6WVD9B8rtzztESzR-m7g3-sd4d_XKxpaJ_R9rIIzlUudtSRVzeD63OpgxyP_EiMXTjgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_aGBtvefgwP6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0s8O3PXvgX7MqlmNqmQIQ4lE6aFg%252526client%25253Dca-pub-5884294479391638%252526adurl%25253D&clickref=oneid41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vwoneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keboneid__suite_Netmix_Reach121_BESTPERFORMER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.92.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-92-55.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:59:03 GMT
content-encoding: gzip
via: 1.1 e37f79ad8aac2f2f2e74a09fc473b7be.cloudfront.net (CloudFront)
last-modified: Sat, 09 Dec 2023 12:01:22 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
age: 17276
x-amz-server-side-encryption: AES256
etag: W/"1180a1bfee0aad979766ecd6180b923e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 7N1zUpVeeJfNtVeudKKW1MN7dFggL6qW6Xjp6peuXtr7R2LmugU5yw==

GET
H2 200 1630077001_jF1b8Jfj1B39nVsMmTxKrB0cNJRh2QB8.jpg
cdn.track.production.webgains.team/287405/ Frame E830 55 KB
56 KB 64ms
17ms Image
image/jpeg 52.222.191.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/287405/1630077001_jF1b8Jfj1B39nVsMmTxKrB0cNJRh2QB8.jpg?Expires=1703141509&Signature=L1rdKmzm11907M1l~EmRCF5Tn7aOB9nGIoi0xWl1iok2cUlKteleJYrN1DgkuBMqCcfEp~HXR9G8E5CHt9895TfocwmwKOhMQLWk90c7c4PlPy6zymoqeR8CvyL1Ro0ttDDj~fprPDyUUF8BPvyr8lCdvJZFRz6zF7-5HtkZkmGvovKjVM04fbnuEa159D1keiFckWqCa4ZaHkcNmu0A2msUvRfbEkZ3xSXxebEPIzF68jP09kpx9CHzQATa1vm3x3820Y0KyiZzsj7zk7naSdtKo85FicNB2~paH8RspeMF-Yn4vYTGt3wvNLPYLpY5hAXtAPk4Bz6Pbe5jGkxpCA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C23576%2C537178&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2C1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2Cw7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=120&d=600&e=&g=8cf6a43591fccc20b0076b929fc30251%2F17241071206054002637&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209477&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kwxbp6bhvsjns3e5r1aey05bpp84wt7pehs5s81dpttje05ckd1z11k686y63f2mwknk9mv8f4hp87gqgxwrtfc0j3cfzpwmjk09fsvrsvg731jb1jdxbcx0p2wwbrwncfez2ddsfx1xcvkbnkzk4bm2t5aa3vm5wznqc1ymrfpk28qkbek21ybs28nww26s3syytr6v1r2vb7f2zf8585k85rknc8gf4qw7qvwp3mnp6qkddvfkbc0whvg8rzrw66tyhbq414dj1g1dw64p15g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtP8qWN-DZZPEM8TG5LcP86WskA-Q4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLo8OOZ41yyPqgDAcgDAqoE0AFP0JFozDTjksQ3ZJm3np-0PJUdnmyx9JRZqtyRwpBR-S-tUCXJSPW0QPYgTC__i0PWy9X1PciXnxdkSxhjrz1F0yqX9kIuGIrrusKtmm8IPU63FAZmlhJjs_XW5U6chSRorQC9aM_sHWql61rgb53XWqaLh6qn6aLrKJDa22IDOSqDfGf_cz1oF4Ke5gIa06YXtLun3a-9_193ykMJwp6WVD9B8rtzztESzR-m7g3-sd4d_XKxpaJ_R9rIIzlUudtSRVzeD63OpgxyP_EiMXTjgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_aGBtvefgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0s8O3PXvgX7MqlmNqmQIQ4lE6aFg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.191.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-191-121.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f24acd57aec035fffd76b0bbd29ed438417cbb1d355e95c99ad044d74dc68c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 21 Dec 2023 06:14:03 GMT
via: 1.1 e028ce7d5e71301b0e973ef66c9bbff8.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:42:17 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
age: 73937
etag: "4e56b45a1411ee8d71fc40bc011df5b0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 56674
x-amz-cf-id: LtgnBDeiiyuCHmzUJVsm7mci3vkfUk9-dvsuzc5dy_hG34wFOfPruA==

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 8F7C 53 KB
19 KB 19ms
19ms Script
application/javascript 52.85.92.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&wgprogramid=286305&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jwq6v255zq4eqdw7k5xbka2den0jkkkjff793xr8n4ry4sc2xpekqbjqnrfwvpph6g4h54bq46zwwe6jhgwg2h5c6mhtay4dbz13z1hhx32trct00vs2pjhj9s1b95scdc3yn2c73ekawnvtd8xbg5fn0zqgf0kghf3vfwcae93at9q7tg6n4sy755xstpfyvsnyjd4x6fgxvap13g535d31kvwpzrt8dtdtz2rmyrfjn8qk01f924x8ek2pdqfp6zg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1khzmcrpwn2as9d8mamhypsznt10xx01mxsgtzxww7y7d8m7m8hsn32h11sqjxr9m64qxqy5s2hdqangym0k5tsq4mvnkz827czbv4a5zzxa0rpkqhw8m2w441pcezm7h2vhqy6hpvsek14m31p99rpxswmqtd2nfzv6r8kbs1ns6vp3q78fnhnfcxawyn5jtrw82tg1qh6ct8qkwwnh7af11sav3y2mrx4c4h67d8vcpqs94w7qcxhpasydheh0swfwe5w8fxzfy4pa0qmx6bjv%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCO7sSWN-DZYKnOZbvsgf3varACpDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAujw45njXLI-qAMByAMCqgTQAU_QL5zorZeNcsPxh9fJTlYRHEozvvaTPXCZ5cgPYd-70MnYumWc21rIVOqwrBMIEbl30NvMFvje0E3jCvRLQdT9g2FCVT6iuth5tYn8-MEWiB0MUn0IMf8MYPEaw5UMmgCOmyhM3umN1WycDwMUo9i9blxuVA6lqP7cfdY5HrXe9aP4bNejXrtnmMJcKxtF58FWqSR4ED6UWCffsvwVZ2i8ELBS5SzP3M-bHLxtIQRq4E73kJ9feztn1MbL8tbi7GLPonbZZnycGK5GKlxpX9-ABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli4gIe295-DA_oLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3_JXcTwlnbwpUX7EJ9yAcBvwHEeQ%252526client%25253Dca-pub-5884294479391638%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.92.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-92-55.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 01:59:03 GMT
content-encoding: gzip
via: 1.1 e37f79ad8aac2f2f2e74a09fc473b7be.cloudfront.net (CloudFront)
last-modified: Sat, 09 Dec 2023 12:01:22 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C1
age: 17276
x-amz-server-side-encryption: AES256
etag: W/"1180a1bfee0aad979766ecd6180b923e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: RP60TsX1Q07jtt5AcpyemTlZx4skjV7FkjJvGBiF423_Bjb6lmOPSQ==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 8F7C 15 KB
15 KB 22ms
22ms Image
image/png 52.222.191.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1703141509&Signature=KIgnwyBe2GS9Nz~MUe8L4MAO-3Cp1P~CMA5sXtzzpYUHA9-G8R5~9JfzB~MG7A5WnWKKdIctGKM~sq9YWL8H2ORdrYjTolIe7mNtCw9gcwKBEpjEPZugYHrNQDCh1EccGjaRrC-58a-eEYMQ3ZRx~Y86RYZeYGyPueT1zFiFaGRMWMN6yEdDwVAlrxf3AjD9BAP32cw2eiEjWXcz1Ad5-43J1i6daE00PbtXXyolOimZczN7D2zeqbjWN42eG1oobJ36IEVRFWGmZgGuq5CWj1WUrUtq8Vl8qDqBjljTI8AJ2aYk7Nr6c5zIL-gOsOrPHHkGOiBExPnr9xzO2gBVwg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C196439%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CM7YHzfrfjePRUWHEHGtDt2jpCBS4TxxZhE2wV%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2C61wtef3fMW9mfeHmHYtEC5kmtYS1T33PTERYG%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=120&d=600&e=&g=3226e58fd0d164c23e4edbb7835f13d7%2F5993780862426970040&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703141209693&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1khzmcrpwn2as9d8mamhypsznt10xx01mxsgtzxww7y7d8m7m8hsn32h11sqjxr9m64qxqy5s2hdqangym0k5tsq4mvnkz827czbv4a5zzxa0rpkqhw8m2w441pcezm7h2vhqy6hpvsek14m31p99rpxswmqtd2nfzv6r8kbs1ns6vp3q78fnhnfcxawyn5jtrw82tg1qh6ct8qkwwnh7af11sav3y2mrx4c4h67d8vcpqs94w7qcxhpasydheh0swfwe5w8fxzfy4pa0qmx6bjv%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCO7sSWN-DZYKnOZbvsgf3varACpDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAujw45njXLI-qAMByAMCqgTQAU_QL5zorZeNcsPxh9fJTlYRHEozvvaTPXCZ5cgPYd-70MnYumWc21rIVOqwrBMIEbl30NvMFvje0E3jCvRLQdT9g2FCVT6iuth5tYn8-MEWiB0MUn0IMf8MYPEaw5UMmgCOmyhM3umN1WycDwMUo9i9blxuVA6lqP7cfdY5HrXe9aP4bNejXrtnmMJcKxtF58FWqSR4ED6UWCffsvwVZ2i8ELBS5SzP3M-bHLxtIQRq4E73kJ9feztn1MbL8tbi7GLPonbZZnycGK5GKlxpX9-ABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli4gIe295-DA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3_JXcTwlnbwpUX7EJ9yAcBvwHEeQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.191.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-191-121.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: null
date: Wed, 20 Dec 2023 08:34:37 GMT
via: 1.1 e028ce7d5e71301b0e973ef66c9bbff8.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C2
age: 79933
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: daq68BmvniShkgM1FWRbaJg7maFacwMSgoxPNXuTL7ic0muQCqXkyg==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F8DB 42 B
64 B 49ms
49ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuAyu2Aodp0WE6mSaRmT1S63-G8_1cvREQqyiOy3e9JIeBz2UQMDpIwSBZQti4AtbtodDn1ZtPUt6vg5vwdI143K9g74pnzKvEIdbam5RQQ9GUDCHedIVqmR5YUaeqrEhMIQNb7SnAo6n1tcCi4uLLtgQXj&sai=AMfl-YRMPpqdUA5YHyscsWBHP9OsESOb1jSz3rO_rIDHX13bvK2iMUoZHxqJCNQY55KJxG9nbwCgx3pSrYW9n2ojrysr5ZX8xhKBqrQ&sig=Cg0ArKJSzHd0jxJBraQXEAE&cid=CAQSKQAvHhf_wgjazA8Et6wOzPZsBybFF4XIfVWek7E9nQAzq-feh89nw29WGAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1418711512&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703141208550&rpt=635&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9BD9 42 B
64 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrz-9nECQSnYcRIRjah6VoSEIwnPYT4Pex3-xEQ0C6UP0w02YPXjEZRK9lv0qSNXpomFH1yY3j2MuCqHD0HYPOI_DZe4R9ylkzmUh8vwp12H-VAzcqlQ6RbCxR67_8GU5xmIGyhpRxYv_Z9GklFsTMdQ&sig=Cg0ArKJSzEhub4mWe6zFEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1412529771&rs=1&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703141207991&rpt=1215&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Dec 2023 06:46:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9BD9 0
0 45ms
44ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=224282422352283&bg=!xMelx4jNAAY3kmNgF5I7ADQBe5WfOO2TKD25s4SlMEVIQVDhCtf4lfg0ncuPNSguDMf8FbV76ep0FK3PPo3nkmoVgv-GAgAAAJpSAAAAAmgBB5kDS62iAfstvfZrfPsjjMeZRvjsnO9phcfzWrXa8y4YqXRl2EP52Svqln0KBKPVhmtkvtY6M82cSllc8wWQXUmy3kIy0cvuRER1MCN8iK9rKugUpOOqXGE6JoRFvYfL4KEdBj8XJBgzRX7TdiNRt3SF_SdKU3TmGzlCHWSYZBOkp7xJn6guRy60nQUkOGkHhk-Re0ZiVjlcIWtOEtdJHmyVNkMN7-nta_EnGDGdyW8EwFffTSSxDoEjA7rnhlIqo_klSJqxR9WqppP1NzJJNYdGo2RZw9SUk8L5nACb3oZ5YIwij_3djivg3WsRojv9euNsEYBoFjvDC_ddFXHpdldmVjrz531Fq1x0xRL1Dqzbrlf9CaSZ-zhZcefVlWzVPLMMQ04G9bxOglJ6AYzMcEn3B9PKJEVV-7d81T6D7vuu5JucXQ8x77ZDu3Zg4w7gN_osqFeBL0WXGCEEMJ51-iMWOoUDXa0Nlyjw4jO4BM2ovJ-SxRCfBdM47QquHTagKnjEXW9NmSnVP5XbJhsahOE5okw184pJGXiOHHOvGc-gJLfzVsClmbVeNUhCxhhUtdCvNjS2uCFr5dyIQycNtx8VchKNGxtvpabPAXjofzWKEipmFILXCt71vYRFzdj4HPFHe-A-oztQx_zADsAon8phKhvw9GRRi-EOFKcHJpeG_9C2gBU-xatywTwdVJegFIGO3TmZyH6SLq2Zd6BF7WxXhxyw0lAQEz2NBVLqnX5s0iQTqbfS-9A5FYclC6ietnQIkKkPLL0EubjmakSGDPb4MmCm6EZJ5Dodlz6Xjdz09YKtqZxOAFFopM2Q45B1T-rmhX17OSeORSh8YZI1GeCh9ABqMPgSGxWl5nSaKPTTgfWUU71GFanCXEWxiNFsO5vrnRBWnpOvrFzfKpbblKlMWXbs7NC-mayLDJLhIm41TTv6NtCP7jcgfh_UaZFeM8Sz2pbleXnki1SVI6WKy99HADuh5oRCoIDEPXqzLP0KhW9y18OSaV2pN_W00LZj7nufQ9DqMhbXTgW5qCt2sIii8fSQbyzbFVnotdzWjuMDWjGfdv-d-ABT495X43sEu-30Q3Yt3aDU7iiJTjaB0CqNj73gVUVKah1f2t1elQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame ADBA 0
0 43ms
43ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=3211755927192484&bg=!y8ilyIfNAAY3kmNgF5I7ADQBe5WfOAgKro3YtbKUZ6hQssH5smuKyFPaQZghgOs6YrHRpdAyc7TIB6JrZ3YcaaYXnrFjAgAAAKBSAAAAAmgBB5kDTQuOQ9lDmO__jfaYEJ3hTutHeLUOhl6uUaFWWMf0ouTHxRoAZutCUtpUbBr_GfoEWmZl5cPsC0topn71If7FIlcVa4s6epHxfUpt4-RE8c7Kzef0H7uXuIdrj84tiBcec-djp8YoFsG-PeNsUa_IlqlZULBbitYMvrdR_pNC2WQoz1p-MOaVUoXc9EQj0uSRshyBgyO-jxR6l00o2ueOfyaAnFtn2ITB0GJThM5QclZEqnFF6ZZBchugy-IUh0SkWZwmQPeKNbwyE_qhfKcKcGhg0CjM73ZYs-u7uBK-GcQxOFeEHKSUet_qyuANQwgpNz0aUEGpkdbLrCZeM8pwz5TcsRU2S7IWhLEs-DXJ-Dv2vO6jZ8kvlAQA2-4UYevy8HB0_Tvqv_z1kbZEdG5QEsmHWYOHU2bduCg2KMw3PsE1GoPE5IAs99VA0qq2PjvJmAnJJHe-pQIpKn0DcPap7VB3Fcuux4EpWsrRXtsJ7U-3iWhMeXgZ4EXdWMMCNDe9aMuwYSRGy13DT94iddSz-6JXGh-SeII1ffyXRGQVIy2oXFXvjVkXi2lL_20KH2Azpexcp8yaboxZNGp_fci05UwV7lpk0K0EuI9Vaco2ieZr0_5MCAcb86H1UZUNjHhWorYz4t4EiF4nnhxo7wzjyzukxwDEbeJxFhD-Zbic8qnrUabFNiG_OYOvslBpDgUtShQNVfhV2d5k6kOxL2WsDkjv5hYs_l7HsrQBnbFioeMo0nhwEMyCvupGT8W7XCpQ4BA8iM63hzwxPXr3Jy6ESJnK4DrFp0jjofiJBqYtZhHN9rZPpSKv9FsTquN2MNu7sAR5AWyExNDX5kW6aLQvTtoWtSiRwQgJ8h8YC-OCN2iZUEAAiLpOLKDjAwHtgFBswWltmE7_LONZmIdOwYmldPUJiya3qtgV4eKHuEZzO3-P-ASHDmsGmmHUSu2EVfYH4oqnEQ_gsja7zxQvH79xeSZePR9xwbfGbXFIqd-83TOlWJMjJeh28LlOpzOTbCIa0mF81oewfxohilclT0qMDtPQCfYZHU3VgC5t8ehzUNMquFzKQxzewH05mSK2jcQApbnuYpYQ-NuyTHSF5vWPlbm0y3EyhM6-qqqfPKam
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B876 0
0 45ms
45ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=2764356450645395&bg=!d3SldDvNAAY3kmNgF5I7ADQBe5WfOK3fbssGDYs4sStAqnU0tzKnMyhWUiMLSeuP2B50A3vZEpzAtE2In9wc3VhVje6VAgAAAJdSAAAAAmgBB5kDLAW7lRqjyymYdpN1WR1O9G4l-HwuuUqqGrUUhAOV8Sk3bl0AfJHFWZRQcNVYbqNp7uhn8fPPjdXIzJwjwNX7pbY8q1f8pkp7_aQ7vkverURj8xkaCN7EOZEruAYgptR9O0oGD_PZI5XRokh_RgZfkHfQ8TVsnACk87yC9u-Pj8G-LIa-5EM7_b_n_dhYV3ffLWJd6GT3FMp4IsCNv2G6COG-WqOLDjGgu2O9DWPiOhjdKXwcIWKB1mtgQ190svqvN8ZdnRrPGoG_AMegdlYwBXIe180yXTP9m-G5WxSfIKqfXzdN30jPRj1-zjdrQonOaaVOButw2csjtHBUPShZn274eBMEuVB5jNnw_TZjz7mis8nGZ7npFc49VoBOAfhvF5x0-FOX0DUYMmliZ7m7BfgbcKpHCtoVkjSKzR9b2bOKkESR5VrQzYEErCaL-YTskvxBovP4Wtq0v2myLN3y6NG8tkUQuCR9n55W-f8QTpBRGAEOj4qgGfh76LkL9LXyMVs749qZJqtXY8EfU2GbzOD6svKZKt3hdouawVbAficYyGvh1KPn3DzakrNdQQPkjrq7JpXziZfeBOQ2ZhH-ufRabEdm4KRK7CMfEY5mO2vSjhzE7Fa2NY-bdXbA_Gt9xmNGJlhnE3uGGB85W3O5NqPF4ynVst_wtDfl-9xVElaGirvd4ElVPW9WDElEMvf0-yYMFsqjaWiaU2W0R-RdTErloT-FjF8vSImJ5QJDw4s9Z6WVOCgD0rfGPvxreX--3GyV9KCdi7SVisxuyoH5jwmrqXuz0lyt189WS_XRTPAiLq-TY1B1J9X9fJ_Fvm6cM9Rq_wQSrh3sDAk8LLVxL3r3-KNLQoM-mQ4rtJhHVS48pRVw8UuLSQOc3qlU-TO-UPNyu-uuHuCNgJ8reDkvdrOm_OGGNL2w3It4znnFYfVOPA0PE4d-mEmPGqaP2wyCU1cOcFXfbm5SOe5g7fKqgMAz4sfWhjZmAe7qDlzWeN9GeiHqvPiTLBbR4D13N0mlDmrpBjcLAyi1VbIjvezUhEbPykOZVmcKw4yRs59zC6L5-PLrk5SZ3eOGlIb1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0A14 0
0 44ms
44ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=4409605273235972&bg=!n5ylnNPNAAY3kmNgF5I7ADQBe5WfOPtK5R45U36GqgxnkbBiV7tdI1PDw7iC7HGMS7ALPfHAZ_XcD1qn00JMZgErDC8pAgAAAF9SAAAAAmgBB5kDQPRVX2pPQU1APfVxHRPHX3hQY8L5O6NZTMZvSc2lIZCNZHg-Y0jLgpdqg5IN1RpDaMVleg5Ma4UgOyqPxgBb844ZMtowLaV-gdbU8Ap97P8pGt_uc_QFYQpm5Zn7IVg-Fo3y1jkFEZXVtyJATdf7PBaL8HmeWMOrJPdq1ujyi7j0HadpZKD_N2jSIIyYHfJ3ZpmTPQOBzJ-uhUpVwzVYp0uMBjC4P0y6eVjeKYVIDmzO5FnJjlBHl_QfPM3rlEfFNjYoNHhS2wUwLiW2sgpZVgqXKcVRbOsyacNGkdzLpZIFgc5gycA0LmBIiWjrkefEVz7Tj_1Zyn2r20ZsVZPOuL_fI1nkfQVCOCeRafPJD_SoVTwr7tIWn74wLZyyB8HYHMiBlS23UR64VydE84062mm5lTo4YBlAX-0Qmq7rXaTuZVWztzz4gioOjUgB8PNLfiOgfX4sam1ylp_xExX5mzK-wULT4FwEujTOtPDKV6dTKhLoLDEyF3LfqsogsalkCM3cMeapB70c9Fa8h0LNc3B2i0nIe_TAJ-xBJvp-awymk6Jr_S4PNeyba1YB8obKnppjCWsJ1a_fd2yzwHiIq5aeNu8-dg_ehrravB13gwqPckZaxtFuTRDTSbF0B7c5764_0k1CjuYyvxMHAWgT9oE8KjRFsgGQJM86qzCUrZ65UHsqH2xkJOm7ZBj2a0hC1Xur-_1S9Os6brZ6TP0TpUdID1VepqwXL1FvfGAe2ZKqbFZaggi1ZwnlQ5owAeoGX0OkPBo961x0uk7Ai9FCtbNHi2tmxAlfoNnrih2jkrNC15tU80AGnaEqy0S5zm7cvQzML58rHOVpaWzIDh0qJ7w05Ve-OECesR2eD60zyr71af_f78FLbgVEcs01cZR0zkWMgvVCbroH49QCRpI3jfjFfojp6VJHZLMBJXlM3xJP0feq0Fd3wP40cEzpmKZCRbuhYK_lky0kFk2Ipy4d2e76c3w1w5qO5At_E7uF0hUfmlSUOJL0G1Ythz_T_R-wH_fUNjpzbTu-AZnjEVcD-fq0Cb8QvSLUQ2JxHtscvykvYBOQVVl_4bY8eRcRf1FWcPXdZdgCIcikJ-0tjv0h-kc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7DAF 0
0 45ms
44ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=3853718522373933&bg=!DA-lD0DNAAY3kmNgF5I7ADQBe5WfOC8maaqF4m5LDMOEq1g9kmFCU-huNnLRpCQRJYnD4-fufer4xCeR8mdAFmx2ACTVAgAAADVSAAAAAWgBB5kDNwOifzSen-Zd_wpUbN7EkdYB22sZiP4W_S2unsXkNVYASxNJN-9JT8dzgtv4WNxwLCWVHYLc1Rk6GzvH4x65RZ92fKRuBvR7qd6U7J6NKo6N1yv-ownUOMQbxr2CUrnU6LMpSAgqwr1RJKB8g9PpncHlAv4rQelGgTzVTLzsV1y4T9pfEDG1g5lkzyt3LJ-qwEhDPXtt2vK0poj4zGgFvyoRfCuH8corxKXOkpgTZgR_BnD5iQMeYdo9OAwx54IyQMwP6Fp3J83v_jEK0tJ9gR8utuSc5kQVWbSD_meUKoDTfe8V_8CvzBb0oBU8j8heCZ0_tyaEGCE6hIixXo2CtFqg3J_RXgx6tSVdpo5Tbtld7UkPikTZfPh_UPH3B0_TbXXV6PotR3i-NByz7ba8TM6lui3q44oYAid-IVVVfur4Em2sayzgkrD89hIRYiGf0p3AeF2rzrTPCffCCN2CIpQUaDgYf35aBfRRJvo8s2F9U014uAti6T3e2_5u40UsGWseESDMYJt-FMqxY-8kFBIqJi4qkcqdFp8SI6J1eyhqGTI5pCZYm-W-ua_INWI_jmlNoVlLo1qcrn5Ggmr6n-mZMx0ofvU08D3ujYWkXrpWlPm_UjbE4qA_C7u0KhW7nfFs41mA4TztNuKpjkkGuswSRtTEwwhwKjtsASvYw-MjugfloS15QylvQmj6mOloKCPEFta8KD6FAVotgP2e9rmHYIiFrOffVaoVzsIUf3h4RVid23vJYWvm9-ZxxsaUpfGdjrfDSSU1K-gqEpiKi8nJi_HJk-rZ2Xj5w8o7RCNTwg9xXt0z1Jf6CQvU6SSz0fCiMGs-j165gvF1WptLa4C8P2SxW1ZCGvhxxjWmVA8NtzVHaoUUwFED48SOYuy2_ngFm9O8mTYtoaoCs0XaYgTaGcaeIj-CWPjt2y7ZwdPhBSJ-bTxTEJR9YSvDgt1NI0YVhIgleOJwJ3GG49a7GyuIhIuR4FwKjoFyrGKtPCRueIsPtm8sLVGbIscqWWMuyD9i4QjkQGf5yd92mnn4vaWIOdRdbwuSo-wcPMxP7REuWc5Ag-0gla-Q3drQa4ivchDCREpXIKI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame E830 16 B
209 B 68ms
68ms Fetch
application/json 35.177.175.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.177.175.102 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-177-175-102.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 Dec 2023 06:46:50 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 85ms
19ms Preflight 35.177.175.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.177.175.102 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-177-175-102.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 21 Dec 2023 06:46:50 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 8F7C 16 B
209 B 62ms
62ms Fetch
application/json 35.177.175.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.177.175.102 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-177-175-102.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 Dec 2023 06:46:50 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 78ms
18ms Preflight 35.177.175.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.177.175.102 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-177-175-102.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 21 Dec 2023 06:46:50 GMT
server: nginx

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ad4m.at/cookie-frame.html	1970-01-20 17:48:53	Name: userId Value: K3ZCuDlV5iUY6IVPpyqjQNUZixKDkNmd
.xgcartoon.com/	1970-01-21 01:51:17	Name: _ga Value: amp-kGEOsD9Hc3wpXXK9PzBGsA
.statcounter.com/	1970-01-21 02:41:41	Name: is_unique Value: sc12916097.1703141206.0
.statcounter.com/	1970-01-21 02:41:41	Name: is_visitor_unique Value: 1703141206163763224
.doubleclick.net/	1970-01-21 02:27:17	Name: IDE Value: AHWqTUmaMNBr8SKVBPQCvfLcWxxL4e0aFSE4wjBtrtc1pd5w0TE7CJOYlkZ_Lgr2VA4
.travelaudience.com/	1970-01-21 02:37:22	Name: _tracker Value: %7B%22UUID%22%3A%220380E47E-5148-495C-3B7F-D7D44F0C3E5F%22%7D
.csync.loopme.me/	1970-01-20 19:16:43	Name: viewer_token Value: 35bb907b-32e3-4a04-8de3-cdb8f88d5bb3
.adnxs.com/	1970-01-20 19:15:17	Name: uuid2 Value: 9110684057710845943
.adnxs.com/	1970-01-20 19:15:17	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVPs'=X'!]tbPl1M>e)ZlrFUfJ+tGXxp)^B<W:Iol:>XVmkwIHeqZEw>2W^NEH5wK4'5bpRzqF1`b`7H/$]k
.casalemedia.com/	1970-01-20 19:15:17	Name: CMPS Value: 2201
.3lift.com/	1970-01-20 19:15:17	Name: tluid Value: 1423919730102390396341
.w55c.net/	1970-01-21 02:37:22	Name: wfivefivec Value: PbRX2wgH1RgcPv5
m.exactag.com/	1970-01-20 19:15:17	Name: exactag_new_gk Value: f14d1f2004d3403f8a298e33383cbca4%7C19.02.2024%2006%3A46%3A49
m.exactag.com/	1970-01-20 21:24:53	Name: exactag_new_uk Value: 9698a2d91066442ab4f70a318e6a6cb1%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 0736a1c63a5f4de9b00c66ef
.casalemedia.com/	1970-01-21 01:51:17	Name: CMID Value: ZYPfWSHpnNLfpWuV.LZDnQAA
.casalemedia.com/	1970-01-20 19:15:17	Name: CMPRO Value: 2201
.w55c.net/	1970-01-20 17:48:53	Name: matchgoogle Value: 5
.everesttech.net/	1970-01-21 01:51:17	Name: everest_g_v2 Value: g_surferid~ZYPfWQAIhEKWDwBU
.quantserve.com/	1970-01-20 19:15:17	Name: d Value: EGkBCQHbKoEA
.quantserve.com/	1970-01-21 02:35:55	Name: mc Value: 6583df59-3bc4b-bc377-ab582
.adform.net/	1970-01-20 17:50:19	Name: C Value: 1
ads.travelaudience.com/	1970-01-21 02:37:22	Name: _tracker Value: %7B%22UUID%22%3A%220380E47E-5148-495C-3B7F-D7D44F0C3E5F%22%7D
.adform.net/	1970-01-20 18:32:05	Name: uid Value: 2574530856336157750
.lijit.com/	1970-01-21 01:51:17	Name: ljt_reader Value: H21WpGZHRJwVYKItSQOQ-hZK
.1rx.io/	1970-01-21 01:51:17	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-f469cf96-bcfb-4c37-82d8-aaaee8bc7a46-003%22%7D
.turn.com/	1970-01-20 21:24:53	Name: uid Value: 2883877609603998546
.awin1.com/	1970-01-20 17:08:34	Name: awpv14702 Value: 412871\|1703141209\|b7802f00-9fcc-11ee-a9f2-22382f104756
.targeting.unrulymedia.com/	1970-01-21 01:51:17	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-f469cf96-bcfb-4c37-82d8-aaaee8bc7a46-003%22%7D
.awin1.com/	1970-01-20 17:08:34	Name: awpv20044 Value: 412871\|1703141209\|b78426a0-9fcc-11ee-bd07-2236e1f32b64
.doubleclick.net/	1970-01-20 21:24:53	Name: APC Value: AfxxVi6AEol1XJ7IRWcWiKDRHWlfuM-72c8yz8qshNUWn1qUNmHVrg
.awin1.com/	1970-01-20 17:10:00	Name: awpv11354 Value: 412871\|1703141209\|b794a160-9fcc-11ee-8661-22610dd0df18
.simptrack.com/	1970-01-20 19:15:17	Name: ntm_tps__4011 Value: NNDNwbS6GRejC0cY22RhZsmNw2MaAZ_2KsFvW0oLzLhRFB7QrqnuV-qhjROV8O68MxJvR6F0rvuMYatKk7GC8Hr82ZI7hHZ9ynP7G39-24-UhnRuxqefx2koeG1IXUTWDl_YNfb7hXscIEGM7-kv88sZUBCvQE3CZEvfPaXKHkUqB8GVtb-571W-foHGyIcI-rS3h5qIJD5PnakMN1IXJDGUZyUe3nF2P__523Cr4tfoEUsKvdzj6Q2Ro0dU0wl5R0FFP2RFi0LqGyVlgFH83TlNZQ7HjB2TNNNNNNNNNVf4U
.simptrack.com/	1970-01-20 19:15:17	Name: ntm_tps__5920 Value: ..NNNRD6qaezfzoN-QtOVRu7KzNl_I30_wvcby3vINknDc-AOkhOeRnFcw3s1aihArkRiauWsCJbSbpoMZt9fzi9zrNyQ_JyOZ2DBxjMDxocpYCmyE1dnu2f4QOlYUeeZvrsTfpPPvVnGJoq2v4AyieUWhQj4aUX15M8grCRaTZLuica0QOwx7Tb2lnU2akLXKoiTH3XI3rZeA2hCbufai7FJ46YMzOxf3k7HHpXATBM_M41xIPTjHvgm8ZXBlFEnZ1mbpMeqrEsUIIv_OXAfbsXTCL34UOCnHz8i16Lxw-HXCEmjZy05ELfaMMvqxMi3ybmZrBwWdrEyBZiBR_pnCse39cd9Km4oQ0m34QcjKg2nXRoa6d5oDLWEVAJDzBSh-frqFwy7Gf0_TFOZP_HKCJYNNNNNNNNNVf4U
.simptrack.com/	1970-01-20 19:15:17	Name: v0rur7gqspb3_uid Value: 97b16e3094fd2b3e
www.conrad.de/	1970-01-20 17:10:00	Name: HTLP_timestamp Value: 1703141209789
www.conrad.de/	1970-01-20 17:10:00	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 17:05:43	Name: __cf_bm Value: kr1f07_NS5BffJr5CCNdG7WBjN2YgA0VlRc8qbnZ3Lg-1703141209-1-AVWBZC24xPTBz7Xae50WeDrCf21i6jRHIqf1tB5gTa2XJ6f+rtrLsdSSJy7YnUPY9hHk7tmMRaItvDVu5beSD6o=
.o2online.de/	1970-01-20 17:15:46	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTcwMzE0MTIwOXZsZWExZGUyMDIzMTIyMTA3NDY0OTkxNDg4MzY3NzE1WDEyMDIxMVYxMjI2MTMyNzAyTVN2aWV3b25laWQxUVl0YmZLZlh6WHM5SGRIOXRBdDIycmgyU0tUR0c4U3g3WFFvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTIxX0JFU1RQRVJGT1JNRVIxMjAyMTE
.o2online.de/	1970-01-20 17:15:46	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 17:15:46	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023122107464991488367715X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=120211&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTcwMzE0MTIwOXZsZWExZGUyMDIzMTIyMTA3NDY0OTkxNDg4MzY3NzE1WDEyMDIxMVYxMjI2MTMyNzAyT
.awin1.com/	1970-01-20 17:15:46	Name: awpv11938 Value: 412871\|1703141209\|b7b521b0-9fcc-11ee-9488-2234841a3abe
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
.congstar.de/	1970-01-20 17:15:49	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1703141209_b7b521b0-9fcc-11ee-9488-2234841a3abe%22%2C%22sp%22%3A%22awin%22%7D

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network	error	URL: https://track.webgains.com/link.html?wglinkid=2370525&wgcampaignid=1384975&wgprogramid=265645&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kwpvpxpd7gvxvnbawrsd8z3xrcjxcw817jgvmqfy0wkeby77pygkaeprkmjc6nfaj16eh5k3ynpw7915mdbd5jb9r4ep33fcs42ft1h3c0rczsd88ddy85qd83hp0wfx6jjavx1k80nqwk5nneddgez0c30751s6qqweznczc3dmh8r6853kxq9cg127b68qy70k25k7m1kz3vhvyhrdd6y9myed2c9frh1td7cpt2s8rjzj60wvmzybdsw9xtyngd0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1khzmcrpwn2as9d8mamhypsznt10xx01mxsgtzxww7y7d8m7m8hsn32h11sqjxr9m64qxqy5s2hdqangym0k5tsq4mvnkz827czbv4a5zzxa0rpkqhw8m2w441pcezm7h2vhqy6hpvsek14m31p99rpxswmqtd2nfzv6r8kbs1ns6vp3q78fnhnfcxawyn5jtrw82tg1qh6ct8qkwwnh7af11sav3y2mrx4c4h67d8vcpqs94w7qcxhpasydheh0swfwe5w8fxzfy4pa0qmx6bjv%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCO7sSWN-DZYKnOZbvsgf3varACpDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAujw45njXLI-qAMByAMCqgTQAU_QL5zorZeNcsPxh9fJTlYRHEozvvaTPXCZ5cgPYd-70MnYumWc21rIVOqwrBMIEbl30NvMFvje0E3jCvRLQdT9g2FCVT6iuth5tYn8-MEWiB0MUn0IMf8MYPEaw5UMmgCOmyhM3umN1WycDwMUo9i9blxuVA6lqP7cfdY5HrXe9aP4bNejXrtnmMJcKxtF58FWqSR4ED6UWCffsvwVZ2i8ELBS5SzP3M-bHLxtIQRq4E73kJ9feztn1MbL8tbi7GLPonbZZnycGK5GKlxpX9-ABu_a47fWucW3daAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOli4gIe295-DA_oLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3_JXcTwlnbwpUX7EJ9yAcBvwHEeQ%252526client%25253Dca-pub-5884294479391638%252526adurl%25253D&clickref=oneid9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneidZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER Message: Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

61f00ba2fed86def727eef3b7277562b.safeframe.googlesyndication.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.travelaudience.com
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
c.statcounter.com
c1.adform.net
cdn.ampproject.org
cdn.track.production.webgains.team
cm.g.doubleclick.net
cms.quantserve.com
csync.loopme.me
dclk-match.dotomi.com
dis.criteo.com
dsum-sec.casalemedia.com
eb2.3lift.com
googleads.g.doubleclick.net
ib.adnxs.com
image6.pubmatic.com
m.exactag.com
match.360yield.com
onetag-sys.com
pagead2.googlesyndication.com
partner.o2online.de
pixel-sync.sitescout.com
pm.w55c.net
prod-rtb.ad4mat.net
pv.medialead.de
r.turn.com
region1.google-analytics.com
s.ad.smaato.net
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-a.xgcartoon.com
static-de.ad4mat.net
sync-tm.everesttech.net
sync.1rx.io
sync.targeting.unrulymedia.com
sync.teads.tv
tm.simptrack.com
tpc.googlesyndication.com
track.webgains.com
us-u.openx.net
www.awin1.com
www.conrad.de
www.google.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
www.xgcartoon.com
x.bidswitch.net
104.20.95.138
104.75.89.75
13.248.245.213
144.76.159.126
151.101.194.49
167.233.13.224
169.150.222.217
172.217.16.134
172.64.151.101
178.250.1.9
178.32.210.230
198.47.127.19
2001:4860:4802:34::36
213.202.235.8
216.52.2.91
216.58.206.34
2600:1901:0:76b9::
2600:9000:2453:ae00:1b:5138:8a40:93a1
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2606:4700:20::ac43:47bf
2606:4700::6810:c0cb
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:801::2001
2a00:1450:4001:801::2002
2a00:1450:4001:809::2002
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2006
2a02:fa8:8806:16::1370
3.9.151.155
35.156.190.4
35.177.175.102
35.190.0.66
35.214.218.94
35.244.159.8
37.157.5.132
37.252.171.53
46.228.164.11
46.228.174.117
51.89.9.251
52.222.191.121
52.48.74.137
52.58.114.78
52.85.92.55
84.200.5.215
87.118.116.9
91.121.248.44
92.123.148.9
98.98.134.241
05f18d7deb515f03df5a908dd7f5cca70dc22807643ead22e1d8a351d882da4e
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
086201b1717dc01de92caf616dba26dac813fabb51aa117fb6c42502b4b1e08c
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cc4300a9fffaf77f0abe572bc905ccd085437d5f6511057f2078caecace10ed
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
0ed423cb6a28678f3ba7777396579f0055554797beaff42bfa1da78e2d049650
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
10a9496c968fb01e420759b953e1c683c7620261d4d04ae9a290d42dd63d4455
1126261762db36bce53560ac36f5ede1954662d33a6d6eeb62d84b715070e7bc
13ca7f8ca7e3e8534d9e9e2f3edcd3170ca882e1295ff9940e443b7648a2efb1
162130d3448f12a15730a0ff8ac91f75b69f7ac115770b1aa31330d1cf33264e
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e0e42f83d42a3953cdbdeccb1bb4e0b54a8d55bc72fa39ad586efbfad7764fa
1e2aa31ea0b4c14103915ba7d906536f68d021c22d3038b36c145bc2e6a2cc1d
1f244a67ea33b20fd32f485650e80138dd647b02fc7755f3cd2616860c9271b7
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
274092432a2d58df5ad52ba6b516d96166bada65843299fdca4b8dd6db1d9e89
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669
2c105909f98456ad56f1f95391eb57cf6e64d8060d67485d166a0256ae621f95
2dfc3120b346b740f323485e3711448804353c1c5c213ec822a6ff76e0c7b8ad
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3054c8545e93da11f2f9c22b6893e8b1abfd05849b321456b04d67cb010f98ab
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35a1daa37454a8e44959a9fd08fc0f7f73fdaea2415af1116ca1ea4f05826646
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254
3b8fd957271a7089ccbf728bf63e93fd5de3d78b076ad856a91bed46b09d5abf
3c54442f21c2cbd18f8e6e2508129e77dab00b67022621679202cfe3b9baa4e9
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
3dd5bb9fda081a3cb1bd6d513edb1a71746031bec07d8c646abe5813ba9dd4c4
3e2db64c7527b5dcfe99dc3876bde8b9d6e85241d973ece281297285c6b995f6
3f24acd57aec035fffd76b0bbd29ed438417cbb1d355e95c99ad044d74dc68c2
40df2b78182e4ea8c29b45c73a0e7bef10dc5ab61798ce22238d039d2bd81b92
41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37
4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7
4292a19f65f9b0b138441b47765ce31079492df29bff370a588027566628d8e1
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28
44a50c698138148313b119150ca6eb07948336ebbda7d9a64a8403e192772706
4644c8170155f76f5c8812e6de5625011b0dab3ea1dccc9ea1df6ead950243c1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48996e74bebf44867bdf2ad3fc3a2fd7a9f7f7b9317e6a652f8e6191cfef90e8
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f2fc38627219c74a3bc13ec4a9cfd6b07517ce347434cda64d7ae142aa85768
504f5dc36de3bba75ea14969441333fd790f95ccbe20da3fb26c60bc52c75b3c
51c012cf2461bf8b29f345373366183c7fd121579b6178e942be0b61d8c7da14
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d388aa85d66b258516ed0f6a496408da452ec3ad9af691b42707df480af8d9
563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3
5de7bf572ade3048f8668bd24935731e84aae70020bef8a6e223e95ae3e3ec96
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
5f7d32ce355726ba5972fc40b122bc2aef527aac97f6e739857c0a5660046e4a
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
6131dc1f5f4917d39d60cc5a0acdf6cc86983144801036d6a6dfde7e265a1b00
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
69befbbd7edbbc48fba41233380d2227f6172f482a1199954aa54780ea37b208
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6e44e8a9cf91c3d915be31bc1d006e1df1cd438c981b592f966c059739694ad2
713e8d4375e4b41575b7e5f3b5ac9efab58258b34e77091247fee7da189c1ef1
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b
7f8a1c2074dce48c62d8c2da4df014c0784f22797150f693b5d5fe37772e7614
8013407130f3d1c34679b5d4a3ca7d56ce95e0a656d501bf0920e8bd8732b6a3
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2
827b681b94bf2cfceec96e66d640306f3777beae04d28acdb97d80c83f03453d
83af0c09a4f51158ec41f22995415aad509db6ef38d91c7feda2503acf5c49f6
83d520f8993b0bad11f50123f21084783cfb2da00ee872b42bd475f91291087c
873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d
878a2cd75957206fa5958be9c549e0b8f9adf16b6ae5aa305b1405649f2d84a5
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b
8a266e4db9933d32c7069e181c13507a6baf6c69981ed67e6bfbd8de26f603a4
8af31df5e0185c8210ea1ea3d6adba4902eee75f92b57cfd4b8aff1061ab581f
8b9e64afb7fb15e604c6b4822a72a933073e8ad51479872ebe77152a6b413c14
8be82f349b2994d7f0ed7fcba5e50ffb8a960f135e513b34730af4578cab9883
8c3ebe6c01127f757dcdf849f6d815c373c69aa4ad8900b42e8e6924d43b447f
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8dc0b8445f80ad134748d7c83953db4326302247a34ba6fa2239b61836930842
8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad
95f9669f86fe28fac80e3a754575893953ce4880b37490c44fb603257ccfd95b
97c1b5fb5a01fa52b1063fccf1cbf7dd91a6749cafec6407f04ffd7824295d30
9803714dfd9b56be5037e4cf66cb087f8ad9041a8a3d134a2272fcef57e873ee
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9ff66b97bd8767ce16889bf15fc6e18e59fb7e60edc88bf9ee41416d3031bd24
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1
a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e
a6210315aa01f9c72b1af3dc677061ea0c28081d861251e65b7d318a41cbbab1
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
ac79466527bbddc1f62ebc9439506bf48c8c6f19cfbb8e2bb71541c45e0e032d
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b34b46043cd31ffccf48197da9e9d48d9b64b53bb9d0979659d1969ae27b9e30
b3f01c5dc869fa2d50bcd89cd56d0a583ad9efe1ab3d4fd770b72e2f91a85be7
b3f74aead944972d91365bcdbc06ed9fb304a4f648c87d608f48ae6931140212
b939749db948eaea84109ee57894dd3ed57f7118e239e341c202d97ca58afd45
ba7be9e0508d94cc1b2a37d900b3f40b9043b85772060ca5123d8ae69ea3c661
bb22b6f1eaa16879c8550599bc09f556bba897ecd3826a49db742558c1e0751a
bd8a8ddcbb2f3273c1c055c1dec46bebd1cbc3c062ffce9749a5c14d15ad21f6
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5
bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447
c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588
c1b43ffe1a70012949f2b15f16605cb84176e01d10617fc3f2a7449ca5bf8166
c3654fdc8bbe4f55644ae047081eda8ce9e5532dedfb86df23519fb6e7b5419e
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c7f7f5265aeb0202ce88e8a6dfcc0ca25a7b990bb9ffac2f9e430ae6af2b6154
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a
c93dd298a227decbcbc5fcc458c787f081db10425e322950458c08e0656384d7
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb39cececc3386d8637d37d17148f5c932709a977429d2fd361500897ffb4cca
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d27132ef28c04d5cea0fb140fd574c18ccd4d7dfb02a2621bcb8b356fb6617d9
d276da068fea1049fbb29d0aaeda5b9fa8a38e50b3f55741ffe2899cd52e6d5d
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8
d50653c6b567749e8af96b01371c0830a1ab0731ac3e13230bc12913e00c4f52
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
d83765df9c0a17c075f398cecee0a3498629b3bd4550ba214d60f1f630834fa9
d8be15ab8b5dc320b0b20139ff9c8c7bc03c81c4932162add14acaccc9409e3e
dc0bdf644670b96e7be39e875374c3a5303f904205e2109800d3e8f5c7c2b2ba
dca1a0dc1f2b52f18cf46789de016d2937b1829b3f2db9a19aa78f31a9694e5a
de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421
de6f3845be49878afb5314dd5297e48423a4e952b0ad7fc367627de0338d49d7
e0435079f9a4a1280a9ccfbb593d29768c3f96b4cd7b0c6ee2134f820b5f65cf
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d83495e1ff638b52407ed3152bdfb99cd837e6fd744e9943f46056c5e53d94
e40d97b983b5756bf934b6b97d8d3fbb7cd719406bf82fee6e8a2c1acced376d
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348
e702e0c66a3d934ffabf0136769bf8734e339e799e07f68820c982ca7139326e
e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212
e86d3703af27920836907968ada5890309f2e37d05fafe361cb5d25e9ce02a67
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eebae9fff2a10d5c5be121a6196e5c6885f5908ff98533ed828d8e3a0cf57950
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f38449a37277d3230824794b2441f2dbb38afbf1a756e4d00fb277f839f7113a
f5eeecac9281d5b283f2f7a89636fa7caf5b78a0ca5fe7c3e00df80e7f867340
f69ebf9ca7ae850e32198a052f55963edf2902c4c59db49df9bfa7a00e1cbca3
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd
fe2841f32d2fb0e3c1cb4b1517e5be596ceff8cfcdaedd446c0e7822fda9e102

www.xgcartoon.com Open in urlscan Pro 169.150.222.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

306 Requests

91 %HTTPS

35 %IPv6

47 Domains

60 Subdomains

46 IPs

10 Countries

4136 kBTransfer

10496 kBSize

44 Cookies

1 Outgoing links

Redirected requests

306 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.xgcartoon.com Open in urlscan Pro
169.150.222.217 Public Scan

Screenshot
Live screenshot

Full Image

306
Requests

91 %
HTTPS

35 %
IPv6

47
Domains

60
Subdomains

46
IPs

10
Countries

4136 kB
Transfer

10496 kB
Size

44
Cookies

306 HTTP transactions
14 data transactions