www.xgcartoon.com Open in urlscan Pro
169.150.222.217 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.xgcartoon.com/detail/zhanguoqiannian_dongtaiman-shidaimanwang
Submission: On December 22 via manual (December 22nd 2023, 6:11:55 am UTC) from US — Scanned from CH

Summary HTTP 206 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 31 IPs in 9 countries across 29 domains to perform 206 HTTP transactions. The main IP is 169.150.222.217, located in Hong Kong, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.xgcartoon.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on September 24th 2023. Valid for: a year.

This is the only time www.xgcartoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	169.150.222.217 169.150.222.217	60068 (CDN77 ^_^) (CDN77 ^_^)
12	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	104.20.95.138 104.20.95.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:20:... 2606:4700:20::681a:2f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	184.30.17.67 184.30.17.67	16625 (AKAMAI-AS) (AKAMAI-AS)
26	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
48	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
3	213.227.153.223 213.227.153.223	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2600:1f18:e8a... 2600:1f18:e8a:cd04:9b88:a313:d24d:af44	14618 (AMAZON-AES) (AMAZON-AES)
1	146.75.118.132 146.75.118.132	54113 (FASTLY) (FASTLY)
9	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	213.227.153.222 213.227.153.222	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
6	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
6 22	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	217.79.188.11 217.79.188.11	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	217.79.188.46 217.79.188.46	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 4	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
3 4	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
2 2	38.68.201.140 38.68.201.140	174 (COGENT-174) (COGENT-174)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
3 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1 1	81.17.55.171 81.17.55.171	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 4	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
1	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
2	217.79.188.21 217.79.188.21	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
2 2	50.31.142.31 50.31.142.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 1	20.123.110.224 20.123.110.224	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
206	31

5 169.150.222.217 (Hong Kong, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-222-217.datapacket.com

www.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.95.138 (None, )

ASN13335 (CLOUDFLARENET, US)

c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:2f3 (United States)

ASN13335 (CLOUDFLARENET, US)

static-a.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.17.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-67.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.227.153.223 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

b1t-eudc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

zem.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.153.222 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

b1-eudc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.181.226 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 217.79.188.11 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.79.188.46 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad4.adfarm1.adition.com

ad4.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.101 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 38.68.201.140 (Ashburn, United States) 2 redirects

ASN174 (COGENT-174, US)

aep.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.28 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.17.55.171 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.75.89.75 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.153 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.79.188.21 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad2.adfarm1.adition.com

ad2.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.242 (United States) 2 redirects

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.31.142.31 (Chicago, United States) 2 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.123.110.224 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.temu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
80	googlesyndication.com a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148 pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	1 MB
48	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515 ad.doubleclick.net — Cisco Umbrella Rank: 139	158 KB
30	adition.com imagesrv.adition.com — Cisco Umbrella Rank: 17335 ad4.adfarm1.adition.com — Cisco Umbrella Rank: 65170 ad2.adfarm1.adition.com — Cisco Umbrella Rank: 54473	114 KB
12	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 428	251 KB
10	xgcartoon.com www.xgcartoon.com static-a.xgcartoon.com	488 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	451 KB
6	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 229 secure.adnxs.com — Cisco Umbrella Rank: 478	5 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2	3 KB
6	zemanta.com 2 redirects b1t-eudc1.zemanta.com — Cisco Umbrella Rank: 25865 b1-eudc1.zemanta.com — Cisco Umbrella Rank: 27582 b1sync.zemanta.com — Cisco Umbrella Rank: 586	2 KB
4	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1299	1 KB
4	openx.net 3 redirects us-u.openx.net — Cisco Umbrella Rank: 491	1 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 793	1 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 681	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 546	2 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 560	1 KB
2	mxptint.net 2 redirects aep.mxptint.net — Cisco Umbrella Rank: 4966	1 KB
2	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 2138	15 KB
1	temu.com 1 redirects www.temu.com — Cisco Umbrella Rank: 8551	556 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 714	441 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	22 KB
1	smartadserver.com 1 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 742	407 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258	573 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550	363 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	90 KB
1	outbrainimg.com zem.outbrainimg.com — Cisco Umbrella Rank: 3815	9 KB
1	cheqzone.com obs.cheqzone.com — Cisco Umbrella Rank: 10209	3 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	256 B
1	statcounter.com c.statcounter.com — Cisco Umbrella Rank: 10182	469 B
206	29

	Domain	Requested by
48	pagead2.googlesyndication.com	a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
26	imagesrv.adition.com	googleads.g.doubleclick.net ad4.adfarm1.adition.com www.xgcartoon.com imagesrv.adition.com
26	tpc.googlesyndication.com	a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
22	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
14	securepubads.g.doubleclick.net	cdn.ampproject.org a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com www.googletagservices.com
12	cdn.ampproject.org	www.xgcartoon.com cdn.ampproject.org
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	www.googletagservices.com	a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com googleads.g.doubleclick.net
6	www.google.com	tpc.googlesyndication.com googleads.g.doubleclick.net
6	a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com	cdn.ampproject.org
5	static-a.xgcartoon.com	www.xgcartoon.com
5	www.xgcartoon.com	www.xgcartoon.com cdn.ampproject.org
4	sync.teads.tv	2 redirects googleads.g.doubleclick.net
4	us-u.openx.net	3 redirects googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	b1t-eudc1.zemanta.com	a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com widgets.outbrain.com
2	b1sync.zemanta.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	ad2.adfarm1.adition.com	ad4.adfarm1.adition.com ad2.adfarm1.adition.com
2	secure.adnxs.com	2 redirects
2	sync.1rx.io	2 redirects
2	c1.adform.net	2 redirects
2	aep.mxptint.net	2 redirects
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	ad4.adfarm1.adition.com	googleads.g.doubleclick.net ad4.adfarm1.adition.com
2	widgets.outbrain.com	a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com
1	www.temu.com	1 redirects
1	onetag-sys.com	1 redirects
1	cdnjs.cloudflare.com	imagesrv.adition.com
1	ad.doubleclick.net	googleads.g.doubleclick.net
1	ssbsync.smartadserver.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	s0.2mdn.net	googleads.g.doubleclick.net
1	b1-eudc1.zemanta.com
1	zem.outbrainimg.com	a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com
1	obs.cheqzone.com	a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com
1	region1.google-analytics.com	cdn.ampproject.org
1	c.statcounter.com	www.xgcartoon.com
206	41

This site contains links to these domains. Also see Links.

Domain
cn.xgcartoon.com

Subject Issuer	Validity	Valid
*.xgcartoon.com AlphaSSL CA - SHA256 - G4	`2023-09-24` - `2024-10-25`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-05` - `2025-01-03`	a year	crt.sh
xgcartoon.com GTS CA 1P5	`2023-11-16` - `2024-02-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.zemanta.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-16` - `2024-09-05`	a year	crt.sh
*.cheqzone.com ZeroSSL ECC Domain Secure Site CA	`2023-11-25` - `2024-02-23`	3 months	crt.sh
*.outbrainimg.com R3	`2023-11-28` - `2024-02-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.adition.com AlphaSSL CA - SHA256 - G4	`2023-05-08` - `2024-06-08`	a year	crt.sh
*.adfarm1.adition.com AlphaSSL CA - SHA256 - G4	`2023-05-08` - `2024-06-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh

This page contains 27 frames:

Primary Page: https://www.xgcartoon.com/detail/zhanguoqiannian_dongtaiman-shidaimanwang
Frame ID: 4756C6EE350D6095476BDCB590EBF18A
Requests: 38 HTTP requests in this frame

Frame: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: A1F1AC9D408FC978662D7784018B7475
Requests: 15 HTTP requests in this frame

Frame: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 26BBDA326BFB2C544F0721C9F889F36D
Requests: 11 HTTP requests in this frame

Frame: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 5EC127C274BFEEBF26E68CBFFFE4E67A
Requests: 11 HTTP requests in this frame

Frame: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 5BB0FA74C9D520A0FD2C3B312A9CC22E
Requests: 11 HTTP requests in this frame

Frame: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 516A807809649D9F5C8E745F1AB005C8
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 6F665306D179163510D4CCEB0AAFE006
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046731&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703225511993&bpp=149&bdt=161&idt=321&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=3925&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=615627005&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C95320884&oid=2&pvsid=2759465444458337&tmod=1890942017&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.to3zajitb4iq&fsb=1&dtd=327
Frame ID: DB4427CB867B47C0B82404AE15CAD824
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046729&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703225512068&bpp=114&bdt=234&idt=367&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=3925&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1520562853&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31080103%2C44795921%2C44807406%2C95320869%2C95320885&oid=2&pvsid=3062246611165342&tmod=1851608902&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ukscmkyi8lh3&fsb=1&dtd=377
Frame ID: 73D12AA620B71D716D3F6C2428E9463D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046730&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703225512080&bpp=182&bdt=247&idt=414&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=3925&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1520562853&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320884&oid=2&pvsid=3610774700537060&tmod=1537661235&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ag043tua9fw1&fsb=1&dtd=417
Frame ID: F6523E5273E67262BAD659EA2A1A07CF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703225512025&bpp=196&bdt=190&idt=500&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=3925&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=615561056&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44795554%2C95320884&oid=2&pvsid=3442845709498204&tmod=1783946257&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ufmhj1qss2vq&fsb=1&dtd=504
Frame ID: E025A894B8FE8D82936224FDCDFCD6CE
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 73F5C11255444C15FCBE7A37A2F5C6FA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 948C78317B7199E1031CC59D803295BD
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYiNqO-QEwAQ&v=APEucNVTNvgvZ1NrKC9zqFhvdZR7l190LfjmWItz1RmFtnnAFXTCyDXWhgf0r5oPVxN_Vgv5H-IkGRJDd6gink9jK8byxSF4vA
Frame ID: BCC049B1115EBA21C5788699126D5C48
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 811F62D05D29D8317E9ECDB6A65B3A62
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 30C7ADA0447169FA580CC6051A674F37
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDpgb2LBBjW3oOCAjAB&v=APEucNW9i8ckzhqxCc8X_RshCd0vv7GodR0bkCclOwNsZdWB08YifgyD-Q7z94a13cSrGdnRyj405BtlgrZrUl3qXDQhL5FuvQ
Frame ID: 87DA61865A6381A46DD06E63ED7B0F72
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 8FFBC1A10F9770352A2CE8C681B180E2
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1A3E4BBCB2825C0D22AEBEDCCE339828
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4593901F89D1D44DC495D57236684706
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1D50D08E46F052AC010D5CE813B4CB28
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B24F58208272A84BBBE58E80486179A9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: A305EB3BBD0DF51D8AC01A08F2DC0D80
Requests: 3 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Frame ID: 0151154B4447506C414772A65B78BE59
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DD996E81C6A7EB619A08BE3E22EC9A3C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0626B08ED21A0E9719CFBEFF503F2085
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 38AEA4510010B05515EEF84BA6740B36
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🍲戰國千年動態漫免費高清卡通動漫在線看 - 西瓜卡通

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js
tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

206
Requests

91 %
HTTPS

33 %
IPv6

29
Domains

41
Subdomains

31
IPs

9
Countries

2782 kB
Transfer

6953 kB
Size

27
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://cn.xgcartoon.com/detail/zhanguoqiannian_dongtaiman-shidaimanwang
Title: 简

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 107

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkAdCVnkTLn2T7mnyltMpg&google_cver=1

Request Chain 108

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYUoqRBdT.1sB-VDBam2PwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkAdCVnkTLn2T7mnyltMpg&google_cver=1&google_hm=2

Request Chain 124

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHjZCKAsWQhuJjL4KanwmjY&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHjZCKAsWQhuJjL4KanwmjY%26google_cver%3D1

Request Chain 125

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYwNTg3MTMxMjAzMzQ3MTg4Ng%3D%3D

Request Chain 126

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIBK57CRoW9_v_4ybAqqe_c&google_cver=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEIBK57CRoW9_v_4ybAqqe_c&google_cver=1

Request Chain 127

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjMwOWUyODQtNjJkNy0yNzM4LWY4ZTctNTM2YTU3Y2FiZDE4

Request Chain 140

https://aep.mxptint.net/sn.ashx?google_gid=CAESEH9eJ9yag8xzOnLrb8cv2g8&google_cver=1&google_push=AXcoOmQvr13eaU33-gVQFHsjaN4AeX_G1fCqpxlEuJ1lcou_3-4evAc8yqXf062JIv43uz76MRAX1uzNByu2J731dGAh4BnNglo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmQvr13eaU33-gVQFHsjaN4AeX_G1fCqpxlEuJ1lcou_3-4evAc8yqXf062JIv43uz76MRAX1uzNByu2J731dGAh4BnNglo&google_hm=UjM1Q0E5XzEwRTEzREJGOV9DMERGMUVFQg%3D%3D

Request Chain 142

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOQ-gTWLB_xGKL64IA1-fUw&google_cver=1&google_push=AXcoOmT1EIiIwVkXPQkAOmyxXSsmx0L-fmp6Ettr66g9GtsZ2dqGjz0a1LmGfgpdH8vQ-K6bKrvjITM8LJ3mgS4b_8F29pE0SIo HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOQ-gTWLB_xGKL64IA1-fUw&google_cver=1&google_push=AXcoOmT1EIiIwVkXPQkAOmyxXSsmx0L-fmp6Ettr66g9GtsZ2dqGjz0a1LmGfgpdH8vQ-K6bKrvjITM8LJ3mgS4b_8F29pE0SIo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njg3NjQwNTUyODUzMzEyMDQzMA&google_push=AXcoOmT1EIiIwVkXPQkAOmyxXSsmx0L-fmp6Ettr66g9GtsZ2dqGjz0a1LmGfgpdH8vQ-K6bKrvjITM8LJ3mgS4b_8F29pE0SIo

Request Chain 143

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEEksIGoDqhQrmx70A_AsLfQ&google_cver=1&google_push=AXcoOmRzW8qQp5O7Zy7r4vQn5PHwB83tSVfETN-YwPq1iEFgxQ4aZQ98zz5Ow034ZCqhiR5FydIwgy37R7XKHLtMeqyauoanFeg HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRzW8qQp5O7Zy7r4vQn5PHwB83tSVfETN-YwPq1iEFgxQ4aZQ98zz5Ow034ZCqhiR5FydIwgy37R7XKHLtMeqyauoanFeg&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1703225513412 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-3537fe66-98de-46db-890f-c33adb885f0e-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRzW8qQp5O7Zy7r4vQn5PHwB83tSVfETN-YwPq1iEFgxQ4aZQ98zz5Ow034ZCqhiR5FydIwgy37R7XKHLtMeqyauoanFeg%26google_hm%3DAzU3_maY3kbbiQ_DOtuIXw4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRzW8qQp5O7Zy7r4vQn5PHwB83tSVfETN-YwPq1iEFgxQ4aZQ98zz5Ow034ZCqhiR5FydIwgy37R7XKHLtMeqyauoanFeg&google_hm=AzU3_maY3kbbiQ_DOtuIXw4

Request Chain 144

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEJXEZjvonPvX6tfpCDtj-nI&google_cver=1&google_push=AXcoOmQXo7H3ybOJtWocuqJMBkVWQD3evRaltSiP8vHa4EQMGUcSeQuE_EcRJUGpGOWy9NHL4fQS6FeuUgfSOyQBVn0LQTO8PoQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQXo7H3ybOJtWocuqJMBkVWQD3evRaltSiP8vHa4EQMGUcSeQuE_EcRJUGpGOWy9NHL4fQS6FeuUgfSOyQBVn0LQTO8PoQ&google_hm=MzAzODc0MDIyMzQ1NzcxMDkwNA%3D%3D

Request Chain 145

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOZ9r5_fCSS0ByYAuCuqnUs&google_cver=1&google_push=AXcoOmQdVt0gyL-wd380N9sc78JdviG7anuF_fQOIFw3m71Ca3Qo914h6_lWTX09sw6i81D6x88BPY05UaS2121OOCMUyTch5aI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZjUzYTcyNDYtZDM0ZS00OGE5LTk3MDktZWZhMDI1N2Y1YzVm&google_push=AXcoOmQdVt0gyL-wd380N9sc78JdviG7anuF_fQOIFw3m71Ca3Qo914h6_lWTX09sw6i81D6x88BPY05UaS2121OOCMUyTch5aI HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 146

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEHWsTNr3tuWmM8eCqkXtM2w&google_cver=1&google_push=AXcoOmRCC52ZL5BgjRhlMfDze4m0ibwPHYpJpRgNrt57rbXD_Qja5DfdIjTpeE9Ac9zbGtEJ-ginTWf_tZcD2Nspatdkjese8VF8 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEHWsTNr3tuWmM8eCqkXtM2w%26google_cver%3D1%26google_push%3DAXcoOmRCC52ZL5BgjRhlMfDze4m0ibwPHYpJpRgNrt57rbXD_Qja5DfdIjTpeE9Ac9zbGtEJ-ginTWf_tZcD2Nspatdkjese8VF8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzU1OTM1Mjk1MDY0OTI5OTQwNA%3D%3D&google_gid=CAESEHWsTNr3tuWmM8eCqkXtM2w&google_cver=1&google_push=AXcoOmRCC52ZL5BgjRhlMfDze4m0ibwPHYpJpRgNrt57rbXD_Qja5DfdIjTpeE9Ac9zbGtEJ-ginTWf_tZcD2Nspatdkjese8VF8

Request Chain 195

https://aep.mxptint.net/sn.ashx?google_gid=CAESEH9eJ9yag8xzOnLrb8cv2g8&google_cver=1&google_push=AXcoOmTodeHxXlPyX4CgRddwfsUXMANoAL1ph5l6KWm3wt9fXgInu7MEGuR6uTtgPwoDehrf5KmPlTw3de0NYeakuyeFqcUdnXStdk3Ws6tXU7evSko_aElCYq6UGLLfMCFJyZoQdRPunPHKmI_0yP01Pj9c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmTodeHxXlPyX4CgRddwfsUXMANoAL1ph5l6KWm3wt9fXgInu7MEGuR6uTtgPwoDehrf5KmPlTw3de0NYeakuyeFqcUdnXStdk3Ws6tXU7evSko_aElCYq6UGLLfMCFJyZoQdRPunPHKmI_0yP01Pj9c&google_hm=UjM1Q0E5XzEwRTEzREJGOV9DMERGMUVFQg%3D%3D

Request Chain 196

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEFPZ_e535nRc4pcElDajxnU&google_cver=1&google_push=AXcoOmSUcXpN51I9zVP5VA9neZAlDwkdnz4Pase7p40Of6r4LEbwASzTOQG0BB9Q6ukHqf1lSGJr_yuxOnTB750t20FXPAXHs6GJZ0dgn7iLeOMCFxC2YJICLoicGdKUZQJoq9LyUP591OWo4NgnCWLWSzs HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEFPZ_e535nRc4pcElDajxnU&google_cver=1&google_push=AXcoOmSUcXpN51I9zVP5VA9neZAlDwkdnz4Pase7p40Of6r4LEbwASzTOQG0BB9Q6ukHqf1lSGJr_yuxOnTB750t20FXPAXHs6GJZ0dgn7iLeOMCFxC2YJICLoicGdKUZQJoq9LyUP591OWo4NgnCWLWSzs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=WR1hCbgHQvCgD576pjTb_WWFKKk

Request Chain 197

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHkua4sZde_Tzu4wymmnzzE&google_cver=1&google_push=AXcoOmQfJnld5Rxs6s3ge0pYu1mtMza-crxE1ncvArbcaCuOrVHHQDRQ4St5rdL3IIJSkAyoHyoP5dUGgGCAA80fAJ0P7Hin_hHoxxfOkSboau-le9cUGL4MjySfL3WLI9eBv47rttzVbMgnCuh0kN92yvsS HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHkua4sZde_Tzu4wymmnzzE&google_cver=1&google_push=AXcoOmQfJnld5Rxs6s3ge0pYu1mtMza-crxE1ncvArbcaCuOrVHHQDRQ4St5rdL3IIJSkAyoHyoP5dUGgGCAA80fAJ0P7Hin_hHoxxfOkSboau-le9cUGL4MjySfL3WLI9eBv47rttzVbMgnCuh0kN92yvsS&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=q_YMHESaQISetESIuZ0S1Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQfJnld5Rxs6s3ge0pYu1mtMza-crxE1ncvArbcaCuOrVHHQDRQ4St5rdL3IIJSkAyoHyoP5dUGgGCAA80fAJ0P7Hin_hHoxxfOkSboau-le9cUGL4MjySfL3WLI9eBv47rttzVbMgnCuh0kN92yvsS

Request Chain 198

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGjNZ9QPP2cYtl68F2QuOAc&google_cver=1&google_push=AXcoOmR8JwstpFNSZfSHe0roqzdP8BpQtVALBzmuDx247BPMZV-u43MbjlcgrUMbWgJRPxJg0xb8BR3AQXGV3AtNIgfWlS9pKSkrULiPbMny0gC7ttjvnBN-Sa2DrENcd_HkhE583vMuN7T1CWVmi0woXtII HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR8JwstpFNSZfSHe0roqzdP8BpQtVALBzmuDx247BPMZV-u43MbjlcgrUMbWgJRPxJg0xb8BR3AQXGV3AtNIgfWlS9pKSkrULiPbMny0gC7ttjvnBN-Sa2DrENcd_HkhE583vMuN7T1CWVmi0woXtII

Request Chain 199

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEAUCqPAmtbJsBEY1iivz-5E&google_cver=1&google_push=AXcoOmQ4j_CLi2ZjTKS3JvmjDNnqh8hlk78TmTd7fSi19LO43UJgvx7uLwalP7mvIGz2U9QzJcI3-qklVx7cqsKcWzPflLYv9wfV9-msGRLEfHHADcyznbEIasIdbD2CFfIzVz5KOUw9mMqespRiMUdqjKCEJQ HTTP 302
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEAUCqPAmtbJsBEY1iivz-5E&google_push=AXcoOmQ4j_CLi2ZjTKS3JvmjDNnqh8hlk78TmTd7fSi19LO43UJgvx7uLwalP7mvIGz2U9QzJcI3-qklVx7cqsKcWzPflLYv9wfV9-msGRLEfHHADcyznbEIasIdbD2CFfIzVz5KOUw9mMqespRiMUdqjKCEJQ&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmQ4j_CLi2ZjTKS3JvmjDNnqh8hlk78TmTd7fSi19LO43UJgvx7uLwalP7mvIGz2U9QzJcI3-qklVx7cqsKcWzPflLYv9wfV9-msGRLEfHHADcyznbEIasIdbD2CFfIzVz5KOUw9mMqespRiMUdqjKCEJQ&google_hm=X25PX3hYMm9lbG5ValR6b0Y1ajg=

Request Chain 200

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOZ9r5_fCSS0ByYAuCuqnUs&google_cver=1&google_push=AXcoOmQJPXmfNbsbbSqnARXyBT6JDxQoYV3qY53ZY4EPjH9JezlpNbEdsDaD8ur0fOQmiWxeFdtH6X5fbtGtyeC7nOwE0JAj6A5CG2G9sMBHWmXaU4CSoKLaQosvcka2knuNBylvzPje1cWE3YGRHiUl5M4BBw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZjUzYTcyNDYtZDM0ZS00OGE5LTk3MDktZWZhMDI1N2Y1YzVm&google_push=AXcoOmQJPXmfNbsbbSqnARXyBT6JDxQoYV3qY53ZY4EPjH9JezlpNbEdsDaD8ur0fOQmiWxeFdtH6X5fbtGtyeC7nOwE0JAj6A5CG2G9sMBHWmXaU4CSoKLaQosvcka2knuNBylvzPje1cWE3YGRHiUl5M4BBw HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 201

https://www.temu.com/api/adx/cm/pixel?google_gid=CAESEPK2VPmsjB8ZP63LM8pmSP4&google_cver=1&google_push=AXcoOmSPdYh287Qd3GVuvtG0Sl1R2TKFhBBhpxMH4kROj2qg7CcgSRpCXZuq_ar6pfQaB_pu1NEKyPTVCOwOrFOQQmcYC-Y3gfmhz9dP579sU_DCXJTdWspvKRke3dKKXne5CMWpYxD7eVCN-Fe3j603xAfx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmSPdYh287Qd3GVuvtG0Sl1R2TKFhBBhpxMH4kROj2qg7CcgSRpCXZuq_ar6pfQaB_pu1NEKyPTVCOwOrFOQQmcYC-Y3gfmhz9dP579sU_DCXJTdWspvKRke3dKKXne5CMWpYxD7eVCN-Fe3j603xAfx

206 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request zhanguoqiannian_dongtaiman-shidaimanwang Show response
www.xgcartoon.com/detail/ 78 KB
18 KB 877ms
428ms Document
text/html 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xgcartoon.com/detail/zhanguoqiannian_dongtaiman-shidaimanwang
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: abee69f8e19beceb0686062f34822a7bcc3df5bd8037e4de7b485a368369beb3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=60
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 22 Dec 2023 06:11:49 GMT
etag: "13993-ykfX0XkAj1WmoIi8L5zycvnjLIc"
expires: Fri, 22 Dec 2023 06:12:49 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
73 KB 87ms
30ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhanguoqiannian_dongtaiman-shidaimanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0435079f9a4a1280a9ccfbb593d29768c3f96b4cd7b0c6ee2134f820b5f65cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 22 Dec 2023 06:11:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73141
x-xss-protection: 0
server: sffe
etag: "20620290c9309704"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Dec 2023 06:11:49 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/v0/ 82 KB
23 KB 120ms
64ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhanguoqiannian_dongtaiman-shidaimanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb22b6f1eaa16879c8550599bc09f556bba897ecd3826a49db742558c1e0751a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 22 Dec 2023 06:11:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23125
x-xss-protection: 0
server: sffe
etag: "03885caa855825de"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Dec 2023 06:11:49 GMT

GET
H2 200 amp-autocomplete-0.1.js Show response
cdn.ampproject.org/v0/ 29 KB
9 KB 116ms
77ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhanguoqiannian_dongtaiman-shidaimanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

878a2cd75957206fa5958be9c549e0b8f9adf16b6ae5aa305b1405649f2d84a5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 22 Dec 2023 06:11:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9459
x-xss-protection: 0
server: sffe
etag: "8a483731af74fd28"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Dec 2023 06:11:49 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/v0/ 50 KB
15 KB 119ms
81ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-form-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhanguoqiannian_dongtaiman-shidaimanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e40d97b983b5756bf934b6b97d8d3fbb7cd719406bf82fee6e8a2c1acced376d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 22 Dec 2023 06:11:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14979
x-xss-protection: 0
server: sffe
etag: "5c37322451a9f07d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Dec 2023 06:11:49 GMT

GET
H2 200 amp-mustache-0.2.js Show response
cdn.ampproject.org/v0/ 45 KB
15 KB 112ms
74ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-mustache-0.2.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhanguoqiannian_dongtaiman-shidaimanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83af0c09a4f51158ec41f22995415aad509db6ef38d91c7feda2503acf5c49f6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 22 Dec 2023 06:11:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15383
x-xss-protection: 0
server: sffe
etag: "10ecb1b2e6eeaabe"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Dec 2023 06:11:49 GMT

GET
H2 200 amp-social-share-0.1.js Show response
cdn.ampproject.org/v0/ 14 KB
5 KB 130ms
92ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-social-share-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhanguoqiannian_dongtaiman-shidaimanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfc3120b346b740f323485e3711448804353c1c5c213ec822a6ff76e0c7b8ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 22 Dec 2023 06:11:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4740
x-xss-protection: 0
server: sffe
etag: "e23d2a0d990fab56"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Dec 2023 06:11:49 GMT

GET
H2 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/v0/ 40 KB
10 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhanguoqiannian_dongtaiman-shidaimanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dca1a0dc1f2b52f18cf46789de016d2937b1829b3f2db9a19aa78f31a9694e5a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 22 Dec 2023 06:11:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10344
x-xss-protection: 0
server: sffe
etag: "710c75735c511774"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Dec 2023 06:11:49 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
32 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhanguoqiannian_dongtaiman-shidaimanwang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10a9496c968fb01e420759b953e1c683c7620261d4d04ae9a290d42dd63d4455

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 22 Dec 2023 06:11:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32187
x-xss-protection: 0
server: sffe
etag: "f62e83b3b94bc414"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Dec 2023 06:11:49 GMT

GET
H2 200 /
c.statcounter.com/12916097/0/c55d9f9f/1/ 49 B
469 B 216ms
164ms Image
image/gif 104.20.95.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.statcounter.com/12916097/0/c55d9f9f/1/
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhanguoqiannian_dongtaiman-shidaimanwang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/detail/zhanguoqiannian_dongtaiman-shidaimanwang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:49 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
cf-ray: 839635abde8b0d57-MXP
content-length: 49
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 logo.png
www.xgcartoon.com/img/ 13 KB
13 KB 226ms
226ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/logo.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhanguoqiannian_dongtaiman-shidaimanwang
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/detail/zhanguoqiannian_dongtaiman-shidaimanwang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:49 GMT
last-modified: Sun, 28 Aug 2022 14:10:33 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"3473-182e4ca3706"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 13427
expires: Fri, 22 Dec 2023 06:14:49 GMT

GET
H2 200 zhanguoqiannian_dongtaiman-shidaimanwang.jpg
static-a.xgcartoon.com/cover/ 155 KB
155 KB 1665ms
1604ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/zhanguoqiannian_dongtaiman-shidaimanwang.jpg?w=230&h=280&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhanguoqiannian_dongtaiman-shidaimanwang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 755cd97a3391b8d851c7b57294d60c0f2166071ff147f058829b47551d1e0f4b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:51 GMT
cf-cache-status: HIT
last-modified: Thu, 29 Dec 2022 03:09:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "F4133CC1C7735E16AC3422F5A640BF32"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKnkclyMM1bUBsjP4kqjD%2FczaWOXNElSBGkh8dJB6fqPggPDO%2FNoBGAgs5qdWepKGWNsr82RgBdzJKbSP7fultlndLm2v%2F4X83XPpTlETOeskHcPGfHQBc%2BjTn0RUUwRxsqQpoLAJQFDHQHmRPIPsBc8fQI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 839635ad2aef0d80-MXP
content-length: 158417
expires: Sat, 23 Dec 2023 05:11:16 GMT

GET
H2 200 play.png
www.xgcartoon.com/img/ 470 B
667 B 227ms
226ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/play.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhanguoqiannian_dongtaiman-shidaimanwang
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/detail/zhanguoqiannian_dongtaiman-shidaimanwang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:49 GMT
last-modified: Wed, 17 Aug 2022 11:09:20 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"1d6-182ab7e5700"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 470
expires: Fri, 22 Dec 2023 06:14:49 GMT

GET
H2 200 star.png
www.xgcartoon.com/img/ 424 B
621 B 228ms
227ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/star.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhanguoqiannian_dongtaiman-shidaimanwang
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/detail/zhanguoqiannian_dongtaiman-shidaimanwang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:49 GMT
last-modified: Wed, 17 Aug 2022 11:09:12 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"1a8-182ab7e37c0"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 424
expires: Fri, 22 Dec 2023 06:14:49 GMT

GET
H2 200 alaleiiqboshiguoyu-shanneizhongbao.jpg
static-a.xgcartoon.com/cover/ 85 KB
86 KB 499ms
438ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/alaleiiqboshiguoyu-shanneizhongbao.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhanguoqiannian_dongtaiman-shidaimanwang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 346a87c57a3b283da261239a4f85e76820fd736db2259622e3c7eceddb76b5cd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:50 GMT
cf-cache-status: HIT
last-modified: Wed, 29 Mar 2023 05:01:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2F8FE3E660729EB949A6CDE7684DCB09"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6EyaRPASaS2LBJ1DehGWjjAh7CKG8ZNHcTTZIvqEhqYotMwXBgNNWsuvIJ0c%2BmGGooWCZYU%2FQI5Du4VjIQ6SnP6Kx1vgL0Tts%2B0vJuI%2BvenCS0GlVeOGFXKNoYiCTSUPCWHuqcM9DuKg%2BppGsNDU7%2BMOitE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 839635ad2af60d80-MXP
content-length: 87302
expires: Sun, 24 Dec 2023 03:02:19 GMT

GET
H2 200 shaonianyinyangshiguoyu-jiechengguangliu.jpg
static-a.xgcartoon.com/cover/ 83 KB
83 KB 1156ms
1095ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/shaonianyinyangshiguoyu-jiechengguangliu.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhanguoqiannian_dongtaiman-shidaimanwang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f95bf3d9ca94a417eab8cd36c998a5d35392e917c2080182ee5ec206ef6fe3d7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:51 GMT
cf-cache-status: HIT
last-modified: Mon, 15 May 2023 04:35:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "BFBCF3774A593D868F4167E59520CE32"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iup1EMUZ1ztMg60Nx062AybJZKAV3l0SIRwN0YgYTMV1eDde4%2B8NYiST6FU%2F1xdlNEBwHKFJr%2FZbiKidjMN69JZaGJlxSS9YJqrl7PKd2TMMdA1RlHivhDBeNI6KHJuQn%2Bs7AtNzFjl1wpyYFnwhzLFESOw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 839635ad2af50d80-MXP
content-length: 84831
expires: Sat, 23 Dec 2023 03:32:09 GMT

GET
H2 200 huiyedaxiaojiexiangrangwogaobaitiancaimendelianaitounaozhanguoyu-shanshou.jpg
static-a.xgcartoon.com/cover/ 72 KB
73 KB 91ms
30ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/huiyedaxiaojiexiangrangwogaobaitiancaimendelianaitounaozhanguoyu-shanshou.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhanguoqiannian_dongtaiman-shidaimanwang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30c4fc15a8b0bac73837553338c75817a9730aa37c2669f36ef82b541c8c8956

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:49 GMT
cf-cache-status: HIT
last-modified: Fri, 07 Apr 2023 01:21:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 51057
etag: "E2B18F8C3D08D57026267F14A3A7FC03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k0%2FAmJrSp9NwDxru0ZtCxTx1KKxp6Zq6hAoqJwv9VgqwjvS7BN%2FxzYlKbvna90%2BzwTuiZ7mFAnXXpAFlmDyIN03dpZDogy67gSsiMFy7pesD1rPPboOqfWlRnvuWuSgw0ua2YX81C1Zb%2BHO41uZN%2FqOmtDA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 839635ad2af40d80-MXP
content-length: 73764
expires: Fri, 22 Dec 2023 09:30:58 GMT

GET
H2 200 yaoshenjiguoyu-fabiaodewoniu.jpg
static-a.xgcartoon.com/cover/ 57 KB
57 KB 111ms
50ms Image
image/png 2606:4700:20::681a:2f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/yaoshenjiguoyu-fabiaodewoniu.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhanguoqiannian_dongtaiman-shidaimanwang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 485be496b6aa2efdab4ee11dc23d7058a67b1aa4838060768c180bba325110b7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:49 GMT
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 03:10:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 101924
etag: "F7F2F4D3C44D9D0D665E0F2B476D3FDD"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZwnEJOjQ3T1gvKPiBHCa69qRsgtqUL4Tl5lbSMrAQ09r3FPmhf453aRlHaq9mDVfds%2BNfaCerRr%2F86ovw58FzJSNhtZVWdZqa2zUQtfEqCu9APjRT4pVSkdjeZ9DtKOpqmC0PtV1P%2BCa3i32w589s6R8cw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 839635ad2af20d80-MXP
content-length: 58137
expires: Fri, 22 Dec 2023 02:40:54 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012312012346000/v0/ 8 KB
3 KB 77ms
33ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312012346000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e2aa31ea0b4c14103915ba7d906536f68d021c22d3038b36c145bc2e6a2cc1d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Dec 2023 17:16:01 GMT
age: 219348
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2975
x-xss-protection: 0
server: sffe
etag: "a9f93cfafa19b094"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Dec 2024 17:16:01 GMT

GET
H3 200 amp-ad-network-doubleclick-impl-0.1.js Show response
cdn.ampproject.org/rtv/012312012346000/v0/ 237 KB
62 KB 53ms
22ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312012346000/v0/amp-ad-network-doubleclick-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d50653c6b567749e8af96b01371c0830a1ab0731ac3e13230bc12913e00c4f52

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Dec 2023 17:16:24 GMT
age: 219325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63654
x-xss-protection: 0
server: sffe
etag: "7d5e78ba8c7d5e5d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Dec 2024 17:16:24 GMT

GET
DATA 200
OK truncated
/ 393 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 953 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 792 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 440 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 394 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 308 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 227 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 154 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012312012346000/v0/ 12 KB
4 KB 59ms
32ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312012346000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c54442f21c2cbd18f8e6e2508129e77dab00b67022621679202cfe3b9baa4e9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 18 Dec 2023 06:27:05 GMT
age: 344684
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3942
x-xss-protection: 0
server: sffe
etag: "4694a1430564add5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 17 Dec 2024 06:27:05 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 39 KB
16 KB 477ms
426ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_header&adk=1412529771&sz=728x90%7C728x90&output=html&impl=ifr&ifi=1&msz=1200x-1&psz=1200x-1&fws=4&adf=2815854195&nhd=0&adx=436&ady=120&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=83003925&ga_cid=amp--LHbvC8WSEEUj3LBsvPjnA&ga_hid=3925&dt=1703225509985&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fzhanguoqiannian_dongtaiman-shidaimanwang&bdt=314&dtd=4&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0066af0a1531ed3f4eca86579c9590e93f944019fa1ce576b032167724f400f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:50 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16147
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: COfWiryxooMDFUIe4AodrrQKZQ
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Fri, 22 Dec 2023 06:11:50 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
14 KB 856ms
806ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_vrec_1&adk=3018598273&sz=320x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=2&fluid=height&msz=232x-1&psz=232x-1&fws=4&adf=1409058554&nhd=0&adx=350&ady=819&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=83003925&ga_cid=amp--LHbvC8WSEEUj3LBsvPjnA&ga_hid=3925&dt=1703225509985&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fzhanguoqiannian_dongtaiman-shidaimanwang&bdt=314&dtd=5&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c28e20f7a454f88927bb699b98e9cda962757250cb0e6243877ef10dcf86249d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:50 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 120x600
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13688
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CMv7_7uxooMDFUYeVQgdrWgFFw
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138351398969
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Fri, 22 Dec 2023 06:11:50 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
14 KB 275ms
225ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_hrec_1&adk=948107268&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=3&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=2674978360&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=83003925&ga_cid=amp--LHbvC8WSEEUj3LBsvPjnA&ga_hid=3925&dt=1703225509985&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fzhanguoqiannian_dongtaiman-shidaimanwang&bdt=314&dtd=5&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f525c8a1e0f49d618f5ed59753c69909674a918c173c70ec2ac5b86b227146c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:50 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 336x280
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13729
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CIzK_7uxooMDFev-EQgdUPAHFg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138324663409
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Fri, 22 Dec 2023 06:11:50 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
14 KB 754ms
704ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_vrec_1&adk=132656383&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=4&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=1627611741&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=83003925&ga_cid=amp--LHbvC8WSEEUj3LBsvPjnA&ga_hid=3925&dt=1703225509985&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fzhanguoqiannian_dongtaiman-shidaimanwang&bdt=314&dtd=5&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30ecbf2238529e1d5983e14e4d2494f39ae1858be1e5de4762e929750b614936

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:50 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 320x100
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13720
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CLn3_7uxooMDFRQJ4AodG3AKhw
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138324663391
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Fri, 22 Dec 2023 06:11:50 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
14 KB 631ms
582ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_hrec_1&adk=156774037&sz=320x50%7C728x90%7C468x60&output=html&impl=ifr&ifi=5&fluid=height&msz=892x-1&psz=892x-1&fws=4&adf=1662822972&nhd=0&adx=954&ady=988&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=83003925&ga_cid=amp--LHbvC8WSEEUj3LBsvPjnA&ga_hid=3925&dt=1703225509985&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fzhanguoqiannian_dongtaiman-shidaimanwang&bdt=314&dtd=6&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f43a30f00a2ddcafd222f6f0f53043d1ea97c7fdf2ab1f56a548f0b96328a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:50 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
google-mediationgroup-id: -2
x-creativesize: 728x90
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13700
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CI7T_7uxooMDFaX6EQgdWGMA6A
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 107027455233
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Fri, 22 Dec 2023 06:11:50 GMT

GET
H2 200 container.html
a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ 0
0 107ms
30ms Other
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012312012346000/v0/analytics-vendors/ 2 KB
886 B 22ms
21ms Fetch
application/json 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312012346000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 21 Dec 2023 16:06:47 GMT
age: 50703
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 856
x-xss-protection: 0
server: sffe
etag: "e666ca0e175b1b23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 20 Dec 2024 16:06:47 GMT

GET
H2 200 ga4.json Show response
www.xgcartoon.com/js/ 4 KB
2 KB 226ms
226ms Fetch
application/json 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xgcartoon.com/js/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/detail/zhanguoqiannian_dongtaiman-shidaimanwang
AMP-Same-Origin: true
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:50 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 10:49:40 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"11d8-187c255423d"
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
cache-control: max-age=180
accept-ranges: bytes
expires: Fri, 22 Dec 2023 06:14:50 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 93ms
37ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8WE8LSVZQB&ds=AMP&_p=3925&cid=amp--LHbvC8WSEEUj3LBsvPjnA&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fzhanguoqiannian_dongtaiman-shidaimanwang&dr=&dt=%F0%9F%8D%B2%E6%88%B0%E5%9C%8B%E5%8D%83%E5%B9%B4%20%E5%8B%95%E6%85%8B%E6%BC%AB%20%E5%85%8D%E8%B2%BB%E9%AB%98%E6%B8%85%E5%8D%A1%E9%80%9A%E5%8B%95%E6%BC%AB%E5%9C%A8%E7%B7%9A%E7%9C%8B%20-%20%E8%A5%BF%E7%93%9C%E5%8D%A1%E9%80%9A&_fv=1&_ss=1&__dbg=1&en=page_view&sid=1703225511&sct=1&seg=1&_et=1000&gcs=
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xgcartoon.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.xgcartoon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A1F1 6 KB
3 KB 29ms
28ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 06:11:51 GMT
expires: Sat, 21 Dec 2024 06:11:51 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 26BB 6 KB
3 KB 28ms
28ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 06:11:51 GMT
expires: Sat, 21 Dec 2024 06:11:51 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5EC1 6 KB
3 KB 28ms
28ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 06:11:51 GMT
expires: Sat, 21 Dec 2024 06:11:51 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5BB0 6 KB
3 KB 28ms
28ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 06:11:51 GMT
expires: Sat, 21 Dec 2024 06:11:51 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 516A 6 KB
3 KB 28ms
28ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 06:11:51 GMT
expires: Sat, 21 Dec 2024 06:11:51 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 widget.js Show response
widgets.outbrain.com/n2d/widget/ Frame A1F1 53 KB
14 KB 85ms
27ms Script
application/x-javascript 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/n2d/widget/widget.js
Requested by: Host: a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com
URL: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 86d45e218fa301b4e1f81d6ecad50c1a8f847e669aa2d9c91f0b487ceb56b67f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Fri, 22 Dec 2023 06:11:51 GMT
content-encoding: gzip
content-length: 13570
last-modified: Thu, 21 Dec 2023 11:55:58 GMT
server: AkamaiNetStorage
etag: "0870125456b597823ee2a02abcdfe5cb:1703160319.705865"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Fri, 22 Dec 2023 10:11:51 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame A1F1 3 KB
1 KB 98ms
47ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com
URL: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 20:48:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33813
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 20:48:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame A1F1 20 KB
9 KB 71ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com
URL: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15452
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 01:54:19 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A1F1 24 KB
7 KB 74ms
24ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com
URL: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 275722
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 01:36:29 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A1F1 203 KB
65 KB 95ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com
URL: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 06:11:51 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 26BB 25 KB
10 KB 138ms
81ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com
URL: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0980710eec750d23efdab8ccc9eb5c98fb66bf99e93c30978fc24b0620a52f28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10281
x-xss-protection: 0
server: cafe
etag: 998849249425960447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 06:11:51 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 26BB 203 KB
64 KB 119ms
75ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com
URL: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 06:11:51 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 26BB 0
461 B 60ms
59ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfNTcQ0LBx2dNNvXKANvtc8f7qT4SNlgVGJUUhZkZ-h6Rm6fHMxjH_iLkmFVKKr7PgIZ5qBRlO2wuD6Rl1Q_jc9go8nhbtjLCrusSZBMepvziaCDrrYVgBjNf4opAE5GYf2SRUfOnmyrN6dSWfVTZPI5DRipf-VjaR2eun9-gbYk2AAR7EaLxKY4G-SUjV_eQxMOniI8YN9jNtMaPtc03Oyoo9qr-aivCIi6M5UXeujJ4Jo76VGTdb-agYCoDLs3nVv4e_KJrjUcYZEWpD_xM-sJxFOKvWLDBCWXJFb16wRtFBkm8FRK2BiwZZtffRkmj4TX4xiPPF4F7tYgqHzOhsaMr7jFVRNoFf04o8Ki_LQG3vgRUwKrwd3juolL1015oXOYJNEDsup4IcJ4sAiw&sai=AMfl-YScygg_fEQT9S-gEEJ6ow0485l9Di6XRyPjpW5bLPb-whjQILqBwTlK0iqv_ZP_FmbIHabtsFStKSeuweg&sig=Cg0ArKJSzM48jWMugnxPEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com
URL: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 22 Dec 2023 06:11:51 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5EC1 24 KB
6 KB 59ms
27ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com
URL: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 275722
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 01:36:29 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 5EC1 25 KB
10 KB 213ms
163ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com
URL: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b4ab467cb9a01f083b4fd37b808ea5797f28acfaa15516286e1701ecd1656a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10276
x-xss-protection: 0
server: cafe
etag: 248113207115717106
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 06:11:52 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5EC1 203 KB
64 KB 141ms
102ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com
URL: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 06:11:51 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5BB0 24 KB
6 KB 72ms
45ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com
URL: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 275722
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 01:36:29 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 5BB0 25 KB
10 KB 204ms
159ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com
URL: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ecba293bbe768ad2ed68b2ebf4c8005b461ec9931529b164ecdd24b95c4eb1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10281
x-xss-protection: 0
server: cafe
etag: 15207393576646646684
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 06:11:52 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5BB0 203 KB
64 KB 123ms
89ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com
URL: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 06:11:51 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 516A 24 KB
6 KB 64ms
42ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com
URL: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 275722
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 01:36:29 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 516A 25 KB
10 KB 161ms
120ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com
URL: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0980710eec750d23efdab8ccc9eb5c98fb66bf99e93c30978fc24b0620a52f28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10281
x-xss-protection: 0
server: cafe
etag: 998849249425960447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 06:11:51 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 516A 203 KB
64 KB 130ms
101ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com
URL: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 06:11:51 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame A1F1 990 B
1 KB 23ms
23ms Image
image/svg+xml 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com
URL: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Sun, 21 Jan 2024 06:11:51 GMT
date: Fri, 22 Dec 2023 06:11:51 GMT
last-modified: Tue, 05 Dec 2023 07:28:21 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1701762077.100249"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK /
b1t-eudc1.zemanta.com/t/imp/impression/Y7CSMQCVDWSNHC5RLCMEURFWNT6FQNXD2ILUL253UMX354PQQDQ5SZEECIFATL4IZOKUJH5ZIH5E3TPMBN6JETBXB3F7NGXYTCDWPAXQQRUGDJIAFR4DTABAM4NWUTM5JYIDVC6QUT7RMBAIX56NNXVTSZ6HOV... Frame A1F1 26 B
151 B 114ms
29ms Image
image/gif 213.227.153.223
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-eudc1.zemanta.com/t/imp/impression/Y7CSMQCVDWSNHC5RLCMEURFWNT6FQNXD2ILUL253UMX354PQQDQ5SZEECIFATL4IZOKUJH5ZIH5E3TPMBN6JETBXB3F7NGXYTCDWPAXQQRUGDJIAFR4DTABAM4NWUTM5JYIDVC6QUT7RMBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NA3QLF2EN4A5LVJXYV7WVOY3RNKUZR2MRJZTRA5A4QAUSIREDQK2JFUYTQM4Y6KNZRI4GT36LLHSIK5G5U4SQYE4JS6BNMW3XR5OGVWPPW47CYIYJPXWNE52KR6WTMP3G6TOVMVOIOOLRBXH3F5HD2EF2JB5ISYBNG5BCB6SJBGEBP6MWNVT37UGAOC6QO6JTQ/?
Requested by: Host: a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com
URL: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 06:11:52 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
H2 200 show_pla
obs.cheqzone.com/ Frame A1F1 3 KB
3 KB 334ms
113ms Image
image/gif 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.cheqzone.com/show_pla?id=93700&ch=%7B%22tag_id%22%3A%221412529771%22%2C%22page_url%22%3A%22https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fzhanguoqiannian_dongtaiman-shidaimanwang%22%2C%22z_pub_id%22%3A%22www.xgcartoon.com%22%2C%22z_ad_id%22%3A%22149592320%22%2C%22ob_publ_id%22%3A%220%22%2C%22ob_ad_id%22%3A%220%22%2C%22ssp%22%3A%22googleadx_display%22%7D
Requested by: Host: a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com
URL: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 22 Dec 2023 06:11:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1898
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0aee8a2ffe083c2e2cd0b56c86bc6928c4.png
zem.outbrainimg.com/p/srv/sha/77/c7/72/ Frame A1F1 8 KB
9 KB 87ms
24ms Image
image/jpeg 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/77/c7/72/0aee8a2ffe083c2e2cd0b56c86bc6928c4.png?fit=crop&crop=faces&w=180&h=90&fm=jpg

Requested by

Host: a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com
URL: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

24d18bcf8211d5ae00302987ae9d022aa37207d9adf7209fea35a98b52612c4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:51 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 1854061
x-cache: HIT, MISS, HIT
x-imgix-id: 17580994ae37060fdac910812b5fb148904c3c2d
cross-origin-resource-policy: cross-origin
content-length: 8452
x-served-by: cache-sjc10044-SJC, cache-fra-eddf8230045-FRA, cache-fra-eddf8230131-FRA
x-imgix-render-farm: 01.140328
last-modified: Thu, 30 Nov 2023 19:10:50 GMT
server: imgix
x-timer: S1703225512.998989,VS0,VE1
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5EC1 0
26 B 60ms
60ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDvHRBkplkWo6M2zvIasSJv6EmYYACocjVA6hAAOja1LaKtcrrrhmxJ-LpDa03aVCJlfr8YEBBjqwqO1g2hgwiBsmORS4VRrgXKn4_LdXnaWfjW5BPeA5mZ3Bo688CuSlNoRKtFJ_y7BE9Qz9jpW6BS2XvCtHW2qMT4sTn2vApGViogrh7AxBaP3Vzw5CQZbvJZAzZgmIBd3dOATLkOyJgwVoC2-3H0asQDyKwPNdJ3ucdSvzPBQ9nhNVs3knnx-zqqduVMR7GEhbFAvviFab9MQvyfKE0ZYlkGEqinibfHICSMKH27RkQ9DyOc_a3nHA7N7_0Z2_M7BNZEA6xOMuUiiroz5Fvs_rJFlTOTfjB_wtts-IBqduCNSF0qtETvpT2h-JpQTfYR2F6dQTt&sai=AMfl-YQv601iTRPjwNC6bNi7KtJChg6APbefdswlOoRRBKym2rTz4NoVfhWACao0rBQ-G7IlWIrni52J_FOQqO8&sig=Cg0ArKJSzEjTP8QUofYsEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com
URL: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 516A 0
26 B 59ms
59ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstC8Dx-y9CM_8nLhFvG3sD4OdxAwltJtArwlzGWMH0xIgpHZ-iKd5dDAcq0660Fu00pbyHshWvanuutctD-flEqBL6_GAPUczNKIAZ0PJoCarblUb4W1mGyIPbdx_SQ1iFJ1Ksn9KFcDODy3_RuH7rjugJXCFlF4j7Hr2_I-3t01BJt_172KLuF86_pTw--8A09lCGyYNLcbiiWp-dGCtnBq_AQ21w2R2pOrQrG2HH1Bg_8P12I2zZBFgGMjm6DrKtCveTYYX-cneb71_ysmneeYHrkVQ6dmIRyfiI3FD_lhrLKqLBKGikJHtrLZ6SICfxROpimRxTwdsxWJXW3utuJJKHC_KwsMqM2gdLKSuV7A7aV4dA3oEKDuVPj0Crdw9WYhzUpD9TL-NLbNAdFeA&sai=AMfl-YQfRlOdqAgrre-ycCCwsq0WvKR1X0JPhsyGvqAiZbcHGkDKP_7I4eYY8FyI6TPup52yCALd2yip6NLQa2A&sig=Cg0ArKJSzARne5YzBGqaEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com
URL: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5BB0 0
26 B 60ms
60ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstEg_xvKFWlNqPRuvkQcwd_-ZvGOr5s9CMRzdqO0Jyygfzq_vJWFN0R5dM3fJz6ST3USZrxi7Hb597KM3dUkiDJPmpDx_-LwczAbirSTOpaD9br4Egnsf27PBXS1ODf_CKGNdihdYnVXS5BlNc2-Mcrhr6h4uoCqL-01b2Fc3j2-mM8TTPZf65Hd27mjCffz9Dzwn34CJp1sgp2UW_hvtcy_m_iSEg1RKjYdf0JftRPiNnSR5IpED0mK1YA7-ISMM0wA6EZ5lmT0eIkx8SaMfworVwHqwfP6wO9eIfnf1ukk2Tm7wZGonvS8c-MsaVeLL2LJvDYmUZx_gmV2FBMRZC3Lirw6JfgYkRWQ0IqV-IC_yrFQd99nq2jO_m3hv44vWSTBDKA0ngyb-3OM--u&sai=AMfl-YR02Yf1z0L5ItkRcozVx-nm3Q-MvlnJ-Qcgpina18aH6d7d1qXmkiDNwnlOv-Hlks5mn3TUoIYkqwVN_s0&sig=Cg0ArKJSzNFzjca--EdSEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com
URL: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A1F1 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 497b9c3ec4bede53c91ea2ff2054bfd480f7b6d9f9356ad35e2bc4fb1d25937d

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 26BB 145 KB
50 KB 113ms
112ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32014a7e2bd846960c3b0307c8ec9e3d8311b651f12d75c9aa932ffd2c7a497b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51240
x-xss-protection: 0
server: cafe
etag: 14103001171909985511
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 06:11:52 GMT

GET
DATA 200
OK truncated
/ Frame 26BB 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4af1b5f4398ffa034c2ad05c91747949acffdfec6ba427b7c4f6f599ac8e06f0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 516A 145 KB
50 KB 170ms
170ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20223ce609303fdb2389120e6975c3703232dbb0b799df76b2c8e222d9268c41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51239
x-xss-protection: 0
server: cafe
etag: 10060998409575725326
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 06:11:52 GMT

GET
DATA 200
OK truncated
/ Frame 516A 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d43d185437c15e3182b51d54fb7c1e8095a27d82bf2e65ebc68c39782a1746e

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5BB0 145 KB
50 KB 84ms
84ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17503ee94d49cac5f87a78b0997d82a4e5d93fdbf77ef70a0259d8bd88f6e705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51238
x-xss-protection: 0
server: cafe
etag: 670700783890568762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 06:11:52 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5EC1 145 KB
50 KB 160ms
160ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e8c7f5e1e7fd1d4c13f6f8efe29573fa84993f0cd6a96e38045ba1ae605b1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51243
x-xss-protection: 0
server: cafe
etag: 8274942171186614207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 06:11:52 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame 26BB 399 KB
135 KB 84ms
84ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fe3c645c964ea2dd1f79f5d41d0bd49565341245ae02452546215712cd50e5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137927
x-xss-protection: 0
server: cafe
etag: 1992429155151092159
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 06:11:52 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 6F66 9 KB
4 KB 72ms
21ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 24779
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 23:18:53 GMT
etag: 5585625838579639069
expires: Thu, 04 Jan 2024 23:18:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame 5BB0 399 KB
135 KB 104ms
104ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d1980b2ff1c1bc1d1a109f41807602e60ffb9d741dd2d20ebdf818b785b0891

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137924
x-xss-protection: 0
server: cafe
etag: 12092095142277381491
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 06:11:52 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame 516A 399 KB
135 KB 126ms
126ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fe3c645c964ea2dd1f79f5d41d0bd49565341245ae02452546215712cd50e5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137927
x-xss-protection: 0
server: cafe
etag: 1992429155151092159
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 06:11:52 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame 5EC1 399 KB
135 KB 143ms
143ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d1980b2ff1c1bc1d1a109f41807602e60ffb9d741dd2d20ebdf818b785b0891

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137924
x-xss-protection: 0
server: cafe
etag: 12092095142277381491
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 06:11:52 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A1F1 0
0 65ms
65ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=COGc3piiFZefrDsK8gAeu6aqoBtesnIJuyur8vP0QwI23ARABIABg9YWAgPwDggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQngAgCoAwHIAwKqBK8CT9AjKk9cfSQ-NAcycHKX5Qe3DdByrTRI-Zs5s123nwD-On-UJgZ06pP0hOZIyqh9LksWkN-NDimD8rHbJd6ZGNSU5nu-JqtbTXayddzpEBQDHxhxgvSg75tA8QA84MuDirnsoP5IdgdNtg0aEmIsYJD_ZMkY6KQqVSXgZWS7SmHQuIhulwwWBy9MKUgVmUNV4UOs1zgmxF5Kv-S4LTBqBdyBJCcERDRZ-jRJwOgtLcTfjMsV3eEceRub-ZYC5hl9UvCnAj4LalqhjJlfFt5X-_8KooaQIMvyRg82dh5LdB8T3cfA6TCp_GW7eauXJPxFz21KAOk-adGFQzXCmqQ3jxuYXeMRDsf319cw8Mcm-2hQK39QVO3NsqwuTgjT8lSlkQYa9U9Cc7SpJM8Vk-je4AQBgAb6hfnvkKbCuuIBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WNar_7uxooMDgAoD-gsCCAGADAHiDRMIq9X_u7GigwMVQh7gCh2utApl0BUBgBcBshccChoSFHB1Yi01ODg0Mjk0NDc5MzkxNjM4GJnSIQ&sigh=aVh75dLglcA&uach_m=%5BUACH%5D&cid=CAQSGwAvHhf__i25NqKFsDYh8Lgmv4kGuKqGefladxgB&cbvp=2&vis=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK /
b1-eudc1.zemanta.com/bidder/win/googleadx_display/fea3054a-a090-11ee-b5a6-b4736448c62c/ZYUopgADtecK4B5CAAq0roAP1ZGq2-mYdeVn3A/ZIZFF7QBPVMSKKFITP53RJNJ4SQTI2SUCOCT424PG72UIGVEHQVJVAG3FZ3NAJHU2YQ7T2D... Frame A1F1 0
99 B 93ms
31ms Image
text/plain 213.227.153.222
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1-eudc1.zemanta.com/bidder/win/googleadx_display/fea3054a-a090-11ee-b5a6-b4736448c62c/ZYUopgADtecK4B5CAAq0roAP1ZGq2-mYdeVn3A/ZIZFF7QBPVMSKKFITP53RJNJ4SQTI2SUCOCT424PG72UIGVEHQVJVAG3FZ3NAJHU2YQ7T2DMQCOHX2UKJSKDYA53YDIPFAGFYSRXIGGEUW2FYBDVY6INB752WRNLUU2WFMEGCUHNKJPEM4TCWPZQWREISQYOKEEE4UWTRMXVG525AB3K7JANIMXHA22DA6TLV6BX3BT2MQQL6UZPYDKMR77FFD4EZC2PDLPW64XJCBUDSXUAEM2VATAVY3UB5CLMZMHDIRC7GVTCNHDSARHUVRV6V5BVTO4EMKLUX5HU7UDUDKEOCAT4QCDSQN3BMRISSFSQQ4VGKRG2GAUQLGXM4HXIKSDWWWXBI5L6RJW26M7NJC3VLUOO6J6H5BGYVGDXGW2UXVGPV3XAYU6BHLYBVLXZSOCUZMMAFTHKRJFSKIPSMB6YB4DCMO2X243ZRZSPG2PNCWCXGKNNFGY62FNRVWQGWHLN66V34JDWR3IXXUZQRDJPVPVTM7HAC2EDNDMFAZXTWKM36FJ3G/?amtw=&cbvp=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.222 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Fri, 22 Dec 2023 06:11:52 GMT
Content-Length: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DB44 603 B
112 B 216ms
216ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046731&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703225511993&bpp=149&bdt=161&idt=321&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=3925&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=615627005&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C95320884&oid=2&pvsid=2759465444458337&tmod=1890942017&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.to3zajitb4iq&fsb=1&dtd=327

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 06:11:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 73D1 603 B
65 B 394ms
393ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046729&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703225512068&bpp=114&bdt=234&idt=367&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=3925&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1520562853&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31080103%2C44795921%2C44807406%2C95320869%2C95320885&oid=2&pvsid=3062246611165342&tmod=1851608902&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.ukscmkyi8lh3&fsb=1&dtd=377

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 06:11:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F652 31 KB
13 KB 688ms
688ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046730&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703225512080&bpp=182&bdt=247&idt=414&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=3925&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1520562853&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320884&oid=2&pvsid=3610774700537060&tmod=1537661235&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ag043tua9fw1&fsb=1&dtd=417

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b023f0d19978e317e8741914f1f87dee1f79b9add3254abea78e07899678ffa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 13365
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 06:11:53 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E025 24 KB
11 KB 408ms
408ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703225512025&bpp=196&bdt=190&idt=500&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=3925&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=615561056&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44795554%2C95320884&oid=2&pvsid=3442845709498204&tmod=1783946257&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ufmhj1qss2vq&fsb=1&dtd=504

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bf1c654a10a7fdd2d0332b5bf36243196745fff286b17744a356e3a9576871e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 11708
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 06:11:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 26BB 0
0 103ms
59ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWGsGtgP1BxiCHbbG-q0vVW73EEPFLHo8_Kx-QXX9TWVRbVW_OsUwsQTHStG9L1ZEs_3ozxTxSkHW2ETcsPSNaPopjv8ksevHhDjwy-PhUKL7uZVyaiBwuwMLh_4t_Mlx_FSKbX9w83OuQLDMshs8QBpNR_wnADMjinpa6Z9hzBd9jTk5qXvzEKKTB3qFc9dhqaFbKijldv7ppewO8pU0QXT9v6HGAuc04n6cR4UBAENHzPYwYeKmcwJ7bu9d6YFpB0c4G_z7M1upRohZK3CekqgLC1Alj-AG94dQEh_OGOx4olGI-ulpiUycg0UyK-OVOSvYFp_TMmRzGydrTl72x_1iuVEXsScwxDpr6I2Dli6JpEnUf7PWS6mxhvjSLyME0yDPxtLhnA5nKbLmV14ty&sai=AMfl-YTb_gi50W3ETvXkqdeJtU8FH13pzGL8EcZjVEPhFvEbSskdXwE7oXS7JyCp57IqeyI1nhYIvnu7ThVuQg0&sig=Cg0ArKJSzPxUu47V00hnEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 22 Dec 2023 06:11:52 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 26BB 16 KB
12 KB 113ms
69ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fcd383e6015bf95bfb9806633d3b90528f4ace6812623ed87cf1ae12380398e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12405
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 26BB 17 KB
7 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 06:11:52 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 73F5 13 KB
5 KB 21ms
21ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 33004
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 21:01:48 GMT
expires: Fri, 20 Dec 2024 21:01:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 948C 829 B
1 KB 83ms
32ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2be10f8e6576c077fa7ce16d275477d11bcaeec29bc15935c24f9ca2de8083d8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kgr6WFIhUiWNtnzviR7fIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-kgr6WFIhUiWNtnzviR7fIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 06:11:52 GMT
expires: Fri, 22 Dec 2023 06:11:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 73F5 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 13:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Dec 2024 13:10:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 948C 0
0 55ms
55ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=2759465444458337&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 73F5 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?J0MWmg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5BB0 0
0 58ms
58ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuG5K-n6lHXQnaH0iPJ95UkaZkwO3-IiEqdWgPJz7kxOoEwffmrECHlOYpKHJvq7AfHy8tpNyGpJ7B1Ft4eMdDEaWayFvldCiHaZSSIdG_jgvntM9L1jmamtgPzK6CmmyDH_hQi7NminVGASOgf7YVwDaSSeNeoAHWIXfL_J5KIeJA3FVrL5p1i24Wj_PrCEzbouC4FEo2zpI1wO37LvJWHmTE-PFVJAfjtQjnQ2TgTmLArMTOGwnNJ_7dhK9unmZ_BfA6yHupCugyK_PsZwEvzDobJpZmCZjV3sncTb3GzOBD34l1LV_qaI6sabdOZ5wxOY8hmAZWG0B-gkfY9IF6kUSiVgzWpF9j_HHVHYAQk0HvXw0JTDa2uR7iX5Y7rH00UYlAuT7kEtToDGbthp4g&sai=AMfl-YQguFIronyfX9A5GD7RL96ue1ou9zAbWHvxIqZ_MOtxr-MB_TQzmKX4U_VkrIi80pHlC47Vi6xYUi93rr0&sig=Cg0ArKJSzL6ic3Y9VIR-EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 22 Dec 2023 06:11:52 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5BB0 16 KB
12 KB 69ms
69ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7f6920b1216faae12808a2e64ba3b1b4eef43e85fb3bb52d964dff2a5386c21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12271
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5BB0 17 KB
6 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 06:11:52 GMT

GET
H/1.1 200
OK / Show response
b1t-eudc1.zemanta.com/t/imp/view/Y7CSMQCVDWSNHC5RLCMEURFWNT6FQNXD2ILUL253UMX354PQQDQ5SZEECIFATL4IZOKUJH5ZIH5E3TPMBN6JETBXB3F7NGXYTCDWPAXQQRUGDJIAFR4DTABAM4NWUTM5JYIDVC6QUT7RMBAIX56NNXVTSZ6HOVWAHYFI... Frame A1F1 26 B
294 B 29ms
29ms Fetch
image/gif 213.227.153.223
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://b1t-eudc1.zemanta.com/t/imp/view/Y7CSMQCVDWSNHC5RLCMEURFWNT6FQNXD2ILUL253UMX354PQQDQ5SZEECIFATL4IZOKUJH5ZIH5E3TPMBN6JETBXB3F7NGXYTCDWPAXQQRUGDJIAFR4DTABAM4NWUTM5JYIDVC6QUT7RMBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NA3QLF2EN4A5LVJXYV7WVOY3RNKUZR2MRJZTRA5A4QAUSIREDQK2JFUYTQM4Y6KNZRI4GT36LLHSIK5G5U4SQYE4JS6BNMW3XR5OGVWPPW47CYIYJPXWNE52KR6WTMP3G6TOVMVOIOOLRBXH3F5HD2EF2JB5ISYBNG5BCB6SJBGEBP6MWNVT37UGAOC6QO6JTQ/?
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/n2d/widget/widget.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com
Date: Fri, 22 Dec 2023 06:11:53 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

OPTIONS
H/1.1 204
No Content /
b1t-eudc1.zemanta.com/t/imp/view/Y7CSMQCVDWSNHC5RLCMEURFWNT6FQNXD2ILUL253UMX354PQQDQ5SZEECIFATL4IZOKUJH5ZIH5E3TPMBN6JETBXB3F7NGXYTCDWPAXQQRUGDJIAFR4DTABAM4NWUTM5JYIDVC6QUT7RMBAIX56NNXVTSZ6HOVWAHYFI... Frame 0
0 89ms
29ms Preflight 213.227.153.223
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://b1t-eudc1.zemanta.com/t/imp/view/Y7CSMQCVDWSNHC5RLCMEURFWNT6FQNXD2ILUL253UMX354PQQDQ5SZEECIFATL4IZOKUJH5ZIH5E3TPMBN6JETBXB3F7NGXYTCDWPAXQQRUGDJIAFR4DTABAM4NWUTM5JYIDVC6QUT7RMBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NA3QLF2EN4A5LVJXYV7WVOY3RNKUZR2MRJZTRA5A4QAUSIREDQK2JFUYTQM4Y6KNZRI4GT36LLHSIK5G5U4SQYE4JS6BNMW3XR5OGVWPPW47CYIYJPXWNE52KR6WTMP3G6TOVMVOIOOLRBXH3F5HD2EF2JB5ISYBNG5BCB6SJBGEBP6MWNVT37UGAOC6QO6JTQ/?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Access-Control-Allow-Origin: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com
Access-Control-Max-Age: 600
Connection: keep-alive
Date: Fri, 22 Dec 2023 06:11:53 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E025 42 B
63 B 55ms
55ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BDy-fbhys_oZTRvUHrr1bFYE6qQ5J3EDc_UulQGKUtZJcCOwoykz0TK19Wy9KsYnHm8gJmLnMI7pdMBcNB-gVKJSi8SqBB-XcSQuxbll6x4nPDGeU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703225512025&bpp=196&bdt=190&idt=500&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=3925&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=615561056&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44795554%2C95320884&oid=2&pvsid=3442845709498204&tmod=1783946257&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ufmhj1qss2vq&fsb=1&dtd=504

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E025 89 KB
31 KB 86ms
85ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 06:11:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame E025 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 20:48:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33814
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 20:48:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame E025 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15453
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 01:54:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E025 0
0 30ms
29ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSbQP02zeCPgUQaMcTzAzZD1J8w3JQ9hSW6Zus4sh2h_nO5VKA66ARrH2UWrPQBEGrKbwDgflTB1J2pJZSMyg2Lm0u3kA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703225512025&bpp=196&bdt=190&idt=500&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=3925&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=615561056&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44795554%2C95320884&oid=2&pvsid=3442845709498204&tmod=1783946257&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ufmhj1qss2vq&fsb=1&dtd=504
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E025 203 KB
64 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 06:11:52 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BCC0 478 B
195 B 62ms
62ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYiNqO-QEwAQ&v=APEucNVTNvgvZ1NrKC9zqFhvdZR7l190LfjmWItz1RmFtnnAFXTCyDXWhgf0r5oPVxN_Vgv5H-IkGRJDd6gink9jK8byxSF4vA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703225512025&bpp=196&bdt=190&idt=500&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=3925&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=615561056&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44795554%2C95320884&oid=2&pvsid=3442845709498204&tmod=1783946257&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ufmhj1qss2vq&fsb=1&dtd=504
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 06:11:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 811F 13 KB
5 KB 21ms
21ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 33004
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 21:01:48 GMT
expires: Fri, 20 Dec 2024 21:01:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 30C7 829 B
767 B 32ms
32ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

47741202325fba0bd94f3ef3ba2a3386d42271ece349cd393cb72fd6928d2d3f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AstLXzio8jPncJuUWSsicA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-AstLXzio8jPncJuUWSsicA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 06:11:52 GMT
expires: Fri, 22 Dec 2023 06:11:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame BCC0 170 B
409 B 87ms
30ms Image
image/png 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYiNqO-QEwAQ&v=APEucNVTNvgvZ1NrKC9zqFhvdZR7l190LfjmWItz1RmFtnnAFXTCyDXWhgf0r5oPVxN_Vgv5H-IkGRJDd6gink9jK8byxSF4vA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame BCC0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkAdCVnkTLn2T7mnyltMpg&google_cver=1

43 B
345 B

46ms
46ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkAdCVnkTLn2T7mnyltMpg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYiNqO-QEwAQ&v=APEucNVTNvgvZ1NrKC9zqFhvdZR7l190LfjmWItz1RmFtnnAFXTCyDXWhgf0r5oPVxN_Vgv5H-IkGRJDd6gink9jK8byxSF4vA
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PeiBbMN3JnpQEErij6vWAB7P0ML8yXhMc%2FgmzFuVmGGEugQqQ%2BolHq1JO28Rn0ImpVjyXOoDv%2BU5DDnS%2B%2BXiv3jZYqbOXu7VbRrnymz06hO8e6l4u8EjrB%2F%2BRVI0clmQ%2FYSQDK6PI0VT3g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 839635c0efe70211-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkAdCVnkTLn2T7mnyltMpg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame BCC0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYUoqRBdT.1sB-VDBam2PwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkAdCVnkTLn2T7mnyltMpg&google_cver=1&google_hm=2

43 B
767 B

44ms
44ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkAdCVnkTLn2T7mnyltMpg&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEYiNqO-QEwAQ&v=APEucNVTNvgvZ1NrKC9zqFhvdZR7l190LfjmWItz1RmFtnnAFXTCyDXWhgf0r5oPVxN_Vgv5H-IkGRJDd6gink9jK8byxSF4vA
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQeCgso%2BNCsZBeB56vdx6GRLr9Dl52nrnTkVT1cpH14MUOCsg2bPmahUOWaqmns8flj5d515TLHt4w%2FlbbRDvGpTaEf7FMVZUtuWLObH7MeYB735Lmwl%2F0lqR99ZXD6MNvoSrDKwc4Xwlg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 839635c16e790204-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkAdCVnkTLn2T7mnyltMpg&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 30C7 0
0 55ms
55ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=3062246611165342&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 811F 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 13:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Dec 2024 13:10:41 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E025 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2465509911556&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E025 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2465509911556&version=m202309260101&ct=2&x=1&cor=14309667913922925000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E025 76 KB
34 KB 198ms
198ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dd3XXDvcDwDWicKUMS2b9h5VuFZgiRkB9LF2RJFNMGT6gA4Hgx8UxqKuQglCl6E1pEEZruyiE1vJRimsLqiCGzkJHJ8E9qPXYs-1baIg7gH68N-T9doM6dbaQfl8mjlqgMMjqX4P3ObNEfB-YfOi1G7Ox0eL2DHpldIMwK5MnbCoNgBUU&cry=1&dbm_d=AKAmf-Dn7-Q6bkSabE-HNR21hVWVKa4E8Q9PCFlOCGgCEUCXTs9A0kqnlDzZoD4O9X8YYv3sxcL9kJ00VHx3Xr71jBzkmnjFJb-Qukt_GgasYsjBuXqFs_LMI5XCvtD6TuI6q6nPDefJYwMLF-Amamk01rLDHItwIo6F6Ddtg_7CeZ_lry-jpaK-Wuz2dKkNmzSB9rgdvVlznazNwLZFVSzdmyx1R8wwkJo9oHaJm_9585erzlENnSU80PlmVszK0-27O5dRyzEWarlZ944SeZK6_1CdR440E0kBX0ynrxSS4PLEokMtFkmIppr22UmzETKR23IftK3sVyalM4Yce-EbxJqEFh_xKx9EDMbvvdHqFogw8EpeE4EPLT-7LpSk2sir7MeTVTu6RNwxtaRlIO-BmHRzt8UMzkJpvZG2FNnRLEmBslm42HZ6_q-RS5j5vSAb3CLniGxES1hktNcWmV4FJGq_-iYX5C0cYxoGRbTCymbu25mnnAZmRk-ylaXIJYSPBNNqL95K1tO1Z2xYTDP1ov72BKs0EyQi2l-Wqudw1F-I1RcDRFGDGTmN1Hm7gP5BZlxTznuWahOWZ5uu24vl1eeqURrIku8sTXUrsxPr-bdW03mcaCNZEHcM2iRtAGo2qaPgMT4zz0qfd-miORY9NmYUMBU5L6vSGMql3JUxd68x6uDrHkgTh-bCiaJ4ED5_PFnN6KVotHz7AtEsTIY8PrWmuyDddVXVxKavW-bioDd_tx4UkaIA4sPzEa5MuY8oa3FgeFSRgeNwXU4md55TA7LJIC1_8VFtAH8foMO46Oo8Oj6uuzDscahJcHABpHt96_KmAgc6HHsUYVA0risiz_cq5HppMZvvjYc8hvfgAi40MyByFbX94vUkxA0uVARfRTS4LnvDA0SP0AFkXTkHb1TsBrEb2OIQdHYp3OM_55fxwfYZl-uEdI-sqV-otMnpGQxvvs0Ks1faPTHybdWoH1zfqiAfkiiUWOdTc1K3EthKQbYyYOhGgr2IWAQcC96d6nkIRsKRtI6zz5Pr-wnl9LcLtijLq3dFQ4ivPYemQlDZnO85TxM7diSdtvs3MXB-XTj2bwQ4kmZIOZEo65jntlLQNeUnGPgfNT0AW5OJFHXwRRYWwfQe5dU5Gn9Yxy_SCAzxNL_2dgMOzJI2WpmEcIfBJE763C3ZSV6vr6aEmylu2hltEjO8YC-2yfqDM6fzBJ5SHabVT1NxGgVrEeY90M27AJtk6m5VeDyogT0ZdYR18XC36cV8gk0WLF8TaAzhZDPigg3HMJj5_NWJR7P7ITgpGYYELhr9BP0jAk3ftJ9AZz66rEw5hWfvcdStvTcQZ-AYTOa9CBvCXhtzndoL1AYZcnMkY1etMbizUcTF6iY8p5WopOs1db4b5ze0lHoe3JZgHcCqJV45QQrOfs0MCDMvj8ZiFu_1DmvDk5M32CuZnM06zUqKaKBa4QFi_cbxOpee7A0_f7YYAkAohZtKkKj6MnKNP1HgjwXR2nhRW7IdrtnZvbObBeq03wJ-f-lHGvNVgkbcak_qcMIdpigZCoz0Y3ZWp46jMpy1kSps9hGeBIE901nomWDZq1v2xQ5NyJF09wXVKYI97dY5hXuUBiYtFYIuN5AgmkfnGolOhjBiWc-cQNpTNUpKq_IdyVDxEPIo4vu3FgHm_n0-TJRWYMxRNDRznuS66NSdlxf6NfhSfxw6LkRu7xTMbxMgbe70LBZNgfFvoKePqpq3GvNU58etyoQngVqzt3-7He8VEuFTdq2ppcjXHlRTMXtx6VkA9QXF-T8oBWqBJwJhoaTTW0XhzkQBFsR5GWoGc16v-9sr4yCUmy3S9xR5fGlK7j4FMggvO_22J-SHXlVU5BVfE903_-qj16nMG4WGih90Z8XMOSJkdANV-tVFKjuixvBBXSn8T5uuYGX7L-1zG5A_-hCo2CqDE3NpABOOP2spUwU2mz2tokLxvZi82PuL0KOYRlk0gcIVYFqmhlY8OdWNBvC0p4vVpksxjlNK465xsti7JD_QcDC2FXg2atHWx4GrgmIX5rjpvH1JpBPqZIw1sZTYLMiV3yht7uOyPrd9aijCByhYkz8KADLrMNMmQXtSSL2wGaZTNLglblaSSiuCoEy9crsrwa50mOXBF7MGeXBrfqm04HXpry5UJRkvHJk9H79vOPFvbyEFvh4ab7PLOGqiH-GphpfsvZXTWRKJgCru_GagbkV7D_tcmGE_mD6GSQacCPmj_dROG3oJTPK7j5j9kcGftgRirDZ7IuNd2BA8Wv9XjTNi0HVHGwfN1835-20n7r5X4O26rLs5hKBv3fToR7rjjVLfma-MWUigGxCRoP0zRwSB-MbS7WGKMyOT7wUT_8ycV7b3jNhI-iVe0F_ZEzyRNrexdpy-SqCZNdTT-Of5fvxITGi2cszDnunfdkBGV6stzwGxKwfPnxlaJLUQ_PSSBO3_s71VlJBOpSpqgJkaW_NmNBioaGXLOaJk18kl7YcXV1X1osT-hDvcPddnSJmusisGjhQVN1nziLOlpasWhNcJ_fdJ0ZMd5_GqqEjIwih8LfAA9DnObiQsrKx1DGv7n3PsAusYIgEUul_nI8sDLNFpunCctXsH6CesjuTwHIj8S1yXV0wn5mxX2_uaQnesUAwsxhT8VGRpD5aH4LgveVIGtLaJny75Cvl_g8JlOryu6IbFNEMDHtyuFfJ-NO2fPa-Zh4r_yH4zlkjxuTRQNsVeGY437EJy6asEkZ8mCIk52WbiAwMfX7BW9CsRb8ueBfFuiwXekUYnocIrJWmabJ99LwdrFbZCGyrSwKV7PVrW0tbsCdinXX880hfT-R5-ngNfg18F0wQywCLxQ_otRMSEbHIIlndvI883PMTjphT3qcLNO1lvjhTowkTghU6nunPqSJ7PDfSpqIxRySGsbwJv2MulvJZ-uK0B3LYLXkGJjHL4EeFf7lmmx0oDdn416B0yNZAoazIyvpOxMHQTHmp0ilLfNzr5RegIt9uqOJc9yfohPVy3b0qQoY8E4gBVNG5XSqKo3jTfY9JaGv_Sk4XxyCChpW7SbICjlqN4NkPwod55fLzaO3VDvemFtwGH25exz9Ep4dKY_K5BtSbOZ3sjt1FqFVfQhxBZ36u9UML4J8UVmVc3cwP0p8266w40157n0T4VIEO0eOSgYRPNjwBGVGS6Zq7N23MLHIvx5fSxScYyFzMAf7pDrkVe41BQXfcPZ7l2PRaUAeKXqWaiC31WTUTud9Kj6Wp9BMNHLVaHt8kMynuLK3J9KU5XLw1bTe4HN03HUKArHsp8GZcWRCZ5pG7h5HLdJyngLulZdTaWYpitqKJW0oibLxt2-p7ESxmEZc-UGmvJjLZZ_p90oNRncgBNEOymRcNyAf20Coz7H_G16bSOLNGGaZenCDVzKllNIJwUQP60sLgfh2QUmA10IOMCmsYATZQFiBgZaTBeXgxqWKZYvc_ryUd3aBFvj3zg5JVZLlK_rOpoWckbLKadJBcN0Nt2j7JJ4BtuAuAQHbKI0sxImoJIau0J8AVrcj5gfn-3EIQyFsIqB4lyOlAe4PHwhXepeI_QU4NQyFV_UL18FWkwp_HobWYUpvUhW9JK6lZOlEkrbwEw7kQX-72cAi2a0POJkitFP5zGiGoeBy0GzwB8e2W93qKfgl_Gdg&cid=CAQSKQAvHhf_kKbXQb1NGrdjTjSbsxVNoGUxvTdp1tFCjj9bMURQZDNzJEzoGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=14309667913922925000&adk=1761367584&idt=92&cac=0&dtd=20

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e192a14be7d5b9bf6b3df8e6c7e1b05eb683de4a8824ba4c32018cd7e9a431d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703225512025&bpp=196&bdt=190&idt=500&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=3925&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=615561056&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44795554%2C95320884&oid=2&pvsid=3442845709498204&tmod=1783946257&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ufmhj1qss2vq&fsb=1&dtd=504
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34410
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 811F 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?hE6i9w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 87DA 611 B
263 B 62ms
61ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDpgb2LBBjW3oOCAjAB&v=APEucNW9i8ckzhqxCc8X_RshCd0vv7GodR0bkCclOwNsZdWB08YifgyD-Q7z94a13cSrGdnRyj405BtlgrZrUl3qXDQhL5FuvQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046730&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703225512080&bpp=182&bdt=247&idt=414&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=3925&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1520562853&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320884&oid=2&pvsid=3610774700537060&tmod=1537661235&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ag043tua9fw1&fsb=1&dtd=417

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046730&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703225512080&bpp=182&bdt=247&idt=414&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=3925&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1520562853&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320884&oid=2&pvsid=3610774700537060&tmod=1537661235&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ag043tua9fw1&fsb=1&dtd=417
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 243
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 06:11:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8FFB 89 KB
31 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 06:11:53 GMT

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame 8FFB 32 KB
8 KB 112ms
47ms Script
application/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046730&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703225512080&bpp=182&bdt=247&idt=414&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=3925&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1520562853&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320884&oid=2&pvsid=3610774700537060&tmod=1537661235&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ag043tua9fw1&fsb=1&dtd=417
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 6356dca74d480f9fe67e7a08ad460f342880cfb3004f3ef6d8df6db39edae277

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:53 GMT
content-encoding: br
last-modified: Wed, 22 Nov 2023 10:00:03 GMT
etag: "3305548861-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8362

GET
H2 200 js Show response
ad4.adfarm1.adition.com/ Frame 8FFB 3 KB
2 KB 87ms
26ms Script
application/x-javascript 217.79.188.46
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.adfarm1.adition.com/js?wp_id=5158023&clickurl=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs-IChABINPLzjBg9YWAgPwDoAH39-mEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU_QZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp_jez14FR3iJeGBhk9OLmJFUwQ-Jj7dVDPBW6-pJbKNLMRY9s65PHX2Hu_H_42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns-EPL54-b4RoNvJOI5MrfrkvI5dcdl-uBQExzVs2OX_CyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT-HxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr-eAho-OxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB_evuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G-ihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE&ae=1&num=1&cid=CAQSKQAvHhf_WWD4KqI5iBatyABp2nyfhBge2CDWmuVF-7djp2Q1UesePTD1GAE&sig=AOD64_0DY5KJ-88bLOVxqRwOtfnRTzr_Mg&client=ca-pub-5884294479391638&dbm_c=AKAmf-AnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD_ZtnwTvu_thj29K-a3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR-q0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq_CNRKgYgmRSK4U8N4LRPJoM9qe1S8&cry=1&dbm_d=AKAmf-CDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT_BbJITVyi5Y2syY-TV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF_mI7GKtIXF05X-MSbt0VNFV7L99800KJyBmr-67fFFrgbjCqKsyhAkISTLJvOQmwDPj0_t1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy_RSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ-XGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo_ApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8-wqTZydjht3ijOnahT&adurl=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046730&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703225512080&bpp=182&bdt=247&idt=414&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=3925&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1520562853&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320884&oid=2&pvsid=3610774700537060&tmod=1537661235&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ag043tua9fw1&fsb=1&dtd=417
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad4.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 37b0db1ebc7324b38fadba0ac2e611678acbfa87801103a2afc58ca1f429f2a6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Fri, 22 Dec 2023 07:11:53 +0100
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8FFB 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 20:48:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33815
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 20:48:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8FFB 20 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15454
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 01:54:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8FFB 0
0 30ms
29ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTkoDD1_yMZBoO_k0DlnkgrF00xUtdY-zSWdMwNjPgCS35ojlLFiqWzVYusQ4No3S7Ekbofxv5YJ26QkfOK1yi00FnphA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046730&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703225512080&bpp=182&bdt=247&idt=414&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=3925&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1520562853&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320884&oid=2&pvsid=3610774700537060&tmod=1537661235&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ag043tua9fw1&fsb=1&dtd=417
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8FFB 203 KB
64 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 06:11:53 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8FFB 42 B
63 B 55ms
55ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C1WnAYlzjQ871JCKAB977EfM1BPMg4rnxKSMghu0HVw_X7Gjlk8fOzUdptnaJhrnNhQOHzs3BfF05mir5cydBDqZ1_-C6rLA9dXOktj8hixo_HAK0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 87DA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHjZCKAsWQhuJjL4KanwmjY&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHjZCKAsWQhuJjL4KanwmjY%26google_cver%3D1

43 B
888 B

29ms
29ms

Image
image/gif

185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHjZCKAsWQhuJjL4KanwmjY%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDpgb2LBBjW3oOCAjAB&v=APEucNW9i8ckzhqxCc8X_RshCd0vv7GodR0bkCclOwNsZdWB08YifgyD-Q7z94a13cSrGdnRyj405BtlgrZrUl3qXDQhL5FuvQ

Protocol

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
an-x-request-uuid: f2b4226a-89b5-474d-b2d9-a7bf72631866
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.10.106.9; 176.10.106.9; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
an-x-request-uuid: 5d68161e-2014-4a51-8695-43bdf6be16c2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHjZCKAsWQhuJjL4KanwmjY%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 176.10.106.9; 176.10.106.9; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 87DA
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYwNTg3MTMxMjAzMzQ3MTg4Ng%3D%3D

170 B
188 B

32ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYwNTg3MTMxMjAzMzQ3MTg4Ng%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
an-x-request-uuid: f2c5c0ea-275a-4f72-a746-0e91aa43037b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYwNTg3MTMxMjAzMzQ3MTg4Ng%3D%3D
x-proxy-origin: 176.10.106.9; 176.10.106.9; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 87DA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIBK57CRoW9_v_4ybAqqe_c&google_cver=1
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEIBK57CRoW9_v_4ybAqqe_c&google_cver=1

43 B
163 B

33ms
33ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEIBK57CRoW9_v_4ybAqqe_c&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLDuBhDpgb2LBBjW3oOCAjAB&v=APEucNW9i8ckzhqxCc8X_RshCd0vv7GodR0bkCclOwNsZdWB08YifgyD-Q7z94a13cSrGdnRyj405BtlgrZrUl3qXDQhL5FuvQ
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEIBK57CRoW9_v_4ybAqqe_c&google_cver=1
date: Fri, 22 Dec 2023 06:11:53 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 87DA
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjMwOWUyODQtNjJkNy0yNzM4LWY4ZTctNTM2YTU3Y2FiZDE4

170 B
188 B

31ms
31ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjMwOWUyODQtNjJkNy0yNzM4LWY4ZTctNTM2YTU3Y2FiZDE4

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 22 Dec 2023 06:11:53 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjMwOWUyODQtNjJkNy0yNzM4LWY4ZTctNTM2YTU3Y2FiZDE4
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame E025 31 KB
12 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dd3XXDvcDwDWicKUMS2b9h5VuFZgiRkB9LF2RJFNMGT6gA4Hgx8UxqKuQglCl6E1pEEZruyiE1vJRimsLqiCGzkJHJ8E9qPXYs-1baIg7gH68N-T9doM6dbaQfl8mjlqgMMjqX4P3ObNEfB-YfOi1G7Ox0eL2DHpldIMwK5MnbCoNgBUU&cry=1&dbm_d=AKAmf-Dn7-Q6bkSabE-HNR21hVWVKa4E8Q9PCFlOCGgCEUCXTs9A0kqnlDzZoD4O9X8YYv3sxcL9kJ00VHx3Xr71jBzkmnjFJb-Qukt_GgasYsjBuXqFs_LMI5XCvtD6TuI6q6nPDefJYwMLF-Amamk01rLDHItwIo6F6Ddtg_7CeZ_lry-jpaK-Wuz2dKkNmzSB9rgdvVlznazNwLZFVSzdmyx1R8wwkJo9oHaJm_9585erzlENnSU80PlmVszK0-27O5dRyzEWarlZ944SeZK6_1CdR440E0kBX0ynrxSS4PLEokMtFkmIppr22UmzETKR23IftK3sVyalM4Yce-EbxJqEFh_xKx9EDMbvvdHqFogw8EpeE4EPLT-7LpSk2sir7MeTVTu6RNwxtaRlIO-BmHRzt8UMzkJpvZG2FNnRLEmBslm42HZ6_q-RS5j5vSAb3CLniGxES1hktNcWmV4FJGq_-iYX5C0cYxoGRbTCymbu25mnnAZmRk-ylaXIJYSPBNNqL95K1tO1Z2xYTDP1ov72BKs0EyQi2l-Wqudw1F-I1RcDRFGDGTmN1Hm7gP5BZlxTznuWahOWZ5uu24vl1eeqURrIku8sTXUrsxPr-bdW03mcaCNZEHcM2iRtAGo2qaPgMT4zz0qfd-miORY9NmYUMBU5L6vSGMql3JUxd68x6uDrHkgTh-bCiaJ4ED5_PFnN6KVotHz7AtEsTIY8PrWmuyDddVXVxKavW-bioDd_tx4UkaIA4sPzEa5MuY8oa3FgeFSRgeNwXU4md55TA7LJIC1_8VFtAH8foMO46Oo8Oj6uuzDscahJcHABpHt96_KmAgc6HHsUYVA0risiz_cq5HppMZvvjYc8hvfgAi40MyByFbX94vUkxA0uVARfRTS4LnvDA0SP0AFkXTkHb1TsBrEb2OIQdHYp3OM_55fxwfYZl-uEdI-sqV-otMnpGQxvvs0Ks1faPTHybdWoH1zfqiAfkiiUWOdTc1K3EthKQbYyYOhGgr2IWAQcC96d6nkIRsKRtI6zz5Pr-wnl9LcLtijLq3dFQ4ivPYemQlDZnO85TxM7diSdtvs3MXB-XTj2bwQ4kmZIOZEo65jntlLQNeUnGPgfNT0AW5OJFHXwRRYWwfQe5dU5Gn9Yxy_SCAzxNL_2dgMOzJI2WpmEcIfBJE763C3ZSV6vr6aEmylu2hltEjO8YC-2yfqDM6fzBJ5SHabVT1NxGgVrEeY90M27AJtk6m5VeDyogT0ZdYR18XC36cV8gk0WLF8TaAzhZDPigg3HMJj5_NWJR7P7ITgpGYYELhr9BP0jAk3ftJ9AZz66rEw5hWfvcdStvTcQZ-AYTOa9CBvCXhtzndoL1AYZcnMkY1etMbizUcTF6iY8p5WopOs1db4b5ze0lHoe3JZgHcCqJV45QQrOfs0MCDMvj8ZiFu_1DmvDk5M32CuZnM06zUqKaKBa4QFi_cbxOpee7A0_f7YYAkAohZtKkKj6MnKNP1HgjwXR2nhRW7IdrtnZvbObBeq03wJ-f-lHGvNVgkbcak_qcMIdpigZCoz0Y3ZWp46jMpy1kSps9hGeBIE901nomWDZq1v2xQ5NyJF09wXVKYI97dY5hXuUBiYtFYIuN5AgmkfnGolOhjBiWc-cQNpTNUpKq_IdyVDxEPIo4vu3FgHm_n0-TJRWYMxRNDRznuS66NSdlxf6NfhSfxw6LkRu7xTMbxMgbe70LBZNgfFvoKePqpq3GvNU58etyoQngVqzt3-7He8VEuFTdq2ppcjXHlRTMXtx6VkA9QXF-T8oBWqBJwJhoaTTW0XhzkQBFsR5GWoGc16v-9sr4yCUmy3S9xR5fGlK7j4FMggvO_22J-SHXlVU5BVfE903_-qj16nMG4WGih90Z8XMOSJkdANV-tVFKjuixvBBXSn8T5uuYGX7L-1zG5A_-hCo2CqDE3NpABOOP2spUwU2mz2tokLxvZi82PuL0KOYRlk0gcIVYFqmhlY8OdWNBvC0p4vVpksxjlNK465xsti7JD_QcDC2FXg2atHWx4GrgmIX5rjpvH1JpBPqZIw1sZTYLMiV3yht7uOyPrd9aijCByhYkz8KADLrMNMmQXtSSL2wGaZTNLglblaSSiuCoEy9crsrwa50mOXBF7MGeXBrfqm04HXpry5UJRkvHJk9H79vOPFvbyEFvh4ab7PLOGqiH-GphpfsvZXTWRKJgCru_GagbkV7D_tcmGE_mD6GSQacCPmj_dROG3oJTPK7j5j9kcGftgRirDZ7IuNd2BA8Wv9XjTNi0HVHGwfN1835-20n7r5X4O26rLs5hKBv3fToR7rjjVLfma-MWUigGxCRoP0zRwSB-MbS7WGKMyOT7wUT_8ycV7b3jNhI-iVe0F_ZEzyRNrexdpy-SqCZNdTT-Of5fvxITGi2cszDnunfdkBGV6stzwGxKwfPnxlaJLUQ_PSSBO3_s71VlJBOpSpqgJkaW_NmNBioaGXLOaJk18kl7YcXV1X1osT-hDvcPddnSJmusisGjhQVN1nziLOlpasWhNcJ_fdJ0ZMd5_GqqEjIwih8LfAA9DnObiQsrKx1DGv7n3PsAusYIgEUul_nI8sDLNFpunCctXsH6CesjuTwHIj8S1yXV0wn5mxX2_uaQnesUAwsxhT8VGRpD5aH4LgveVIGtLaJny75Cvl_g8JlOryu6IbFNEMDHtyuFfJ-NO2fPa-Zh4r_yH4zlkjxuTRQNsVeGY437EJy6asEkZ8mCIk52WbiAwMfX7BW9CsRb8ueBfFuiwXekUYnocIrJWmabJ99LwdrFbZCGyrSwKV7PVrW0tbsCdinXX880hfT-R5-ngNfg18F0wQywCLxQ_otRMSEbHIIlndvI883PMTjphT3qcLNO1lvjhTowkTghU6nunPqSJ7PDfSpqIxRySGsbwJv2MulvJZ-uK0B3LYLXkGJjHL4EeFf7lmmx0oDdn416B0yNZAoazIyvpOxMHQTHmp0ilLfNzr5RegIt9uqOJc9yfohPVy3b0qQoY8E4gBVNG5XSqKo3jTfY9JaGv_Sk4XxyCChpW7SbICjlqN4NkPwod55fLzaO3VDvemFtwGH25exz9Ep4dKY_K5BtSbOZ3sjt1FqFVfQhxBZ36u9UML4J8UVmVc3cwP0p8266w40157n0T4VIEO0eOSgYRPNjwBGVGS6Zq7N23MLHIvx5fSxScYyFzMAf7pDrkVe41BQXfcPZ7l2PRaUAeKXqWaiC31WTUTud9Kj6Wp9BMNHLVaHt8kMynuLK3J9KU5XLw1bTe4HN03HUKArHsp8GZcWRCZ5pG7h5HLdJyngLulZdTaWYpitqKJW0oibLxt2-p7ESxmEZc-UGmvJjLZZ_p90oNRncgBNEOymRcNyAf20Coz7H_G16bSOLNGGaZenCDVzKllNIJwUQP60sLgfh2QUmA10IOMCmsYATZQFiBgZaTBeXgxqWKZYvc_ryUd3aBFvj3zg5JVZLlK_rOpoWckbLKadJBcN0Nt2j7JJ4BtuAuAQHbKI0sxImoJIau0J8AVrcj5gfn-3EIQyFsIqB4lyOlAe4PHwhXepeI_QU4NQyFV_UL18FWkwp_HobWYUpvUhW9JK6lZOlEkrbwEw7kQX-72cAi2a0POJkitFP5zGiGoeBy0GzwB8e2W93qKfgl_Gdg&cid=CAQSKQAvHhf_kKbXQb1NGrdjTjSbsxVNoGUxvTdp1tFCjj9bMURQZDNzJEzoGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=14309667913922925000&adk=1761367584&idt=92&cac=0&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 20:42:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34166
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
server: cafe
etag: 16225921609732785849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 20:42:27 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame E025 11 KB
4 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 01:57:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15235
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 01:57:58 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E025 0
0 131ms
65ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvKyGtwt0jihguIy_jkyz4zrKQzazSGwIsoYZ_uq0iLaKPdz1KpjjuExhVDDQKX0m-y4a414rTRlbtLHZZcQaWn293ojCXMQVnhI4LtArYtSbcyOOl6AvcfDccktAy9qq7pNgzo2yRy7q6KaJ_LlgF39ISzJ1QoIkknsU7RVeKpOITEtrTNSM6dHWCPvEL93jrZCXIfzT-PxoKDOUYclj1mdo8R4i9OXDNbDy5GL0sq5Rw_bxswfgQsZ8G-dAYXy8T-QdqmFWy48_JS_TkmcJOcZsJBlApwfZjMAkBB9KrGpV7xbelCerWk6eTj3ps2iMdpI_hSgcC1rjqycDO2avhqoy4Y5G-6iyPwkfQJQd1M-DzRPi8dPs58vx-vhvee0pqAbWmf7tNj1JfncC2JW3dvl_mMU5thOBjocp8Hv71lsEoZmx96TxinzWADyitno-rzZnFZseA4CGzHSjiqos2d74YmsF3wcMIhFnjzdSMRYbinvRluKXjgCfxVAxvWbRfjh1y6Qj4DUiUUa5sX9fpGaqxbJpGRpZguf-HS1U9bqFTxl9-SQoEtjzz6FjfYv_tkV1XE89Ltj7TeMPKpKWhlC6GMQnw5IVg969QAoL0juE5aQ5oxPPbDK4h83JmiAITZqZHXpgOZAT9-3Bbd2WJSfaDafhC5zOEmjZydtdELErCYf1i56VNspkyiuFHYwVVJQ4WDc8TVaLClaXVVBw59hPwVaGzwQWn0OmkXc5L4rUiVmLe8lxINqhxX4mj0yut05TZ3fGNuT0TFXpM7vOYHp8Z-tICKSvcTLTTAbVusXj9ukwAJIPYPp3koCsndfghs8H7MAaJClKKF0oZkrKyD_hoPGH9yWQnCdNhlsUh6UFpSQmFHuQfMbtBms7gyOU98Wf42bdMclTZD-xIml9pXsr4V9sEakgSiVVvPDN6mUP8PEYfo6bkPIWNMTbSN2UrkFyG4GSGRG2C5c4_hDgXZhPvK9Ecn27fVlYpgtWYIcMZPlnflajFJac3SDma0tFTrDbik4XhEKfqjwbcrwSJvEjuuB2CX6s91klzJ8zkuhKqQosnUeiTww8RgiXrQXLOHqAIY5oE43Rai2TNHCjJLUlOHB1ePIoA8Zwl6DFiJwAm5cK2vdDxzeKPJj4i9uyFW_mGDtDBlEzBOV3Wcat2FRJ_Uf6FOCfItAMbxwaPQvAb-lisolJzWDMUt5I0pUeJiSFqq4GIVm19xDjMVSZyqHd8GQMS3k_aHQvUluT7SGXmnWPxABsybrbJCeBfNRItreUmBbW7NBlsgmyy_CuSN1uOOLmFxPjQ7L5Ma0W4fZ2s9tGkaae0-kh8LFZR5JWWeFxNcLS8&sai=AMfl-YR6ycMMuaks0cCXB3rTyzDWOBIkrZMDvjg6DX3d0XD6I1_AxtDO0GyLPG5z4mpFR2wzxNLvKitsMJmSHk9lJ7VGxbOFUF9KPk6FuJ2cwjfRWkJ6vELh21G1gyLvZw2eDH-Td3yc5NDcQhGb9azwbEeIBEUJw9C7buvysyLJrC_XrNJbFZTiQvkrTbf6VWvTZeOOsiaHE9GN&sig=Cg0ArKJSzB1dGkfUU15ZEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231207.60254&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 22 Dec 2023 06:11:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame E025 41 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 562005
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Dec 2024 18:05:08 GMT

GET
H2 200 8411133709549856293
s0.2mdn.net/simgad/ Frame E025 90 KB
90 KB 87ms
21ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8411133709549856293?sqp=uqWu0g0HCFoQ2AVAZA&rs=AOga4qliv44MNp5ytI_cEPcYRZ4mK5Fj1A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45dc5467396c7907b5b695e08722a97ef3ba6b6abb94de8fa75f54ce13502d7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:54:10 GMT
x-content-type-options: nosniff
age: 249463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91795
x-xss-protection: 0
last-modified: Fri, 29 Sep 2023 09:55:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 18 Dec 2024 08:54:10 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1A3E 1 KB
643 B 22ms
21ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 34319
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Fri, 22 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A1F1 42 B
64 B 59ms
58ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvurMyoHmzf5g7KUZW40ozyC97WW3Vx1WTJNkqtjYRPVlc_NEHYMV_OfVRWXyL4yQ3xkoocOlGefETVhe7Yaa6bytVvBmBelbtrrIZ9THqfe3tPg-VXyGKv&sig=Cg0ArKJSzGMhLqtMJqtZEAE&id=lidar2&mcvt=1026&p=0,0,90,728&mtos=1026,1026,1026,1026,1026&tos=1026,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1412529771&rs=1&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703225511781&rpt=481&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E025 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be84a66669bfea469df00fb17cdbe0b0b8c10abab7c43c324125aebbd0a65a75

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8FFB 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4310534707219&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8FFB 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4310534707219&version=m202309260101&ct=77&x=1&cor=1003283668693038800

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8FFB 33 KB
19 KB 211ms
209ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CKScCFYEqw16MZ6zW3Z_eFLx3-r9gwtpH8_G4EvBIgBe5vkBl5sV4dyS7pw0vEo0hfHm7AnIk5HFV_k26ECdVRf21hS6J7zGL_SG7ZRjANhf4fSfWeNrph4slenvNRZVpZKzwYycWOTW3-CT7ESf3I50vHyoRCl-zViALJCK9GE_iyz40&cry=1&dbm_d=AKAmf-CHUTLFSG0RhN-6tYjqD8edB8AS4NZ-fSsgVrCSBvXDFBhIkci1OS1Ypc6OPf9nSD-EbbXF6Et73EqzG-aDHYvVS6HIBxfU8llEPvHua6dhhAFNNBWy-b20B4jdBmGIf7Q69ivo1cvu2hkrQ4-mnSIbfpCLg47lhTmvtpCWSABtZ1NW4VTKPiDrxX2bNePMEfrrL5R74vFp-2a2j_RjpaRFkV6xuo8z7ousax-lvjY48lNJc9foD_iHNb8sF71MymSPDR-xQDIY3OuV6_V2xilmEiPs9AY9slE0VxWGSh71Yr7SRhuN2glnCk2VozD3kaJ1WPQRyf4gfVUe9vn3i7NKRmzYXcZUJOD_NB8-iXCWaZa4fV3CBfFcrAG6ZmurQSVdisrhZFKWLCNAlUnp7XD2lyXSejIvJDxcDl5EOmDb2o2vlBWC2O55KWfDhTehNuQA7-jUJRaQ0s5ad8BQA7kCUXB3ObwfRzTHoiw0BYgYPV-5_JIxLiXVee7l9IM_juQvGsk3fZ70EH8owijvgXlUz7SuDjW1CZJtITYzpSPAbLXNcCTArE6L41v8e3v385fq4Zv7PMSI1FYl5NzVqSNa7sNRWbWLa8RPiJxNSXwgeqdqEG_U7Jh5uI3qOzaNBkZlDOU2v7YrrFq7LG-TbiR6DA93tpfBaMWpGx1zWie_Ie9dAGudjicuJflSv-5eiRTXNPogKfaOiGixSVdkcfVL3Qw1NZTWOvzdCK_XHEeaVVc_9JpmK_wFIFM8-uxaaPwtC7rR1WbkKx0JA3sp2rFlxtu8uUOyyDigpqUeYztiZdYGQlK8V8oORWGvv9NyUd0f8zmnZscVWJlng_LKmXibwSwrMiAuB4WFII3eB8qZUaVsR3LzPOKCwLlT7SHaVlWyOi30xUwd0A5YBJJpZiaSVQjGGxXDTRT1jXhL5J1vHx9PMpBnt8sNMH-FDOJ44xZ-WxYWUBa0QmqEkyXg8J01zchM_LVmUdMkNPJem88ZbtxvqWYkroP1aSh_parfRJvH6p2pz71VF-FSpsr1IG4xthpC8lScOo_BD4sd9FljyK-9tiAvY1heDsc85Kpkt7p0t5ELeg3MPDb7us4pUUitF74mz8I2_cLvAhLRR95gdtg78B6J_ATpfHmX7AzKoyN66qdiwsHbFaktOBWu00BAPUONCje_y17DfqhxHUpbE3kfOdSmGhNqhyeIvrImqWJ88BlMnPf1JwzDoL1YV1V95PZ53KCKFYwe1eUiHkNF4GeEPgAQEl_05SndCiedKD41TibVSeTd3exHUjle2-POgnxwcB2OGumXiqD7yeToGgSd2jZQ8UmJbmFBsnPy7x_zYeQuRkl2P8fQ2UKta-vyZLl01I6TNkKKTOVM5O2GYesvIGGcYmSthHThn3QHi60aPn4MSVQ9_K_ZZt9GjwwMSEsjZH9xMt8sPg6EBtCkpcYf5mqwBNPW6vxkddZ8RWch91BYvR_OQjMStcr2CP6EG5ptdurJPBcLaupJYh__8-Bk_4oTPwjxEQjd_a4GoqcGnVD_g-Nuxsqqy5y4EonYHbeHFMioa9uGKaOQUfd1EMVHeTpI72gufAwd2jLVplu35UOiEprlJn6XMYzPwqPJWQWhglOyJq5ElX6MJ_8Q9a4pSg-_QzMhR9R6uJlRezq6tmH50pSV2M_noytF1_SS274Iw6UwYOCMcmzDh7HFAsSLNU96UrhddxTdG8jK6wQL-8OiE5pvMow3jeM2NoQXjxMGuJpPZFaL2V320HK4sxi5RXR0Mrz2gD8OdwxK4vwBHgR-X6BRjAiK8ZG6nGQ0fz_RQ-U6Mi-QyyLOK_LJYeGOQHUSWFxMPtxonkg1Uj2ZCv_JMbtt-0yZxHrttCfhm5rCb2wAMDZPY_esYUOY8eiBUh6n_i2t-GYsF9ehhE2kkQWcP2vwzvagW-npO9ApJlarqw9ZdVMVHdtE-oVCVzq0YqT19F11LthQDv-_u3P302MctaIQBHQo17abKZCQswjU8a-E-FYNCfP0YEoNv5LuHrvnB1LJBv9RvtgGp4iH3Q1S8AxZ9mOAT-r_aFs19T2akOZv7hz4oCB3qrxEx1FJ7UiK7y63RPEZFlF0AJ4Rhy_oQx6rz9012zSTk3cyA4haeRpe5MVWIoCnq_bzGXVLj5Mq751dQyoq133myA5jsND8lOnXLXZIR3a4O7Epl1mS_vUedTaIgx5vLVYqM-Yh0dNzhS-OkWL-QVEfL6_gwGsuGcj1fveDAuOqDYHqUQWLxDGKO6-pA5TVU9u7rilAuprZmRq1hpEJdNiwyd1df4h-dK_TVlABsmk2cEcc2kXER-bJ_-8REYDA0tvyjAA3CMY3bnno7PPPUbgCdXDmSarkUfXwpXvqxSO6KvmpieTg8SJdV4QygvgblSTpvPslR51ecUVbmlJrrPrhaNuqMxRNwalP9_2Q7tfnf9-Bqe7u2Nk79WI9-vkxWloWy2Nw9LT1CCT6LlGrGold-FKGPikJ_XfcWKgIR-uuzu8x8PLpZ6gZbRCXQt1U4e1hIsQAHe-2eSUDOM_ibhs4b8EsVXF5yIPDdGJrg5zv_Y3wHdq4fF2SgjampIbiHCAr5CDRUSi3j51zasBqRraTmnMfwJInYbC3PlLBYvDeGMuCGfESqBIc8wsvSkwbuRJexLMHDaHtVxPjedWq9pU_BDP9tf_6pJ753K8TVfysmCCkqoGesjTRkt7VJowACgXXL_KvJ71ukjHK2bitnAsTzJGSiznUVlvlV9zkn77xd2TW9XYavEoOAvjiktR9m6hP-_Zeydm6rj1wb5PJtXqNz_oiiyLhdkkLcb0y4zlQTfMMSdZpm5CWFhRbcvXRMdbTVqnk_gfAcfPle3XzcVFPYDsq6xHwKrWxo29X1-qHGWDvtbKI7sSiTLtyPZipTBo7cAcawzQVwea7a3dPEZu9WPEh2XMjvRaCgyF_SX2_G6tVeUWv1Iw8dVF5C2X0ysqmJ1zE0ZhA23xz85aNs8ZBrJUg1EDgIaQ5uk9LSVcz4PGWeCaxfOsYfkbKk4HLlxy8etE-cOJk8P-xVPvwfWuX_GqT5sD_AyqTnUOw2N12-XARH1JK7JAiblaPA2CEw0ZJarF_dffdmWmeNkCnTQVq9Xg3KSWWSNaFJfKLMWc0nh-wjXB1qEurrNJTNDI_fs4ZIOUmhBl7W4-aMPpEY_PfIdQLW1G5C9hsfHFv7Rn9vVeqf2ZFYwuKM0c5PCTA1HyRG9XaK8uo_2quTj1_MUO-69tW1sqoEdaGxeT317QVluwizL1EcEblZJ9UQXwuch_YGdDEX5Zs2kB8v9h7GBhdv7MAtNs-3gsA2rcgLug0NBLS1LNHuSG2CbY_aXtqXLM8hGeMNQ2iOvkL1oqu24kQ5TbC3cPkLrtqNf26jFNGFC5o5-0v4Ts5PnOYdniWcjkNziBhgI-9w48nQG1O9jT7YV0cDQblJ3bXvo5QlWdZzbgOZv-nTZddMJ9WcmFY6wMChDlPx67zaEonsRpYNUVkq-oiUsfH50wrS1AVDTwx0CLU01naqXL2LQ-jgnPWJ_H_kSSYGj2B2gxkorH96C17a6Yy1ndB75lQG-weLxXWbH0Y-9pP3Nlm3KT9Nxe1Syb101YkPjM&cid=CAQSKQAvHhf_WWD4KqI5iBatyABp2nyfhBge2CDWmuVF-7djp2Q1UesePTD1GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=1003283668693038800&adk=1626895646&idt=83&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

585859b53974febb758fb3d75773d8b724b2dd51ce864155a7331878ac1e674e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046730&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703225512080&bpp=182&bdt=247&idt=414&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=3925&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1520562853&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320884&oid=2&pvsid=3610774700537060&tmod=1537661235&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ag043tua9fw1&fsb=1&dtd=417
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19522
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 4593 38 KB
13 KB 22ms
22ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 248306
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 09:13:27 GMT
expires: Wed, 18 Dec 2024 09:13:27 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A3E
Redirect Chain

https://aep.mxptint.net/sn.ashx?google_gid=CAESEH9eJ9yag8xzOnLrb8cv2g8&google_cver=1&google_push=AXcoOmQvr13eaU33-gVQFHsjaN4AeX_G1fCqpxlEuJ1lcou_3-4evAc8yqXf062JIv43uz76MRAX1uzNByu2J731dGAh4BnNglo
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmQvr13eaU33-gVQFHsjaN4AeX_G1fCqpxlEuJ1lcou_3-4evAc8yqXf062JIv43uz76MRAX1uzNByu2J731dGAh4BnNglo&google_hm=UjM1Q0E5XzEwRTEzR...

170 B
188 B

30ms
30ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmQvr13eaU33-gVQFHsjaN4AeX_G1fCqpxlEuJ1lcou_3-4evAc8yqXf062JIv43uz76MRAX1uzNByu2J731dGAh4BnNglo&google_hm=UjM1Q0E5XzEwRTEzREJGOV9DMERGMUVFQg%3D%3D

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmQvr13eaU33-gVQFHsjaN4AeX_G1fCqpxlEuJ1lcou_3-4evAc8yqXf062JIv43uz76MRAX1uzNByu2J731dGAh4BnNglo&google_hm=UjM1Q0E5XzEwRTEzREJGOV9DMERGMUVFQg%3D%3D
Date: Fri, 22 Dec 2023 06:11:53 GMT
Cache-Control: private
Strict-Transport-Security: max-age=-386230313; includeSubDomains
P3P: CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length: 345
Content-Type: text/html; charset=utf-8

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 1A3E 43 B
363 B 94ms
27ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTHNyNdRskU4rZpUvk5xCZB7xpjDODvzIF5InAcApzywJ1E9hBBKI8PnEIJdcaJuXa9Udit9KlvtUFN7LOa701FvA2CFcc&google_gid=CAESECBCKwl65AssUFe71KGsOi0&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 282126
expires: Fri, 22 Dec 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A3E
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOQ-gTWLB_xGKL64IA1-fUw&google_cver=1&google_push=AXcoOmT1EIiIwVkXPQkAOmyxXSsmx0L-fmp6Ettr66g9GtsZ2dqGjz0a1LmGfgpdH8vQ-K6bKrvjITM8...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOQ-gTWLB_xGKL64IA1-fUw&google_cver=1&google_push=AXcoOmT1EIiIwVkXPQkAOmyxXSsmx0L-fmp6Ettr66g9GtsZ2dqGjz0a1LmGfgpdH8vQ-K6bKrv...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njg3NjQwNTUyODUzMzEyMDQzMA&google_push=AXcoOmT1EIiIwVkXPQkAOmyxXSsmx0L-fmp6Ettr66g9GtsZ2dqGjz0a1LmGfgpdH8vQ-K6bKrvjIT...

170 B
188 B

31ms
31ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njg3NjQwNTUyODUzMzEyMDQzMA&google_push=AXcoOmT1EIiIwVkXPQkAOmyxXSsmx0L-fmp6Ettr66g9GtsZ2dqGjz0a1LmGfgpdH8vQ-K6bKrvjITM8LJ3mgS4b_8F29pE0SIo

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njg3NjQwNTUyODUzMzEyMDQzMA&google_push=AXcoOmT1EIiIwVkXPQkAOmyxXSsmx0L-fmp6Ettr66g9GtsZ2dqGjz0a1LmGfgpdH8vQ-K6bKrvjITM8LJ3mgS4b_8F29pE0SIo
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A3E
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRzW8qQp5O7Zy7r4vQn5PHwB83tSVfETN-YwPq1iEFgxQ4aZQ98zz5Ow034ZCqhiR5FydIwgy37R7XKHLtMeqyauoanFeg&redir=https%3A%2F%2Fcm.g.double...
https://sync.targeting.unrulymedia.com/csync/RX-3537fe66-98de-46db-890f-c33adb885f0e-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRzW8qQp5O7Zy7r4vQn5...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRzW8qQp5O7Zy7r4vQn5PHwB83tSVfETN-YwPq1iEFgxQ4aZQ98zz5Ow034ZCqhiR5FydIwgy37R7XKHLtMeqyauoanFeg&google_hm=AzU3_maY3kbbiQ_DOtuIXw4

170 B
188 B

32ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRzW8qQp5O7Zy7r4vQn5PHwB83tSVfETN-YwPq1iEFgxQ4aZQ98zz5Ow034ZCqhiR5FydIwgy37R7XKHLtMeqyauoanFeg&google_hm=AzU3_maY3kbbiQ_DOtuIXw4

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRzW8qQp5O7Zy7r4vQn5PHwB83tSVfETN-YwPq1iEFgxQ4aZQ98zz5Ow034ZCqhiR5FydIwgy37R7XKHLtMeqyauoanFeg&google_hm=AzU3_maY3kbbiQ_DOtuIXw4
date: Fri, 22 Dec 2023 06:11:53 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX3537fe6698de46db890fc33adb885f0e003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A3E
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEJXEZjvonPvX6tfpCDtj-nI&google_cver=1&google_push=AXcoOmQXo7H3ybOJtWocuqJMBkVWQD3evRaltSiP8vHa4EQMGUcSeQuE_EcRJUGpGOWy9NHL4fQS6F...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQXo7H3ybOJtWocuqJMBkVWQD3evRaltSiP8vHa4EQMGUcSeQuE_EcRJUGpGOWy9NHL4fQS6FeuUgfSOyQBVn0LQTO8PoQ&google_hm=MzAzODc0MDI...

170 B
188 B

31ms
30ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQXo7H3ybOJtWocuqJMBkVWQD3evRaltSiP8vHa4EQMGUcSeQuE_EcRJUGpGOWy9NHL4fQS6FeuUgfSOyQBVn0LQTO8PoQ&google_hm=MzAzODc0MDIyMzQ1NzcxMDkwNA%3D%3D

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQXo7H3ybOJtWocuqJMBkVWQD3evRaltSiP8vHa4EQMGUcSeQuE_EcRJUGpGOWy9NHL4fQS6FeuUgfSOyQBVn0LQTO8PoQ&google_hm=MzAzODc0MDIyMzQ1NzcxMDkwNA%3D%3D
date: Fri, 22 Dec 2023 06:11:53 GMT
content-length: 0

GET
H2

200

report
sync.teads.tv/um/ Frame 1A3E
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOZ9r5_fCSS0...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZjUzYTcyNDYtZDM0ZS00OGE5LTk3MDktZWZhMDI1N2Y1YzVm&google_push=AXcoOmQdVt0gyL-wd380N9sc78JdviG7anuF_fQOIFw3m71Ca3Qo914h6_lWTX09sw6i8...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

73ms
73ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Fri, 22 Dec 2023 06:11:53 GMT
pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A3E
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEHWsTNr3tuWmM8eCqkXtM2w&google_cver=1&google_push=AXcoOmRCC52ZL5Bgj...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEHWsTNr3tuWmM8eCqkXtM2w%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzU1OTM1Mjk1MDY0OTI5OTQwNA%3D%3D&google_gid=CAESEHWsTNr3tuWmM8eCqkXtM2w&google_cver=1&google_push=AXcoOmRCC52ZL5BgjRhlMfDze4m0ibwPHY...

170 B
188 B

34ms
34ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzU1OTM1Mjk1MDY0OTI5OTQwNA%3D%3D&google_gid=CAESEHWsTNr3tuWmM8eCqkXtM2w&google_cver=1&google_push=AXcoOmRCC52ZL5BgjRhlMfDze4m0ibwPHYpJpRgNrt57rbXD_Qja5DfdIjTpeE9Ac9zbGtEJ-ginTWf_tZcD2Nspatdkjese8VF8

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
an-x-request-uuid: f44d4110-2a22-4a92-83cf-9fcb7b0076a0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzU1OTM1Mjk1MDY0OTI5OTQwNA%3D%3D&google_gid=CAESEHWsTNr3tuWmM8eCqkXtM2w&google_cver=1&google_push=AXcoOmRCC52ZL5BgjRhlMfDze4m0ibwPHYpJpRgNrt57rbXD_Qja5DfdIjTpeE9Ac9zbGtEJ-ginTWf_tZcD2Nspatdkjese8VF8
x-proxy-origin: 176.10.106.9; 176.10.106.9; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1A3E 0
12 B 29ms
29ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L51mm70f8XqAZ47z1FF3Ut3fVXE52u5oZpGLiu0ulyyY8r392wKWVWKY05o2B3vBzY6i8dA8U

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 26BB 0
0 58ms
58ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=2759465444458337&bg=!o6CloO_NAAY3kmNgF5I7ADQBe5WfOFaQM-Guks28JQv3fkEjZKCbSVqrLAuVzRqv-pdAiZPOEnCb27arm5c7xG8NXOPrAgAAAEJSAAAAAWgBBwoAFjC8BvPgugVVxza85QVqH8HqMNaOFPeZAw492SetdlBC__cpDRXL2hrfUtojWXjxuxRk5hP1qmMyd0UiLPICx5S54ciavqzwmPhiUhtHFtfMLDr_IJS4mzqAW5I-J6vb76ZYJK6JLgMVKPJq4znKeMYDCxDkczyFKC44aAVyf0G9bgSSgb3CjXkylrk1cMoq3mrlINkWaIN-PCCaSxEjaGpHs2tkgu0LJCQbl6srFXokqPlO0sdvBaL3-xH4Wo_pit_fKdEM_JKXWTlkeAj-11X1p3G7IiaQuoxNv-q0PEJAb867kEfZbze9MJIQLJy2u9kBeLe3eFQl2QnAj2OUuVeAq6HA8KhQYKWudde-3PcrlqhW705SquNVvgH1lEu0Fmz7axtAL22U8QnbvzyWozUOr21sQINWEC3mCHZWIKgiJ5FNwW5GkAP43lka76kul4hf6oraS3rPGj_l5JeyP1L00lL1GbThjpRbQNc42XWba-N-vwzVsEzrElyYKQQYDqSziAiltr0fd7ubEnhd95RrntcHG9_pTBcAvamGqi6iBA3ZR0nUC7F-IlfPqoivklOPuwpH1GvH_-ZRqrU16TVe_L9oWP4Ql5lzlgm2QbtnXZpxp350xsUMn8X_45wtPEw3OqltNR9Y5HzX5bLae2O-t4gFFnnnBa1NvjpNvJ-DZPvChPQY6Gj6G3BSS3wwGeiMaYUBhfpi8zmYYzL7zwoPm_kboJz5dg4JjPOoC-z_biFXAe-KiHnsPM5n62_8wNJotIXNebr3Mjw65h5CZaBcMjZQrejJCb-N1MOqMUdzrVqr0J8qg4Uz9DxAu7f0_AhluOHknFApQB4qnZAgruoKOIXH1U74ig1GLKsSyHFc9wlIeO4OM4o88-I1bKuzGTAUUliCvM47SaeZ_ZFdoT87fN5-INpyLSGHCMP6PGU0JUzqZdfOp8bbRazmq1RZZkvATwZlfR5vlgYUBQHf1DxgnC26ZuY_4I5AiDYAGLz75-SbKfSzMm8lCCkLYZAiB4itcWdPIjtBbXdFOtPf63XigYbY0LmUa9hH4GaDuR6GbkrKp0RRYQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 4593 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 13:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Dec 2024 13:10:41 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E025 0
0 58ms
58ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvKyGtwt0jihguIy_jkyz4zrKQzazSGwIsoYZ_uq0iLaKPdz1KpjjuExhVDDQKX0m-y4a414rTRlbtLHZZcQaWn293ojCXMQVnhI4LtArYtSbcyOOl6AvcfDccktAy9qq7pNgzo2yRy7q6KaJ_LlgF39ISzJ1QoIkknsU7RVeKpOITEtrTNSM6dHWCPvEL93jrZCXIfzT-PxoKDOUYclj1mdo8R4i9OXDNbDy5GL0sq5Rw_bxswfgQsZ8G-dAYXy8T-QdqmFWy48_JS_TkmcJOcZsJBlApwfZjMAkBB9KrGpV7xbelCerWk6eTj3ps2iMdpI_hSgcC1rjqycDO2avhqoy4Y5G-6iyPwkfQJQd1M-DzRPi8dPs58vx-vhvee0pqAbWmf7tNj1JfncC2JW3dvl_mMU5thOBjocp8Hv71lsEoZmx96TxinzWADyitno-rzZnFZseA4CGzHSjiqos2d74YmsF3wcMIhFnjzdSMRYbinvRluKXjgCfxVAxvWbRfjh1y6Qj4DUiUUa5sX9fpGaqxbJpGRpZguf-HS1U9bqFTxl9-SQoEtjzz6FjfYv_tkV1XE89Ltj7TeMPKpKWhlC6GMQnw5IVg969QAoL0juE5aQ5oxPPbDK4h83JmiAITZqZHXpgOZAT9-3Bbd2WJSfaDafhC5zOEmjZydtdELErCYf1i56VNspkyiuFHYwVVJQ4WDc8TVaLClaXVVBw59hPwVaGzwQWn0OmkXc5L4rUiVmLe8lxINqhxX4mj0yut05TZ3fGNuT0TFXpM7vOYHp8Z-tICKSvcTLTTAbVusXj9ukwAJIPYPp3koCsndfghs8H7MAaJClKKF0oZkrKyD_hoPGH9yWQnCdNhlsUh6UFpSQmFHuQfMbtBms7gyOU98Wf42bdMclTZD-xIml9pXsr4V9sEakgSiVVvPDN6mUP8PEYfo6bkPIWNMTbSN2UrkFyG4GSGRG2C5c4_hDgXZhPvK9Ecn27fVlYpgtWYIcMZPlnflajFJac3SDma0tFTrDbik4XhEKfqjwbcrwSJvEjuuB2CX6s91klzJ8zkuhKqQosnUeiTww8RgiXrQXLOHqAIY5oE43Rai2TNHCjJLUlOHB1ePIoA8Zwl6DFiJwAm5cK2vdDxzeKPJj4i9uyFW_mGDtDBlEzBOV3Wcat2FRJ_Uf6FOCfItAMbxwaPQvAb-lisolJzWDMUt5I0pUeJiSFqq4GIVm19xDjMVSZyqHd8GQMS3k_aHQvUluT7SGXmnWPxABsybrbJCeBfNRItreUmBbW7NBlsgmyy_CuSN1uOOLmFxPjQ7L5Ma0W4fZ2s9tGkaae0-kh8LFZR5JWWeFxNcLS8&sai=AMfl-YR6ycMMuaks0cCXB3rTyzDWOBIkrZMDvjg6DX3d0XD6I1_AxtDO0GyLPG5z4mpFR2wzxNLvKitsMJmSHk9lJ7VGxbOFUF9KPk6FuJ2cwjfRWkJ6vELh21G1gyLvZw2eDH-Td3yc5NDcQhGb9azwbEeIBEUJw9C7buvysyLJrC_XrNJbFZTiQvkrTbf6VWvTZeOOsiaHE9GN&sig=Cg0ArKJSzB1dGkfUU15ZEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=139&vt=11&dtpt=138&dett=2&cstd=0&cisv=r20231207.60254&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 516A 0
0 58ms
58ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHBQAyX-eQxqZsfq-G0yzMnUXGyR4byXOUFHw89LqNv9B4kFpCqPVVRhEN0q5gMVACMKCvMAZz9JwnqkQsTdWp54hNrFyI27ZhDx7QeWWP4fBSahJRdyl80NPkMpxVqovEJ_qmXCSb71Jwfs_JpqY9jRZfOnUaXPYWzggVx46bbhrBqhh7Qrlwc61RBpitHhvdOA01ivCXzyijCj3exEskyavx7iDNbTk-fj5V6rjVYBlaDKBAoLbvWY22kQ366gbk4cKB3kM-Sgoia9zavapdCMIEpPvXIhh36dy019tblpNz9-L5j4vyxwlgXL-BXfcSFmwqQX9zDv3DzTfGyui2-RlZtvOmsQkVNHk_jqDdzBNstmVk87MUsY7BU2DZ8kvySl1Qm9t9SQf3DiFIbnHU&sai=AMfl-YTpNo9gn1cwZXQ1BZZaZmsOSghcMmhx19maW6ye02_6umC7wgO2b7N6s9-CzKqducNx2EOeJSv11fHXd7A&sig=Cg0ArKJSzCaDyKVGa5HVEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 22 Dec 2023 06:11:53 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 516A 16 KB
12 KB 70ms
70ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

968659ae88a758f81820dcea6c35acc77c0796eb1f2a4ab05f557458b357b90e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12103
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4593 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BwB0UqSiFZZzRBKqwjuwP4ZGogA4AAAAAOAHgBAI&bg=!LC-lL2DNAAY3kmNgF5I7ADQBe5WfOCkJnn_ukEnzMbWf1tZO2qZJb0zwPRIglNMdRqmgu6_SoCzwaQn8uqMgI7RRq_AUAgAAADRSAAAAAWgBB5kDMBdn66kenloqOjbmaBwPqJTXJBRTn1_5PsPeuorYc3tbV8wrPaJRPi8bxsF5Rj7D3tQVRZrjpaybFFEOJDCLPfY1HoDOmciXYzljGiR10mvCC-dZWbFo7pF4w1AvC7uvVEfIi3PiVuDftbWQwpWTVzGXZJLyBeX72yvLo0tk64lQDzel42DcQ7OZ-skD1zbqlOu01VDKObQdrT3YW6vL2PajDnlHyhBHUNHxd8isy69_zJIi-DKTOquMLpLdoKlGX_GJtKtzpOjaVkZEk999CTSgXKz7PEZV1sJ5a8gUHc6zMT2K4Ct1YY3ZKR8dkHLiPF2Ujs8mjVOAw8bmg4YgthYZcbXqjpUHJWEOU34yglDDJYgzRvhFa_khJBWVBRHVXa2pJH1irS5d1zth7t330A6r7D682M319wiGcUdUjMad0rLcDMz5uOHDK9dambUcnZQPy9XDoiMhrRMqDNTvLLXY17Gj5SsVlirS_MyoCfUvu-v_oT7sMJjaR2uLrcL3IZCgmTckeTEk9bBUYZhjmo72xkhcqEbrc4obNhq5oZFdgh_9VkxAsCngZ7NpUeeoVCbd_C-gr6xAyNOr2T45gvZbkx3aENqifl5mzsy7qmjYwI3cqrEnTr5FFD5x1_eNlfwNfgEXyNjKS6_5cmuEzgZJbdlGFDFlCkF4BbwsnnZk6233KwhNE8udcFihpHVdu05LcrjZguvZfP3iZlF27d6UYAUJz3pl1M18rOSf3LhsfxqA6nThfMq4LoliVrqork8rj_WDiEF__mP1s5iDacYP8WLhxHrT_k8cLASS9KZHAQf-yYMTfolcweDX4cSTxG59GiAxwogl39KPdoj2iJ4rsiXLeesOhgKkjs69LKPfl8bRwFuu3CCQ4VPP2c4yEMjSN3xO0_BC-DYJJQESOehtAwIBHcB2rV-YuwFXVNISm0FHCYLpNh6zCkEbsDI3aU90HMfL_rwrcvdPEubupwvhl-ECx1Cd4GJIZoKNaH7PF0-pbhy_osUON3o8dxKWLnSC4cTj1jsvSfp8c-iWHiFVPk0mtMHvSVLsa3L_FzPTFUlyC2JerKU8PisQ9y6fBw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 516A 17 KB
6 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 06:11:53 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1D50 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 33005
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 21:01:48 GMT
expires: Fri, 20 Dec 2024 21:01:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B24F 829 B
558 B 31ms
31ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9d94fbe1f6076904619a993982d9d26ad6f865e69ae4cf38d1289bc8ed0fc6c2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gxwOsxEP3od9qKsLdSC8Iw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-gxwOsxEP3od9qKsLdSC8Iw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 06:11:53 GMT
expires: Fri, 22 Dec 2023 06:11:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 8FFB 31 KB
12 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CKScCFYEqw16MZ6zW3Z_eFLx3-r9gwtpH8_G4EvBIgBe5vkBl5sV4dyS7pw0vEo0hfHm7AnIk5HFV_k26ECdVRf21hS6J7zGL_SG7ZRjANhf4fSfWeNrph4slenvNRZVpZKzwYycWOTW3-CT7ESf3I50vHyoRCl-zViALJCK9GE_iyz40&cry=1&dbm_d=AKAmf-CHUTLFSG0RhN-6tYjqD8edB8AS4NZ-fSsgVrCSBvXDFBhIkci1OS1Ypc6OPf9nSD-EbbXF6Et73EqzG-aDHYvVS6HIBxfU8llEPvHua6dhhAFNNBWy-b20B4jdBmGIf7Q69ivo1cvu2hkrQ4-mnSIbfpCLg47lhTmvtpCWSABtZ1NW4VTKPiDrxX2bNePMEfrrL5R74vFp-2a2j_RjpaRFkV6xuo8z7ousax-lvjY48lNJc9foD_iHNb8sF71MymSPDR-xQDIY3OuV6_V2xilmEiPs9AY9slE0VxWGSh71Yr7SRhuN2glnCk2VozD3kaJ1WPQRyf4gfVUe9vn3i7NKRmzYXcZUJOD_NB8-iXCWaZa4fV3CBfFcrAG6ZmurQSVdisrhZFKWLCNAlUnp7XD2lyXSejIvJDxcDl5EOmDb2o2vlBWC2O55KWfDhTehNuQA7-jUJRaQ0s5ad8BQA7kCUXB3ObwfRzTHoiw0BYgYPV-5_JIxLiXVee7l9IM_juQvGsk3fZ70EH8owijvgXlUz7SuDjW1CZJtITYzpSPAbLXNcCTArE6L41v8e3v385fq4Zv7PMSI1FYl5NzVqSNa7sNRWbWLa8RPiJxNSXwgeqdqEG_U7Jh5uI3qOzaNBkZlDOU2v7YrrFq7LG-TbiR6DA93tpfBaMWpGx1zWie_Ie9dAGudjicuJflSv-5eiRTXNPogKfaOiGixSVdkcfVL3Qw1NZTWOvzdCK_XHEeaVVc_9JpmK_wFIFM8-uxaaPwtC7rR1WbkKx0JA3sp2rFlxtu8uUOyyDigpqUeYztiZdYGQlK8V8oORWGvv9NyUd0f8zmnZscVWJlng_LKmXibwSwrMiAuB4WFII3eB8qZUaVsR3LzPOKCwLlT7SHaVlWyOi30xUwd0A5YBJJpZiaSVQjGGxXDTRT1jXhL5J1vHx9PMpBnt8sNMH-FDOJ44xZ-WxYWUBa0QmqEkyXg8J01zchM_LVmUdMkNPJem88ZbtxvqWYkroP1aSh_parfRJvH6p2pz71VF-FSpsr1IG4xthpC8lScOo_BD4sd9FljyK-9tiAvY1heDsc85Kpkt7p0t5ELeg3MPDb7us4pUUitF74mz8I2_cLvAhLRR95gdtg78B6J_ATpfHmX7AzKoyN66qdiwsHbFaktOBWu00BAPUONCje_y17DfqhxHUpbE3kfOdSmGhNqhyeIvrImqWJ88BlMnPf1JwzDoL1YV1V95PZ53KCKFYwe1eUiHkNF4GeEPgAQEl_05SndCiedKD41TibVSeTd3exHUjle2-POgnxwcB2OGumXiqD7yeToGgSd2jZQ8UmJbmFBsnPy7x_zYeQuRkl2P8fQ2UKta-vyZLl01I6TNkKKTOVM5O2GYesvIGGcYmSthHThn3QHi60aPn4MSVQ9_K_ZZt9GjwwMSEsjZH9xMt8sPg6EBtCkpcYf5mqwBNPW6vxkddZ8RWch91BYvR_OQjMStcr2CP6EG5ptdurJPBcLaupJYh__8-Bk_4oTPwjxEQjd_a4GoqcGnVD_g-Nuxsqqy5y4EonYHbeHFMioa9uGKaOQUfd1EMVHeTpI72gufAwd2jLVplu35UOiEprlJn6XMYzPwqPJWQWhglOyJq5ElX6MJ_8Q9a4pSg-_QzMhR9R6uJlRezq6tmH50pSV2M_noytF1_SS274Iw6UwYOCMcmzDh7HFAsSLNU96UrhddxTdG8jK6wQL-8OiE5pvMow3jeM2NoQXjxMGuJpPZFaL2V320HK4sxi5RXR0Mrz2gD8OdwxK4vwBHgR-X6BRjAiK8ZG6nGQ0fz_RQ-U6Mi-QyyLOK_LJYeGOQHUSWFxMPtxonkg1Uj2ZCv_JMbtt-0yZxHrttCfhm5rCb2wAMDZPY_esYUOY8eiBUh6n_i2t-GYsF9ehhE2kkQWcP2vwzvagW-npO9ApJlarqw9ZdVMVHdtE-oVCVzq0YqT19F11LthQDv-_u3P302MctaIQBHQo17abKZCQswjU8a-E-FYNCfP0YEoNv5LuHrvnB1LJBv9RvtgGp4iH3Q1S8AxZ9mOAT-r_aFs19T2akOZv7hz4oCB3qrxEx1FJ7UiK7y63RPEZFlF0AJ4Rhy_oQx6rz9012zSTk3cyA4haeRpe5MVWIoCnq_bzGXVLj5Mq751dQyoq133myA5jsND8lOnXLXZIR3a4O7Epl1mS_vUedTaIgx5vLVYqM-Yh0dNzhS-OkWL-QVEfL6_gwGsuGcj1fveDAuOqDYHqUQWLxDGKO6-pA5TVU9u7rilAuprZmRq1hpEJdNiwyd1df4h-dK_TVlABsmk2cEcc2kXER-bJ_-8REYDA0tvyjAA3CMY3bnno7PPPUbgCdXDmSarkUfXwpXvqxSO6KvmpieTg8SJdV4QygvgblSTpvPslR51ecUVbmlJrrPrhaNuqMxRNwalP9_2Q7tfnf9-Bqe7u2Nk79WI9-vkxWloWy2Nw9LT1CCT6LlGrGold-FKGPikJ_XfcWKgIR-uuzu8x8PLpZ6gZbRCXQt1U4e1hIsQAHe-2eSUDOM_ibhs4b8EsVXF5yIPDdGJrg5zv_Y3wHdq4fF2SgjampIbiHCAr5CDRUSi3j51zasBqRraTmnMfwJInYbC3PlLBYvDeGMuCGfESqBIc8wsvSkwbuRJexLMHDaHtVxPjedWq9pU_BDP9tf_6pJ753K8TVfysmCCkqoGesjTRkt7VJowACgXXL_KvJ71ukjHK2bitnAsTzJGSiznUVlvlV9zkn77xd2TW9XYavEoOAvjiktR9m6hP-_Zeydm6rj1wb5PJtXqNz_oiiyLhdkkLcb0y4zlQTfMMSdZpm5CWFhRbcvXRMdbTVqnk_gfAcfPle3XzcVFPYDsq6xHwKrWxo29X1-qHGWDvtbKI7sSiTLtyPZipTBo7cAcawzQVwea7a3dPEZu9WPEh2XMjvRaCgyF_SX2_G6tVeUWv1Iw8dVF5C2X0ysqmJ1zE0ZhA23xz85aNs8ZBrJUg1EDgIaQ5uk9LSVcz4PGWeCaxfOsYfkbKk4HLlxy8etE-cOJk8P-xVPvwfWuX_GqT5sD_AyqTnUOw2N12-XARH1JK7JAiblaPA2CEw0ZJarF_dffdmWmeNkCnTQVq9Xg3KSWWSNaFJfKLMWc0nh-wjXB1qEurrNJTNDI_fs4ZIOUmhBl7W4-aMPpEY_PfIdQLW1G5C9hsfHFv7Rn9vVeqf2ZFYwuKM0c5PCTA1HyRG9XaK8uo_2quTj1_MUO-69tW1sqoEdaGxeT317QVluwizL1EcEblZJ9UQXwuch_YGdDEX5Zs2kB8v9h7GBhdv7MAtNs-3gsA2rcgLug0NBLS1LNHuSG2CbY_aXtqXLM8hGeMNQ2iOvkL1oqu24kQ5TbC3cPkLrtqNf26jFNGFC5o5-0v4Ts5PnOYdniWcjkNziBhgI-9w48nQG1O9jT7YV0cDQblJ3bXvo5QlWdZzbgOZv-nTZddMJ9WcmFY6wMChDlPx67zaEonsRpYNUVkq-oiUsfH50wrS1AVDTwx0CLU01naqXL2LQ-jgnPWJ_H_kSSYGj2B2gxkorH96C17a6Yy1ndB75lQG-weLxXWbH0Y-9pP3Nlm3KT9Nxe1Syb101YkPjM&cid=CAQSKQAvHhf_WWD4KqI5iBatyABp2nyfhBge2CDWmuVF-7djp2Q1UesePTD1GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=1003283668693038800&adk=1626895646&idt=83&cac=0&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 20:42:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34166
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
server: cafe
etag: 16225921609732785849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 20:42:27 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 8FFB 41 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 562005
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Dec 2024 18:05:08 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMzIyNTUxMzMzNzAyOAogIHNlcnZlcl9pcDogMTc1NjI1NDc5CiAgcHJvY2Vzc19pZDogMjM4MjQzMjMzMQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMjYyNDc1...
ad.doubleclick.net/ddm/activity/ Frame 8FFB 0
862 B 127ms
59ms Image
image/png 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMzIyNTUxMzMzNzAyOAogIHNlcnZlcl9pcDogMTc1NjI1NDc5CiAgcHJvY2Vzc19pZDogMjM4MjQzMjMzMQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMjYyNDc1MgphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vZml0bmVzc2ZpcnN0LmRlIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDE4MDQ5NDY0MDExMTUxNjAyNjIwCmRlYnVnX2tleTogMjc0Mjc1MzM2MDM5OTg5ODc1OAppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTItMjIiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMjYyNDc1MgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDM4NDUzNTk2OAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTA5NzgxMDE1MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyMDg4MDkxOTg2OAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDU0MTEyNjQ4NgogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9maXRuZXNzZmlyc3QuZGUiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4xLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjIuY29tIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzU0OTc0NzIwCg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xe4c8b82b218eef60000000000000000","13":"0xea0b9c68c24d778e0000000000000000","14":"0xe4f28db55e1ea680000000000000000","15":"0xc4b9d364963be130000000000000000"},"debug_key":"2742753360399898758","debug_reporting":true,"destination":"https://fitnessfirst.de","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["12624752"]},"priority":"0","source_event_id":"18049464011151602620"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 banner Show response
ad4.adfarm1.adition.com/ Frame 8FFB 6 KB
3 KB 33ms
33ms Script
text/javascript 217.79.188.46
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4.adfarm1.adition.com/banner?sid=5158023&adjsver=3&fvers=&iframe=1&ref=https%3A//googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-pub-5884294479391638%26output%3Dhtml%26h%3D280%26slotname%3D3654094576%26adk%3D229048865%26adf%3D3173046730%26pi%3Dt.ma%7Eas.3654094576%26w%3D336%26url%3Dhttps%253A%252F%252Fwww.xgcartoon.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1703225512080%26bpp%3D182%26bdt%3D247%26idt%3D414%26shv%3Dr20231207%26mjsv%3Dm202312070101%26ptt%3D5%26saldr%3Dsd%26is_amp%3D1%26correlator%3D3925%26frm%3D24%26ife%3D3%26pv%3D2%26nhd%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D0%26ish%3D0%26ifk%3D1520562853%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759876%252C44759927%252C44759837%252C95320884%26oid%3D2%26pvsid%3D3610774700537060%26tmod%3D1537661235%26uas%3D0%26nvt%3D1%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C0%252C0%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D1%26uci%3D1.ag043tua9fw1%26fsb%3D1%26dtd%3D417&ro=https%3A//googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-pub-5884294479391638%26output%3Dhtml%26h%3D280%26slotname%3D3654094576%26adk%3D229048865%26adf%3D3173046730%26pi%3Dt.ma%7Eas.3654094576%26w%3D336%26url%3Dhttps%253A%252F%252Fwww.xgcartoon.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1703225512080%26bpp%3D182%26bdt%3D247%26idt%3D414%26shv%3Dr20231207%26mjsv%3Dm202312070101%26ptt%3D5%26saldr%3Dsd%26is_amp%3D1%26correlator%3D3925%26frm%3D24%26ife%3D3%26pv%3D2%26nhd%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D0%26ish%3D0%26ifk%3D1520562853%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759876%252C44759927%252C44759837%252C95320884%26oid%3D2%26pvsid%3D3610774700537060%26tmod%3D1537661235%26uas%3D0%26nvt%3D1%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C0%252C0%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D1%26uci%3D1.ag043tua9fw1%26fsb%3D1%26dtd%3D417&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=0&wi=1588665189&ac=1&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3D
Requested by: Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/js?wp_id=5158023&clickurl=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs-IChABINPLzjBg9YWAgPwDoAH39-mEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU_QZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp_jez14FR3iJeGBhk9OLmJFUwQ-Jj7dVDPBW6-pJbKNLMRY9s65PHX2Hu_H_42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns-EPL54-b4RoNvJOI5MrfrkvI5dcdl-uBQExzVs2OX_CyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT-HxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr-eAho-OxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB_evuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G-ihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE&ae=1&num=1&cid=CAQSKQAvHhf_WWD4KqI5iBatyABp2nyfhBge2CDWmuVF-7djp2Q1UesePTD1GAE&sig=AOD64_0DY5KJ-88bLOVxqRwOtfnRTzr_Mg&client=ca-pub-5884294479391638&dbm_c=AKAmf-AnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD_ZtnwTvu_thj29K-a3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR-q0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq_CNRKgYgmRSK4U8N4LRPJoM9qe1S8&cry=1&dbm_d=AKAmf-CDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT_BbJITVyi5Y2syY-TV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF_mI7GKtIXF05X-MSbt0VNFV7L99800KJyBmr-67fFFrgbjCqKsyhAkISTLJvOQmwDPj0_t1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy_RSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ-XGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo_ApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8-wqTZydjht3ijOnahT&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.46 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad4.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 24e2232201bc32c8eb9948db92ec5630c44d3319f063b36e79fb68976d040677

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 07:11:53 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 1D50 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 13:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Dec 2024 13:10:41 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame A305 38 KB
13 KB 22ms
22ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 248306
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 09:13:27 GMT
expires: Wed, 18 Dec 2024 09:13:27 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B24F 0
0 55ms
55ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=3442845709498204&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame 8FFB 32 KB
8 KB 24ms
24ms Script
application/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/banner?sid=5158023&adjsver=3&fvers=&iframe=1&ref=https%3A//googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-pub-5884294479391638%26output%3Dhtml%26h%3D280%26slotname%3D3654094576%26adk%3D229048865%26adf%3D3173046730%26pi%3Dt.ma%7Eas.3654094576%26w%3D336%26url%3Dhttps%253A%252F%252Fwww.xgcartoon.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1703225512080%26bpp%3D182%26bdt%3D247%26idt%3D414%26shv%3Dr20231207%26mjsv%3Dm202312070101%26ptt%3D5%26saldr%3Dsd%26is_amp%3D1%26correlator%3D3925%26frm%3D24%26ife%3D3%26pv%3D2%26nhd%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D0%26ish%3D0%26ifk%3D1520562853%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759876%252C44759927%252C44759837%252C95320884%26oid%3D2%26pvsid%3D3610774700537060%26tmod%3D1537661235%26uas%3D0%26nvt%3D1%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C0%252C0%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D1%26uci%3D1.ag043tua9fw1%26fsb%3D1%26dtd%3D417&ro=https%3A//googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-pub-5884294479391638%26output%3Dhtml%26h%3D280%26slotname%3D3654094576%26adk%3D229048865%26adf%3D3173046730%26pi%3Dt.ma%7Eas.3654094576%26w%3D336%26url%3Dhttps%253A%252F%252Fwww.xgcartoon.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1703225512080%26bpp%3D182%26bdt%3D247%26idt%3D414%26shv%3Dr20231207%26mjsv%3Dm202312070101%26ptt%3D5%26saldr%3Dsd%26is_amp%3D1%26correlator%3D3925%26frm%3D24%26ife%3D3%26pv%3D2%26nhd%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D0%26ish%3D0%26ifk%3D1520562853%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759876%252C44759927%252C44759837%252C95320884%26oid%3D2%26pvsid%3D3610774700537060%26tmod%3D1537661235%26uas%3D0%26nvt%3D1%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C0%252C0%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D1%26uci%3D1.ag043tua9fw1%26fsb%3D1%26dtd%3D417&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=0&wi=1588665189&ac=1&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 6356dca74d480f9fe67e7a08ad460f342880cfb3004f3ef6d8df6db39edae277

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:53 GMT
content-encoding: br
last-modified: Wed, 22 Nov 2023 10:00:03 GMT
etag: "3305548861-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8362

GET
H2 200 js Show response
ad2.adfarm1.adition.com/ Frame 8FFB 3 KB
3 KB 86ms
26ms Script
application/x-javascript 217.79.188.21
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.adfarm1.adition.com/js?wp_id=4847839&gdpr=0&gdpr_consent=&ts=7315297876062374922&kid=6274928&bid=19051294&keyword=PACS_5158023_19096890&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Requested by: Host: ad4.adfarm1.adition.com
URL: https://ad4.adfarm1.adition.com/banner?sid=5158023&adjsver=3&fvers=&iframe=1&ref=https%3A//googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-pub-5884294479391638%26output%3Dhtml%26h%3D280%26slotname%3D3654094576%26adk%3D229048865%26adf%3D3173046730%26pi%3Dt.ma%7Eas.3654094576%26w%3D336%26url%3Dhttps%253A%252F%252Fwww.xgcartoon.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1703225512080%26bpp%3D182%26bdt%3D247%26idt%3D414%26shv%3Dr20231207%26mjsv%3Dm202312070101%26ptt%3D5%26saldr%3Dsd%26is_amp%3D1%26correlator%3D3925%26frm%3D24%26ife%3D3%26pv%3D2%26nhd%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D0%26ish%3D0%26ifk%3D1520562853%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759876%252C44759927%252C44759837%252C95320884%26oid%3D2%26pvsid%3D3610774700537060%26tmod%3D1537661235%26uas%3D0%26nvt%3D1%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C0%252C0%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D1%26uci%3D1.ag043tua9fw1%26fsb%3D1%26dtd%3D417&ro=https%3A//googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-pub-5884294479391638%26output%3Dhtml%26h%3D280%26slotname%3D3654094576%26adk%3D229048865%26adf%3D3173046730%26pi%3Dt.ma%7Eas.3654094576%26w%3D336%26url%3Dhttps%253A%252F%252Fwww.xgcartoon.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1703225512080%26bpp%3D182%26bdt%3D247%26idt%3D414%26shv%3Dr20231207%26mjsv%3Dm202312070101%26ptt%3D5%26saldr%3Dsd%26is_amp%3D1%26correlator%3D3925%26frm%3D24%26ife%3D3%26pv%3D2%26nhd%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D0%26ish%3D0%26ifk%3D1520562853%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759876%252C44759927%252C44759837%252C95320884%26oid%3D2%26pvsid%3D3610774700537060%26tmod%3D1537661235%26uas%3D0%26nvt%3D1%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C0%252C0%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D1%26uci%3D1.ag043tua9fw1%26fsb%3D1%26dtd%3D417&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=0&wi=1588665189&ac=1&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad2.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: c74738cf4a920f226e5bba15a84fd44eff55a9f4eca98399ca44ad5a25add5a5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Fri, 22 Dec 2023 07:11:53 +0100
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame A305 39 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 13:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Dec 2024 13:10:41 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1D50 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?en9rhA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5BB0 0
0 57ms
57ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=3062246611165342&bg=!n5ylnNPNAAY3kmNgF5I7ADQBe5WfOML-czjzPVHuyeRxYif9H_JdOWoL88BcXekySlpdJAuD3ITy7fclqI5zBdAVVf9YAgAAADpSAAAAAWgBB5kDHN_0gsCo-UsygKZ5Ko1TrsR7CKiqW5qdi3X4N3wiEpekrExsVVd9Mm0Di2qvK4SLCat9tkcSxzZdiGGl7knVA3Gzp7q34xSuY4I8VW6gZD53tdOzRFhlqiCxqLU0HGBjoG0ocU6s79gUtSQHE9JWxPmUFeibSwgLcWHC1ouNByl50Ng-FX5_xeVx3XvncFtGeyOPBSuf3l6kUnLZQzVryxi1UidGS8m2v0AE2jSA-rRj9drc_3KYKn7v0ox4KnodRGDlsUOWdLuCukdoCX1H0KZiptHOiqFzoi4adNl54vg_1S0bxaqwIVCD96F8NHjw_SSBGllBY8-ikYydplSBKD5BJ-vxRNDArGT5Sn8cm6Fzup3BJeNuJCl_cbNRLEaxCJQvN7xnWf00cxfMS_SrbNugwB5k9Qw1N5qVV9npqCTKlecrH7AVpwv36ZoO0Hg0JZN2R4Z5kpzXyQ7mlswlkEdvPkEZlvaStYumL-t4gtMnc7IxjBd8o9LFtVudECORH-Mf4Y0hYKc_UUILVUo2wUcqwgeHbsqyhZ8mKg5MphEfPlSb_ntBzGjP6aTttJa6_sv0iW9p3q9zgFOS1YoRwBhSYzROnn_ZH6PBHE7-bQnkKI2_pJu0i4M8bq2Tx58COAbX1Adg27P9x7Np591VBNlbYgrWFUxuKhxGVSEfUR21IDxuamGL145OD0JxYQMTqD1XI_AwOQz37L8lTrtCClJUphcofeMtYFQmw1VHYmkWmGyBX0imUgIKKhLjy35OEXHMhJHUPk0qLO1FFEKIwjRBw-RpcunGhVarMzkivrVCMIB9af0OqjFHrpe5NBjCvgcFgs25E38NwS1KyhF0esg0RNuxVgZH4kBbXOTmQXKMN4ijyJOZFrcc2ZAjedFwzrKdNy4UQTl241uNRPcQtNlJde4dVcchfNsd5h31Lw78jAojhvycnb5NjL4pwE9ej4U_YXAFg1N5x11hGUFrqyi8BGwxbynNXr9sh5td4kHNYlfK2M2t9unp8EXQsK-dFDY4SX6Ma_ATVFoTC0yGWbtRrW822hfEpMh5oh4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 banner Show response
ad2.adfarm1.adition.com/ Frame 8FFB 10 KB
4 KB 28ms
28ms Script
text/javascript 217.79.188.21
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.adfarm1.adition.com/banner?sid=4847839&adjsver=3&fvers=&iframe=1&ref=https%3A//googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-pub-5884294479391638%26output%3Dhtml%26h%3D280%26slotname%3D3654094576%26adk%3D229048865%26adf%3D3173046730%26pi%3Dt.ma%7Eas.3654094576%26w%3D336%26url%3Dhttps%253A%252F%252Fwww.xgcartoon.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1703225512080%26bpp%3D182%26bdt%3D247%26idt%3D414%26shv%3Dr20231207%26mjsv%3Dm202312070101%26ptt%3D5%26saldr%3Dsd%26is_amp%3D1%26correlator%3D3925%26frm%3D24%26ife%3D3%26pv%3D2%26nhd%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D0%26ish%3D0%26ifk%3D1520562853%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759876%252C44759927%252C44759837%252C95320884%26oid%3D2%26pvsid%3D3610774700537060%26tmod%3D1537661235%26uas%3D0%26nvt%3D1%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C0%252C0%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D1%26uci%3D1.ag043tua9fw1%26fsb%3D1%26dtd%3D417&ro=https%3A//googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-pub-5884294479391638%26output%3Dhtml%26h%3D280%26slotname%3D3654094576%26adk%3D229048865%26adf%3D3173046730%26pi%3Dt.ma%7Eas.3654094576%26w%3D336%26url%3Dhttps%253A%252F%252Fwww.xgcartoon.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1703225512080%26bpp%3D182%26bdt%3D247%26idt%3D414%26shv%3Dr20231207%26mjsv%3Dm202312070101%26ptt%3D5%26saldr%3Dsd%26is_amp%3D1%26correlator%3D3925%26frm%3D24%26ife%3D3%26pv%3D2%26nhd%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D0%26ish%3D0%26ifk%3D1520562853%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759876%252C44759927%252C44759837%252C95320884%26oid%3D2%26pvsid%3D3610774700537060%26tmod%3D1537661235%26uas%3D0%26nvt%3D1%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C0%252C0%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D1%26uci%3D1.ag043tua9fw1%26fsb%3D1%26dtd%3D417&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/89.0.4389.72%20Safari/537.36&os=17&browser=11&userid=7315297876055818599&kid=6274928&bid=19051294&kw=PACS%5F5158023%5F19096890&gdpr=0&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Requested by: Host: ad2.adfarm1.adition.com
URL: https://ad2.adfarm1.adition.com/js?wp_id=4847839&gdpr=0&gdpr_consent=&ts=7315297876062374922&kid=6274928&bid=19051294&keyword=PACS_5158023_19096890&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.21 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad2.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 10c13c109e71440224065f3ee9479eb757a0caa5e3017a6c590fbc0713ed42f0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 07:11:53 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A305 0
20 B 58ms
57ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BWU_yqSiFZYTJFIeq3wPLkITwCAAAAAA4AeAEAg&bg=!NjWlNXrNAAY3kmNgF5I7ADQBe5WfOK7VjIUtZ0EIZQH9TC6qyDLKRJm0N7tKVOh6U4OKa0lmXRwQmYAkyim7O6YgZAubAgAAAClSAAAAAmgBBwoAHDqdqkaymzAXJ2lzxZSIL0DiSIiMBObi4MRKleiZA00yn_4_AKVZ0exjMK917dqPyL9mELU6uZHUAOJcdoV0K59mlbsrTHh_PwFuimVPSPP_GZvZVVQJ6lYbTJMkMAOn4slsyEqmKs77FAMUIZVN06tMwyNVdYZWnbmJHMySW0AUR77cn1BnNK-Ow0eZxkMaNU8tyD7DnaLpaoptbMRAh3EPn57DaUsg8E63cs4bKpOOdn7ZVHTuqx3EACpw38j3MUB6_jqh6y72vhfpq5p27ObnPAwECbYjk_2hoRBUI5JOGCExz6l9luwQp72m81OQOypneGkhWaocG-ni4zsmIrdSXQt8GhiWLYc4oZOQJvSy-n7VtU5Rrh78HIa87cTFErHY8rhiCCgVXDmGz0QJ0esAGVJ4tzNJdW1CX3DAyU1oemGS8HltYVWugrvwRr4aoL1DQ5BO7v9xoL7Jc3LxKU4-UiGm_RvqkdZ1BAjjIqbXawVNo_ZYOjxzbat3Tx-nqUpNcNq2Yv2kAtNQRuz-W5otcsdVJ4xo5u6mKaNst8PIn0xa-ksLRougdEniOi-CYK_BPRhoK9b7pFFb6EY-a7EyF9Vbz5SxGfJrJ3BPLtKz75XOWeMob_1OedyJhubX8iyEquPWS6zq0coRdBvwRYlSYw4egqXTU77GLKIvIgZZnFSwCTEju29nV3z_EB96wLUv1uv1hViNr4t1dmUy-IYqO1RVrzi0bmWjtHrnLr_pAgUSiO416qUCj1RzD9dkMgs0ETLHLxu2bqieHJQTbp-UfsXYqVKzpZ5_kH6AEXktn8EcTNC5zgaBNUsBY-7B-Zx2h_cAxSjTcjDTkEoVqQlvro8xoscy5SNP72jce2iXf9t8Fu3IaIK_3wBH0WdB8E5Qrg0Y-bqyP1bl5xyR4RqSpnhlkDOgUAW0QgmhGmq1qoNMXilhvneWZNPQmgaLgamWCDer8n9gYl9Ckz-CqkskdgN865NF4fL2-e2Mc3Tlu14fSksAIumgPHBbTXqdhbcbXPThQfVV04meCz03K9-Xi5QDRKL0RYbrrA4PdMrezXyH0pin1ivHehIWbhiyWNWUvafviDf6mX_4KTIAhKNyBLl_51gkFq6if2J01reLFl1VMzCi6FFf6qod_QgIVOV3zseJASLfKeCswQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.html Show response
imagesrv.adition.com/banners/268/01/22/b3/1e/ Frame 0151 6 KB
1 KB 24ms
24ms Document
text/html 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/zhanguoqiannian_dongtaiman-shidaimanwang
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5b9ddbdf4f19cb4f33744d3f6e3a35f56ad8f2a2c4c8c74071ae3032990872a3

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
content-length: 1109
content-type: text/html
date: Fri, 22 Dec 2023 06:11:53 GMT
etag: "1977438249-br"
last-modified: Wed, 13 Dec 2023 10:53:10 GMT
vary: Accept-Encoding

GET
H2 200 oba_priv.sjs Show response
imagesrv.adition.com/banners/270/ Frame 8FFB 2 KB
669 B 30ms
30ms Script
text/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/270/oba_priv.sjs?oba=&domId=obaButton_7315297876062374922&btr=true&pos=top-right&cid=34720&aid=34720
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046730&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703225512080&bpp=182&bdt=247&idt=414&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=3925&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1520562853&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320884&oid=2&pvsid=3610774700537060&tmod=1537661235&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ag043tua9fw1&fsb=1&dtd=417
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: ed57d561e7595b538a43cd374f083ea8ad7df59588b03be18dda484e1be0625f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 06:11:53 GMT
content-encoding: br
content-length: 609
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DD99 1 KB
643 B 21ms
21ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 34319
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Fri, 22 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AditionH5_ClickTags.js Show response
imagesrv.adition.com/js/ Frame 0151 753 B
410 B 25ms
25ms Script
application/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/AditionH5_ClickTags.js
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:53 GMT
content-encoding: br
last-modified: Wed, 22 Nov 2023 10:01:14 GMT
etag: "597418985-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 330

GET
H2 200 stylesheet.min.css
imagesrv.adition.com/banners/268/01/22/b3/1e/css/ Frame 0151 7 KB
2 KB 24ms
24ms Stylesheet
text/css 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/css/stylesheet.min.css
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: eaefa592663c92593430ad63502d671501fa8947c02d63ad42e0e25db919e837

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:53 GMT
content-encoding: br
last-modified: Wed, 13 Dec 2023 09:14:49 GMT
etag: "758076870-br"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1661

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.6.1/ Frame 0151 61 KB
22 KB 60ms
27ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.6.1/gsap.min.js

Requested by

Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dce03f3336254bd93ae523da00dc35de7a9851eb33fb6fbe20d94d4d32612a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2005524
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 22334
last-modified: Thu, 25 Mar 2021 07:56:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "605c4223-f455"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKr%2FcmxS6WraBuXSRZ83tcZH8wPblBPrHsjAXJpQHfitVGnJ07GhOc7Nh%2BAc8O1mDBneNDHwh%2FrZBgx2Uju55UcLTBGNhqZ7iHBokObvni%2BX7mYPAuh4E66cVWD%2BqUy69RYGMnx5JoTEI1hG20%2F5bO%2F7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 839635c4ec5901db-ZRH
expires: Wed, 11 Dec 2024 06:11:53 GMT

GET
H2 200 bg_1.jpg
imagesrv.adition.com/banners/268/01/22/b3/1e/img/ Frame 0151 4 KB
4 KB 25ms
25ms Image
image/jpeg 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/img/bg_1.jpg
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 953db07ea9fa323bee1041eaf95fa42a90866f77f584b2f4ec34175f2f9820c3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 06:11:53 GMT
last-modified: Wed, 13 Dec 2023 09:02:22 GMT
accept-ranges: bytes
etag: "2246782308"
content-length: 3917
content-type: image/jpeg

GET
H2 200 logo.png
imagesrv.adition.com/banners/268/01/22/b3/1e/img/ Frame 0151 2 KB
2 KB 26ms
26ms Image
image/png 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/img/logo.png
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: efb08ef4f0cd70649983ecb03951894f04d7233db1699b410c9b44249a002565

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 06:11:53 GMT
last-modified: Mon, 09 Oct 2023 07:47:32 GMT
accept-ranges: bytes
etag: "2095762189"
content-length: 2393
content-type: image/png

GET
H2 200 m_1.png
imagesrv.adition.com/banners/268/01/22/b3/1e/img/ Frame 0151 47 KB
48 KB 50ms
50ms Image
image/png 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/img/m_1.png
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 36fef9e80aa0fd980df7fcac8e0283632e986a75a20e9bdf2992cb48e18d6460

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 06:11:53 GMT
last-modified: Wed, 13 Dec 2023 09:02:22 GMT
accept-ranges: bytes
etag: "1502588344"
content-length: 48590
content-type: image/png

GET
H2 200 txt_2_1.png
imagesrv.adition.com/banners/268/01/22/b3/1e/img/ Frame 0151 979 B
1 KB 70ms
70ms Image
image/png 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/img/txt_2_1.png
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 09fe17742d40f75a1eb9abd39f3185ff4e8721685fe709be0b43236d139f36c5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 06:11:53 GMT
last-modified: Wed, 13 Dec 2023 09:02:22 GMT
accept-ranges: bytes
etag: "1292380497"
content-length: 979
content-type: image/png

GET
H2 200 txt_2_2.png
imagesrv.adition.com/banners/268/01/22/b3/1e/img/ Frame 0151 666 B
718 B 34ms
33ms Image
image/png 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/img/txt_2_2.png
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 6ca1af1206a8d066057b98e75b300e8d7081120a3ccea4dcce21fc296cc98cd2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 06:11:53 GMT
last-modified: Wed, 13 Dec 2023 09:02:22 GMT
accept-ranges: bytes
etag: "3244322749"
content-length: 666
content-type: image/png

GET
H2 200 txt_2_3.png
imagesrv.adition.com/banners/268/01/22/b3/1e/img/ Frame 0151 1 KB
1 KB 35ms
33ms Image
image/png 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/img/txt_2_3.png
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 55fc45a46ac3493364495cf43f3bbbd244b635af093b73cd6d7159d1b125e1fa

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 06:11:53 GMT
last-modified: Wed, 13 Dec 2023 09:02:22 GMT
accept-ranges: bytes
etag: "1473899337"
content-length: 1231
content-type: image/png

GET
H2 200 txt_2_4.png
imagesrv.adition.com/banners/268/01/22/b3/1e/img/ Frame 0151 873 B
925 B 36ms
34ms Image
image/png 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/img/txt_2_4.png
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 57f696705711f8657078df44292fb190c094c2e53d1557bb6b38e914d1df775f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 06:11:53 GMT
last-modified: Wed, 13 Dec 2023 09:02:22 GMT
accept-ranges: bytes
etag: "2726833059"
content-length: 873
content-type: image/png

GET
H2 200 cta__bg.png
imagesrv.adition.com/banners/268/01/22/b3/1e/img/ Frame 0151 284 B
360 B 36ms
35ms Image
image/png 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/img/cta__bg.png
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 4e9c063b1e5f983a5db2b4b79a4dc2433b5d0f819f082aa93c9272aa5ef257c2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 06:11:53 GMT
last-modified: Mon, 09 Oct 2023 07:47:32 GMT
accept-ranges: bytes
etag: "2530266109"
content-length: 284
content-type: image/png

GET
H2 200 cta__txt.png
imagesrv.adition.com/banners/268/01/22/b3/1e/img/ Frame 0151 900 B
975 B 36ms
29ms Image
image/png 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/img/cta__txt.png
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 594ba6116aa117a6e4a1d3ab5d543c1a4b793f31c8b07fcfb32289a1c5f5f6bc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 06:11:53 GMT
last-modified: Mon, 09 Oct 2023 07:47:31 GMT
accept-ranges: bytes
etag: "3390076610"
content-length: 900
content-type: image/png

GET
H2 200 cursor.png
imagesrv.adition.com/banners/268/01/22/b3/1e/img/ Frame 0151 457 B
532 B 57ms
20ms Image
image/png 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/img/cursor.png
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: d89af053267d4e7fd540efb1644477d56d03bdec78ee6ac865812b562a8fdde9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 06:11:53 GMT
last-modified: Mon, 09 Oct 2023 07:47:31 GMT
accept-ranges: bytes
etag: "1781069596"
content-length: 457
content-type: image/png

GET
H2 200 txt_0_1.png
imagesrv.adition.com/banners/268/01/22/b3/1e/img/ Frame 0151 1 KB
1 KB 61ms
24ms Image
image/png 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/img/txt_0_1.png
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 31f67846e30ad4343c55f38f62fd83e30ecdc44414a8c3fe93c564824c54bf60

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 06:11:53 GMT
last-modified: Mon, 16 Oct 2023 15:02:05 GMT
accept-ranges: bytes
etag: "2584362497"
content-length: 1389
content-type: image/png

GET
H2 200 txt_0_2.png
imagesrv.adition.com/banners/268/01/22/b3/1e/img/ Frame 0151 1 KB
1 KB 61ms
24ms Image
image/png 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/img/txt_0_2.png
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: ac439302b7c53baaf06a8e6cbaf9bf8798f15c1dc2002caca73c91c96d1e927d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 06:11:53 GMT
last-modified: Mon, 16 Oct 2023 15:02:05 GMT
accept-ranges: bytes
etag: "492469103"
content-length: 1051
content-type: image/png

GET
H2 200 txt_0_3.png
imagesrv.adition.com/banners/268/01/22/b3/1e/img/ Frame 0151 3 KB
3 KB 62ms
25ms Image
image/png 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/img/txt_0_3.png
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: ec779693b9bb1ab1a9c775188c095704fa564d18a339dc74bf74321cf9f9f7d3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 06:11:53 GMT
last-modified: Mon, 16 Oct 2023 15:02:05 GMT
accept-ranges: bytes
etag: "3034184542"
content-length: 2601
content-type: image/png

GET
H2 200 txt_0_4--1.png
imagesrv.adition.com/banners/268/01/22/b3/1e/img/ Frame 0151 1 KB
2 KB 62ms
25ms Image
image/png 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/img/txt_0_4--1.png
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 9b7b3356a9e9f16394497383ae6bcc1d460e8f7a499bc8432694f78067bcfd54

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 06:11:53 GMT
last-modified: Mon, 16 Oct 2023 14:54:12 GMT
accept-ranges: bytes
etag: "1650848551"
content-length: 1478
content-type: image/png

GET
H2 200 txt_0_4--2.png
imagesrv.adition.com/banners/268/01/22/b3/1e/img/ Frame 0151 1 KB
1 KB 62ms
26ms Image
image/png 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/img/txt_0_4--2.png
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 1f20928b3375b88687f9f3555c7fe3f010e2a42bafef4c0195e50e4fda8d203f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 06:11:53 GMT
last-modified: Mon, 16 Oct 2023 14:54:12 GMT
accept-ranges: bytes
etag: "3932008786"
content-length: 1167
content-type: image/png

GET
H2 200 logo_x--1.png
imagesrv.adition.com/banners/268/01/22/b3/1e/img/ Frame 0151 3 KB
3 KB 63ms
26ms Image
image/png 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/img/logo_x--1.png
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: e47fa5f6d76a39b08a4c59b4459509721c1039c9cc2ccfc2275424d8f90eee2b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 06:11:53 GMT
last-modified: Mon, 16 Oct 2023 15:02:05 GMT
accept-ranges: bytes
etag: "1738652372"
content-length: 2906
content-type: image/png

GET
H2 200 logo_x--2.png
imagesrv.adition.com/banners/268/01/22/b3/1e/img/ Frame 0151 2 KB
2 KB 79ms
24ms Image
image/png 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/img/logo_x--2.png
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 8fa59dac01976842c2efc18afe8e1a06d6d67e409b81df57fc59c262d06466cb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 06:11:53 GMT
last-modified: Mon, 16 Oct 2023 14:54:12 GMT
accept-ranges: bytes
etag: "801043932"
content-length: 2487
content-type: image/png

GET
H2 200 pvm.min.js Show response
imagesrv.adition.com/banners/268/01/22/b3/1e/js/ Frame 0151 15 KB
3 KB 33ms
32ms Script
application/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/js/pvm.min.js
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 136a6d1e42b2c6df423fad8e7c931084f049b846e98263a165f7667228349201

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imagesrv.adition.com/banners/268/01/22/b3/1e/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCfOuAqCiFZdjuI9iJ5LcPzbGR4APA8Nz0dKW5hfiQEve3vs%2DIChABINPLzjBg9YWAgPwDoAH39%2DmEKcgBCakCmehu2UZ3sj6oAwHIA5sEqgTuAU%5FQZYap4wOjhw6OZfyjW5ek0WlbAW9G8fT47Ml4xZZIY1ZosHctIg52SPmDxmL1WHp%5Fjez14FR3iJeGBhk9OLmJFUwQ%2DJj7dVDPBW6%2DpJbKNLMRY9s65PHX2Hu%5FH%5F42rn4lRTLNP7GZyOzkEKAMvZF4FqIAMsfns%2DEPL54%2Db4RoNvJOI5MrfrkvI5dcdl%2DuBQExzVs2OX%5FCyqflJqM8vOVN7stKU3diwqp6otHdfNr5tN9ScJtLastKGvwQKT%2DHxxByKED891mVL2oq9qSmJqkhroSmlavc5q04sJ1N002Z4Sr%2DeAho%2DOxVFugkTZLABJLM4I63BOAEA4gFvJrm5E2QBgGgBk2AB%5FevuuQDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiAYRABGF0yAooCOgSAQIBASL39wTpYtaqVvbGigwOACgOYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CQ0iwE4G%2DihbQEwDYEw2IFAPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FWWD4KqI5iBatyABp2nyfhBge2CDWmuVF%2D7djp2Q1UesePTD1GAE%26sig%3DAOD64%5F0DY5KJ%2D88bLOVxqRwOtfnRTzr%5FMg%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DAnZIJ9StspQ1LuV2WF71bwubmXyruQM0coYhU2mD%5FZtnwTvu%5Fthj29K%2Da3YUItVUb3Tfq2w6w0T5RLJqOq9x6LzfNbzuEBRIWv3XkIaZevtUHEw8ONzR%2Dq0M7NxgvmKn2aGEhV2Qi0pDmlPCPcGq%5FCNRKgYgmRSK4U8N4LRPJoM9qe1S8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DCDZqOSPI27vK3vWAf2LWS3ClYmBnww8IXJfk2laAMMK0PUb4sSwtyryANdRQZEYgR7HZQD7UaWwPIZi6n2poj9O9RPwrSaYJQo5voHiVbiTNDbJN1IMNrjyvT%5FBbJITVyi5Y2syY%2DTV5HJeBrEtvn7TSV3XfZAezmerAVV7kHes3QDTgfgjEgvjczVKr079jLF%5FmI7GKtIXF05X%2DMSbt0VNFV7L99800KJyBmr%2D67fFFrgbjCqKsyhAkISTLJvOQmwDPj0%5Ft1psEdeddbyC0439srWvhleG0cruZOgLDrk3UvsJpHSAWhXlObTvgBJ1rXUE6n9FggQEIRfNjnMwkoo577dTmnlmmjlx2ZdZipOtgGisXEaNy%5FRSXJK0j7LQaI4e7MtXJAVjwDPsOXsVzpQ%2DXGVzIhrHE6NSKKgQjbwwnIbxUzNFYGOMRuNp3F0jmUaVsCfp3VLRMQs0ff5bOspikGirBRoPMpU420eeCMNuahLCAsMRDE7jPLqWnfVYIo%5FApJxpBmfwUCDg9sBHY7JC0lY9kv5GGGRPAN5fya0vqAyHx5RW8%2DwqTZydjht3ijOnahT%26adurl%3Dhttps%253A%252F%252Fad4.adfarm1.adition.com%252Fredi%253Flid%253D7315297876062374922%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D5158023%2526kid%253D6294036%2526bid%253D19096890%2526c%253D36356%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253Dhttps%253A%252F%252Fad2.adfarm1.adition.com%252Fredi%253Flid%253D7315297876063685389%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315297876055818599%2526sid%253D4847839%2526kid%253D6274928%2526bid%253D19051294%2526c%253D58828%2526keyword%253DPACS%25255F5158023%25255F19096890%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:53 GMT
content-encoding: br
last-modified: Wed, 13 Dec 2023 09:14:48 GMT
etag: "3045022012-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 3003

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DD99
Redirect Chain

https://aep.mxptint.net/sn.ashx?google_gid=CAESEH9eJ9yag8xzOnLrb8cv2g8&google_cver=1&google_push=AXcoOmTodeHxXlPyX4CgRddwfsUXMANoAL1ph5l6KWm3wt9fXgInu7MEGuR6uTtgPwoDehrf5KmPlTw3de0NYeakuyeFqcUdnXSt...
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmTodeHxXlPyX4CgRddwfsUXMANoAL1ph5l6KWm3wt9fXgInu7MEGuR6uTtgPwoDehrf5KmPlTw3de0NYeakuyeFqcUdnXStdk3Ws6tXU7evSko_aElCYq6UGLL...

170 B
188 B

32ms
32ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmTodeHxXlPyX4CgRddwfsUXMANoAL1ph5l6KWm3wt9fXgInu7MEGuR6uTtgPwoDehrf5KmPlTw3de0NYeakuyeFqcUdnXStdk3Ws6tXU7evSko_aElCYq6UGLLfMCFJyZoQdRPunPHKmI_0yP01Pj9c&google_hm=UjM1Q0E5XzEwRTEzREJGOV9DMERGMUVFQg%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmTodeHxXlPyX4CgRddwfsUXMANoAL1ph5l6KWm3wt9fXgInu7MEGuR6uTtgPwoDehrf5KmPlTw3de0NYeakuyeFqcUdnXStdk3Ws6tXU7evSko_aElCYq6UGLLfMCFJyZoQdRPunPHKmI_0yP01Pj9c&google_hm=UjM1Q0E5XzEwRTEzREJGOV9DMERGMUVFQg%3D%3D
Date: Fri, 22 Dec 2023 06:11:53 GMT
Cache-Control: private
Strict-Transport-Security: max-age=-386230313; includeSubDomains
P3P: CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length: 402
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DD99
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEFPZ_e535nRc4pcElDajxnU&google_cver=1&google_push=AXcoOmSUcXpN51I9zVP5VA9neZAlDwkdnz4Pase7p40Of6r4LEbwASzTOQG0BB9Q6ukHqf1lSGJr_yu...
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEFPZ_e535nRc4pcElDajxnU&google_cver=1&google_push=AXcoOmSUcXpN51I9zVP5VA9neZAlDwkdnz4Pase7p40Of6r4LEbwASzTOQG0BB9Q6ukHq...
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=WR1hCbgHQvCgD576pjTb_WWFKKk

170 B
188 B

30ms
30ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=WR1hCbgHQvCgD576pjTb_WWFKKk

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=WR1hCbgHQvCgD576pjTb_WWFKKk
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DD99
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=q_YMHESaQISetESIuZ0S1Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

30ms
30ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=q_YMHESaQISetESIuZ0S1Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQfJnld5Rxs6s3ge0pYu1mtMza-crxE1ncvArbcaCuOrVHHQDRQ4St5rdL3IIJSkAyoHyoP5dUGgGCAA80fAJ0P7Hin_hHoxxfOkSboau-le9cUGL4MjySfL3WLI9eBv47rttzVbMgnCuh0kN92yvsS

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=q_YMHESaQISetESIuZ0S1Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQfJnld5Rxs6s3ge0pYu1mtMza-crxE1ncvArbcaCuOrVHHQDRQ4St5rdL3IIJSkAyoHyoP5dUGgGCAA80fAJ0P7Hin_hHoxxfOkSboau-le9cUGL4MjySfL3WLI9eBv47rttzVbMgnCuh0kN92yvsS
date: Fri, 22 Dec 2023 06:11:52 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DD99
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGjNZ9QPP2cYtl68F2QuOAc&google_cver=1&google_push=AXcoOmR8JwstpFNSZfSHe0roqzdP8BpQtVALBzmuDx247BPMZV-u43MbjlcgrUMbWgJRPxJg0xb8BR3AQXGV...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR8JwstpFNSZfSHe0roqzdP8BpQtVALBzmuDx247BPMZV-u43MbjlcgrUMbWgJRPxJg0xb8BR3AQXGV3AtNIgfWlS9pKSkrULiPbMny0gC7ttjvnBN-...

170 B
188 B

30ms
30ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR8JwstpFNSZfSHe0roqzdP8BpQtVALBzmuDx247BPMZV-u43MbjlcgrUMbWgJRPxJg0xb8BR3AQXGV3AtNIgfWlS9pKSkrULiPbMny0gC7ttjvnBN-Sa2DrENcd_HkhE583vMuN7T1CWVmi0woXtII

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR8JwstpFNSZfSHe0roqzdP8BpQtVALBzmuDx247BPMZV-u43MbjlcgrUMbWgJRPxJg0xb8BR3AQXGV3AtNIgfWlS9pKSkrULiPbMny0gC7ttjvnBN-Sa2DrENcd_HkhE583vMuN7T1CWVmi0woXtII
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DD99
Redirect Chain

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEAUCqPAmtbJsBEY1iivz-5E&google_cver=1&google_push=AXcoOmQ4j_CLi2ZjTKS3JvmjDNnqh8hlk78TmTd7fSi19LO43UJgvx7uLwalP7mvIGz2U9QzJcI3-...
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEAUCqPAmtbJsBEY1iivz-5E&google_push=AXcoOmQ4j_CLi2ZjTKS3JvmjDNnqh8hlk78TmTd7fSi19LO43UJgvx7uLwalP7mvIGz2U9QzJcI3-...
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmQ4j_CLi2ZjTKS3JvmjDNnqh8hlk78TmTd7fSi19LO43UJgvx7uLwalP7mvIGz2U9QzJcI3-qklVx7cqsKcWzPflLYv9wfV9-msGRLEfHHADcyznbEIasIdbD2...

170 B
188 B

32ms
31ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmQ4j_CLi2ZjTKS3JvmjDNnqh8hlk78TmTd7fSi19LO43UJgvx7uLwalP7mvIGz2U9QzJcI3-qklVx7cqsKcWzPflLYv9wfV9-msGRLEfHHADcyznbEIasIdbD2CFfIzVz5KOUw9mMqespRiMUdqjKCEJQ&google_hm=X25PX3hYMm9lbG5ValR6b0Y1ajg=

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 22 Dec 2023 06:11:54 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmQ4j_CLi2ZjTKS3JvmjDNnqh8hlk78TmTd7fSi19LO43UJgvx7uLwalP7mvIGz2U9QzJcI3-qklVx7cqsKcWzPflLYv9wfV9-msGRLEfHHADcyznbEIasIdbD2CFfIzVz5KOUw9mMqespRiMUdqjKCEJQ&google_hm=X25PX3hYMm9lbG5ValR6b0Y1ajg=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 298
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame DD99
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEOZ9r5_fCSS0...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZjUzYTcyNDYtZDM0ZS00OGE5LTk3MDktZWZhMDI1N2Y1YzVm&google_push=AXcoOmQJPXmfNbsbbSqnARXyBT6JDxQoYV3qY53ZY4EPjH9JezlpNbEdsDaD8ur0fOQmi...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

51ms
51ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046730&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703225512080&bpp=182&bdt=247&idt=414&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=3925&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1520562853&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320884&oid=2&pvsid=3610774700537060&tmod=1537661235&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ag043tua9fw1&fsb=1&dtd=417
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Fri, 22 Dec 2023 06:11:53 GMT
pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DD99
Redirect Chain

https://www.temu.com/api/adx/cm/pixel?google_gid=CAESEPK2VPmsjB8ZP63LM8pmSP4&google_cver=1&google_push=AXcoOmSPdYh287Qd3GVuvtG0Sl1R2TKFhBBhpxMH4kROj2qg7CcgSRpCXZuq_ar6pfQaB_pu1NEKyPTVCOwOrFOQQmcYC-...
https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmSPdYh287Qd3GVuvtG0Sl1R2TKFhBBhpxMH4kROj2qg7CcgSRpCXZuq_ar6pfQaB_pu1NEKyPTVCOwOrFOQQmcYC-Y3gfmhz9dP579sU_DCXJTdWspvKRke3dKK...

170 B
188 B

28ms
28ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmSPdYh287Qd3GVuvtG0Sl1R2TKFhBBhpxMH4kROj2qg7CcgSRpCXZuq_ar6pfQaB_pu1NEKyPTVCOwOrFOQQmcYC-Y3gfmhz9dP579sU_DCXJTdWspvKRke3dKKXne5CMWpYxD7eVCN-Fe3j603xAfx

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 22 Dec 2023 06:11:53 GMT
strict-transport-security: max-age=2592000
server: nginx
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif
content-language: de-CH
location: https://cm.g.doubleclick.net/pixel?google_nid=1371970550&google_push=AXcoOmSPdYh287Qd3GVuvtG0Sl1R2TKFhBBhpxMH4kROj2qg7CcgSRpCXZuq_ar6pfQaB_pu1NEKyPTVCOwOrFOQQmcYC-Y3gfmhz9dP579sU_DCXJTdWspvKRke3dKKXne5CMWpYxD7eVCN-Fe3j603xAfx
x-yak-request-id: 1703225513903-903930daaa484eb7831b25773d9a8732
yak-timeinfo: 1703225513903|2
cip: 176.10.106.9
alt-svc: h3=":443"; ma=604800
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame DD99 0
12 B 30ms
30ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LYLFAFzkPKSVrjCJQofYU_QlXaVzV3lifrZkMIm9Tx_CWgOVY-NspyD3E-hqv3RJ05WZTZkJik

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 adplayer_privacy.sjs Show response
imagesrv.adition.com/js/adplayer/ Frame 8FFB 20 KB
6 KB 69ms
69ms Script
text/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adplayer/adplayer_privacy.sjs?oba=0&domId=obaButton_7315297876062374922&title=PIA+Advertising+GmbH&text=nutzt+u.a.+die+ADITION+Adserving-Technologie.+Mehr+&url=https%3A%2F%2Fpia-advertising.com%2Fopt-out%2F&linkText=Informationen+zum+Datenschutz%2FOpt-Out+&pos=top-right
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/270/oba_priv.sjs?oba=&domId=obaButton_7315297876062374922&btr=true&pos=top-right&cid=34720&aid=34720
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 806a1e163beecb7b187585bd8b8f042a1c66822d91f87b854f81895baf18852a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 06:11:53 GMT
content-encoding: br
content-length: 6039
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8

GET
H2 200 adplayer.min.css
imagesrv.adition.com/js/adplayer/ Frame 8FFB 3 KB
998 B 47ms
24ms Stylesheet
text/css 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adplayer/adplayer.min.css
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/js/adplayer/adplayer_privacy.sjs?oba=0&domId=obaButton_7315297876062374922&title=PIA+Advertising+GmbH&text=nutzt+u.a.+die+ADITION+Adserving-Technologie.+Mehr+&url=https%3A%2F%2Fpia-advertising.com%2Fopt-out%2F&linkText=Informationen+zum+Datenschutz%2FOpt-Out+&pos=top-right
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: dc1ca4850a9ee967d6ebcb561007bdea073f8380ae5a0a4f634945e3f9b59b87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:53 GMT
content-encoding: br
last-modified: Tue, 30 Oct 2012 15:33:13 GMT
etag: "524465627-br"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 918

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5EC1 0
0 60ms
60ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvACIy1DwaqVNwoW1jIftdHaARcosyNEssGL7-kMLBORST8IUOAy71q2RHUvVdS_cOhQgGXpaFjR5T38wU7WNhNUYuF05XNFR8z3NLAGlxHh1Sjv6QY0XN9sABLH1CtxMBaXXKfJTouF-jfUirRLiwlCaizF7ZzluvAJxxRJxe7sdKKI_G40XvFm7RKFNo7e5gb-Bq47ezB_z09u6vDRdDubyCU_G1oD_Mgfayc0RkarGbWalrRKQ4iI8FE9GnPkAp80Oys0ME4KxNocZtYVnbO1kEK5wZwm6WaAuieBesQZVf5KL1PHbBs_V0resS4-D8P0LKPwSSnZnkk34F97-lEIbkifb666E_gaiHtjrjaDGP2IHS-ibz5GE4jsIxIxEsVG6hulMZv_IAnr_6C94&sai=AMfl-YSIBoJuxiMJtEu-BLsmlr1WsJ4v3MYObNuFtn4H_ngkdjtU89I8mwI8aceVL2d_k2SNEyfKSU5_R-Foj1o&sig=Cg0ArKJSzNt5DsWnI6SZEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 22 Dec 2023 06:11:53 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5EC1 16 KB
12 KB 70ms
70ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e05770121bbc89182fd5212edf5b0ff81aec17671df965bc06012ed9477cca4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12142
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5EC1 17 KB
6 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 06:11:53 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0626 13 KB
5 KB 23ms
22ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 33005
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 21:01:48 GMT
expires: Fri, 20 Dec 2024 21:01:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 38AE 829 B
559 B 31ms
31ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3c1eeddf4dff3661847a222c7e10ce21808b13f80915ca71fa51d2efff4fcc88

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--oZsCx8vdQFcyoXskx-3XA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce--oZsCx8vdQFcyoXskx-3XA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 06:11:53 GMT
expires: Fri, 22 Dec 2023 06:11:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 0626 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 13:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Dec 2024 13:10:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 38AE 0
0 55ms
55ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=3610774700537060&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0626 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?C3Ud1w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 06:11:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 516A 0
0 59ms
59ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=3442845709498204&bg=!rK-lr-DNAAY3kmNgF5I7ADQBe5WfODBJBvJP7udmJ9_KtNyH8MJCEnwEAdwnuYz4rdfGDe4wtc7gBMNeObZRwCwQWp7vAgAAAC5SAAAAAmgBB5kDEfVNa2OYRxRHlKVMU4N0VCIACNyQ2pK7mKydXaGX4nWoiHQD4jfp-P_rstw3NBsO9cFU9UiXntx9mI5FTIpMBTy-qkvVTF9GUo7OXk1BL2aucYV8DaMOVdcoSgeNIXGtNu0-tuuF15sb5NrC03dPweYNeGbzsho2auY56KW91gYFZOD5JR77VYmiUPwkNHR3QXWUeztjuAZ0TBCeJUmADS2W9uQRpnRbUBkAp_0LR9PaXpQ_zXVkQU_uJRYzpYMadbnPUNTD_ImIMMxH7ZDrxJS3Eo4W7DFDCEGcIzVorRs0Ydn6A__4Y2EGF0dS_JxxvL2F3UoJ8n4CqsozKQmNG0TBzyDhQopeim4grqYHnG89nkGKiO910KTDN3zxO9tdr0gWE9RrHbFsH6A7sa5Qy7LXwGRMF8UyFUgoCVlbAQKeqOFAnE63_Ge-wMr4gqQK9rkfnzySRAmKR2yFFBJ1AslVk1PZT2Q3D4mGhQDoClsPaHyT0YrsEX5camazXwDOer8gss4OEoDxkQej8tO41dJ_cDptt4LJZSGDfCCCP4c_xM-R6yXSp6ZezWSOZwTg2s5IZAqlGb8iUFgaC7l216H-ss7IMskAzxCZ5KibA00uUG6pnzw1QM216ziN6BjKBS4VDAl2YlehTzucU_nNPxCKwbr8mk4vkTfqR5YM81qKxZlF56WZeObbO5hUkIUn8qZryCl9yfvTzUn2WpYpXLdLc_3iAZmCWBiUELmVlbuP-QcodahpktHirKGlusjPu-Qpt1abkD1UPwpe8TJfp5TKSyWHsD9G30WSROslPj08aSVgJA07c83C-N-c9oFww6dCsNoG4LRO8ZISkePFZfM5nKv_hwbTqem7TLA0Hf8NmJGstT3e8Pe2k6jZGGvm2h4YSo4VIYs1yQ-o7OtVfhfQzMbzj2LpKpXHs8FxXfLZKLVd2iQCRIi8pnq42-NDoeQXTkOQpKBdSXloNGwCEagpsExKOUjVOXOV0AjJztkCN250lbt3CtUNQ0fYvsmjyUe6JkV_Wm14P8TCDUVN250g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E025 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2465509911556&version=m202309260101&ct=2&x=1&cor=14309667913922925000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5EC1 0
0 57ms
57ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=3610774700537060&bg=!lZalltnNAAY3kmNgF5I7ADQBe5WfOCTiaHo-282XfV0SA0uu-ICAnnHVEMTLWBL1xbKyYvEwRs0zFLj63ZWBoh9jAOXwAgAAADZSAAAAAmgBBwoAIcvei5d2UmEr_aR1OTQCb28Kl7orhGwfHg8Yb2CFR_41rZkDBrwULBTsQ6UPS7UpPPqgXgVEBD9k8mrZSqCiYocNE6gYBGVHIUEot7_nrmSXUNDr7h2I-zvwfpzKupW_yi3lGSChinjvrEaPHHmcoabXrTZATjbRKm3AMaziBB6VOSdYQj5B5fnBgqlVx4cQQCDGJUDpg52P7d8n1hHmjt8jECJkY1z8YZpFbclHgKtoHMVKNDVG_lnQZ1G7IfFPbOUKCGxWIEJ1JPb-VsaGyW5o-1PDZBx99rwLXwVJDRXCob3exDde5DNbhS3F56L1N2_4fYUpxSf_M25I09AJiqLsPbTJputBm7Czha1rlulhv73Fq0vogE-tvzi1b-2lDcWVRVw1gPFjtcyl3j0QtnBTpKDqBxW0erOaVO3pBJ6nB_xa3JhPWXgrp3he9vFLPKcm2FdOzytO-8IAbHMOpm2EzKHA6w9enP07yhKgKUyy1evTByObiZWpEuyiOGRxG7cd6d_nJd543N3ouOsCyKUzVfSSNq9adzha88pA-veSQDt4Pq10LBTVfeTPAWp7fOHVT0KHL06mr3UkqXMPPzion0VLygg1N3kmeQcL01xQmrFp0jdIUclMiCBltXcHzdbaytffFqUcYwillhPxmE42vwLfsK7I83LOIBFGNJ1DxG77hAu3GGSX4D1ZNsXvrokPCVlFmdq9udWL6KDQmrTOFHkODVo1rbPcZWPzfWdcTrD1BAiw8ARs5dYXBrmFKZtbZwBlMFDEpUganJ9-TxCgoNjxD4K1eg_npOkY4DVKvIR0XtvIBz1za3yLFSQzuXYq6OpoMq7vnJllfq2FezEiltru3RaYU5Ra_O_6SOsJQreGK6jcv_v31NOShLUeXO7sgY59pRfIBcucw5tD_GOPN3jvz1al6rih3PAXSB9ezZS_Mr2s6bOek9atliYrCh3SNd45IPrzbvainYuVjrbVKirbAyzq0i_b1Y2tXREkPi_XAK4HInwUQnk42P0mVD1aAuBzgtoMLk4lDjXfBA4Fi4HNkJdbIu8ICjJnoyfhn9tz_aYZjLjqBA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8FFB 0
20 B 56ms
55ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4310534707219&version=m202309260101&ct=77&x=1&cor=1003283668693038800

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 06:11:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.statcounter.com/	1970-01-21 02:43:05	Name: is_unique Value: sc12916097.1703225509.0
.statcounter.com/	1970-01-21 02:43:05	Name: is_visitor_unique Value: 1703225509274628440
.xgcartoon.com/	1970-01-21 01:52:41	Name: _ga Value: amp--LHbvC8WSEEUj3LBsvPjnA
.doubleclick.net/	1970-01-21 02:43:05	Name: IDE Value: AHWqTUk-Pr-BpifdRenHJFtO5UGxDO0PMrIIuJNRotwcXw6BDbuke1YveukYNebyg3k
.casalemedia.com/	1970-01-21 01:52:41	Name: CMID Value: ZYUoqRBdT.1sB-VDBam2PwAA
.casalemedia.com/	1970-01-20 19:16:41	Name: CMPS Value: 3267
.casalemedia.com/	1970-01-20 19:16:41	Name: CMPRO Value: 3267
.adfarm1.adition.com/	1970-01-20 19:16:41	Name: UserID1 Value: 7315297876055818599
.openx.net/	1970-01-21 01:52:41	Name: i Value: 4cca0e17-0227-466b-b7d1-c13bf90f4085\|1703225513
.adnxs.com/	1970-01-20 19:16:41	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>9iI6Go!]tbPl1M>e)ZlrFUfJ+tGXxo3@l=w#Dw_f%:bFMXS/<)nCCuImYvp05?vE3I3If)y3KL9D3I?+GKW_2>
.adnxs.com/	1970-01-21 02:43:05	Name: XANDR_PANID Value: Jq850x7O1_FPjylK02ANIBt5RXPo4CsUD_CxI3KT3IgU7zcVuG7Ix58Mfg6DK42L6-G3QbhpJ0Ca1Sb-ib-K_lY7wB-i0gKditDvMfolSVE.
.adnxs.com/	1970-01-20 19:16:41	Name: uuid2 Value: 3559352950649299404
.adform.net/	1970-01-20 17:51:43	Name: C Value: 1
.teads.tv/	1970-01-21 01:51:15	Name: tt_viewer Value: f53a7246-d34e-48a9-9709-efa0257f5c5f
.1rx.io/	1970-01-21 01:52:41	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-3537fe66-98de-46db-890f-c33adb885f0e-003%22%7D
.adform.net/	1970-01-20 18:33:29	Name: uid Value: 6876405528533120430
.smartadserver.com/	1970-01-21 02:37:19	Name: pid Value: 3038740223457710904
.adfarm1.adition.com/	1970-01-20 17:07:07	Name: lv_6294036 Value: w=5158023\|t=1703225512
.doubleclick.net/	1970-01-20 17:50:17	Name: ar_debug Value: 1
.targeting.unrulymedia.com/	1970-01-21 01:52:41	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-3537fe66-98de-46db-890f-c33adb885f0e-003%22%7D
.adfarm1.adition.com/	1970-01-20 17:07:07	Name: lv_6274928 Value: w=4847839\|t=1703225513
.mxptint.net/	1970-01-21 02:43:05	Name: mxpim Value: R35CA9_10E13DBF9_C0DF1EEB.1.658528A9
.sitescout.com/	1970-01-21 01:52:41	Name: ssi Value: 591d6109-b807-42f0-a00f-9efaa634dbfd#1703225513792
.sitescout.com/	1970-01-20 17:50:17	Name: _ssuma Value: eyI2OCI6MTcwMzIyNTUxMzgxOX0
.pubmatic.com/	1970-01-20 17:08:31	Name: KTPCACOOKIE Value: YES
.zemanta.com/	1970-01-21 01:52:41	Name: zuid Value: _nO_xX2oelnUjTzoF5j8
.pubmatic.com/	1970-01-21 01:52:41	Name: KADUSERCOOKIE Value: ABF60C1C-449A-4084-9EB4-4488B99D12D5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a008a4fbf869f1ee669ba85827224aa3.safeframe.googlesyndication.com
ad.doubleclick.net
ad2.adfarm1.adition.com
ad4.adfarm1.adition.com
aep.mxptint.net
b1-eudc1.zemanta.com
b1sync.zemanta.com
b1t-eudc1.zemanta.com
c.statcounter.com
c1.adform.net
cdn.ampproject.org
cdnjs.cloudflare.com
cm.g.doubleclick.net
dis.criteo.com
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image6.pubmatic.com
imagesrv.adition.com
obs.cheqzone.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
region1.google-analytics.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static-a.xgcartoon.com
sync.1rx.io
sync.targeting.unrulymedia.com
sync.teads.tv
tpc.googlesyndication.com
us-u.openx.net
widgets.outbrain.com
www.google.com
www.googletagservices.com
www.temu.com
www.xgcartoon.com
zem.outbrainimg.com
104.18.36.155
104.20.95.138
104.75.89.75
142.250.181.226
146.75.118.132
169.150.222.217
172.217.16.130
172.217.16.134
178.250.1.9
184.30.17.67
185.64.190.78
185.89.210.101
185.89.210.153
20.123.110.224
2001:4860:4802:32::36
213.227.153.222
213.227.153.223
217.79.188.11
217.79.188.21
217.79.188.46
2600:1f18:e8a:cd04:9b88:a313:d24d:af44
2606:4700:20::681a:2f3
2606:4700::6811:190e
2a00:1450:4001:803::2001
2a00:1450:4001:803::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2006
35.244.159.8
37.157.4.28
38.68.201.140
46.228.174.117
50.31.142.31
51.89.9.252
81.17.55.171
98.98.134.242
0066af0a1531ed3f4eca86579c9590e93f944019fa1ce576b032167724f400f0
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0980710eec750d23efdab8ccc9eb5c98fb66bf99e93c30978fc24b0620a52f28
09fe17742d40f75a1eb9abd39f3185ff4e8721685fe709be0b43236d139f36c5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
10a9496c968fb01e420759b953e1c683c7620261d4d04ae9a290d42dd63d4455
10c13c109e71440224065f3ee9479eb757a0caa5e3017a6c590fbc0713ed42f0
136a6d1e42b2c6df423fad8e7c931084f049b846e98263a165f7667228349201
17503ee94d49cac5f87a78b0997d82a4e5d93fdbf77ef70a0259d8bd88f6e705
1d1980b2ff1c1bc1d1a109f41807602e60ffb9d741dd2d20ebdf818b785b0891
1e2aa31ea0b4c14103915ba7d906536f68d021c22d3038b36c145bc2e6a2cc1d
1f20928b3375b88687f9f3555c7fe3f010e2a42bafef4c0195e50e4fda8d203f
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
20223ce609303fdb2389120e6975c3703232dbb0b799df76b2c8e222d9268c41
24d18bcf8211d5ae00302987ae9d022aa37207d9adf7209fea35a98b52612c4d
24e2232201bc32c8eb9948db92ec5630c44d3319f063b36e79fb68976d040677
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669
2be10f8e6576c077fa7ce16d275477d11bcaeec29bc15935c24f9ca2de8083d8
2dfc3120b346b740f323485e3711448804353c1c5c213ec822a6ff76e0c7b8ad
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30c4fc15a8b0bac73837553338c75817a9730aa37c2669f36ef82b541c8c8956
30ecbf2238529e1d5983e14e4d2494f39ae1858be1e5de4762e929750b614936
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f67846e30ad4343c55f38f62fd83e30ecdc44414a8c3fe93c564824c54bf60
32014a7e2bd846960c3b0307c8ec9e3d8311b651f12d75c9aa932ffd2c7a497b
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
346a87c57a3b283da261239a4f85e76820fd736db2259622e3c7eceddb76b5cd
36fef9e80aa0fd980df7fcac8e0283632e986a75a20e9bdf2992cb48e18d6460
37b0db1ebc7324b38fadba0ac2e611678acbfa87801103a2afc58ca1f429f2a6
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c1eeddf4dff3661847a222c7e10ce21808b13f80915ca71fa51d2efff4fcc88
3c54442f21c2cbd18f8e6e2508129e77dab00b67022621679202cfe3b9baa4e9
3e8c7f5e1e7fd1d4c13f6f8efe29573fa84993f0cd6a96e38045ba1ae605b1e9
3fcd383e6015bf95bfb9806633d3b90528f4ace6812623ed87cf1ae12380398e
41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28
45dc5467396c7907b5b695e08722a97ef3ba6b6abb94de8fa75f54ce13502d7c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47741202325fba0bd94f3ef3ba2a3386d42271ece349cd393cb72fd6928d2d3f
485be496b6aa2efdab4ee11dc23d7058a67b1aa4838060768c180bba325110b7
497b9c3ec4bede53c91ea2ff2054bfd480f7b6d9f9356ad35e2bc4fb1d25937d
4af1b5f4398ffa034c2ad05c91747949acffdfec6ba427b7c4f6f599ac8e06f0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e9c063b1e5f983a5db2b4b79a4dc2433b5d0f819f082aa93c9272aa5ef257c2
4fe3c645c964ea2dd1f79f5d41d0bd49565341245ae02452546215712cd50e5e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
55fc45a46ac3493364495cf43f3bbbd244b635af093b73cd6d7159d1b125e1fa
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
57f696705711f8657078df44292fb190c094c2e53d1557bb6b38e914d1df775f
585859b53974febb758fb3d75773d8b724b2dd51ce864155a7331878ac1e674e
594ba6116aa117a6e4a1d3ab5d543c1a4b793f31c8b07fcfb32289a1c5f5f6bc
5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997
5b9ddbdf4f19cb4f33744d3f6e3a35f56ad8f2a2c4c8c74071ae3032990872a3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6356dca74d480f9fe67e7a08ad460f342880cfb3004f3ef6d8df6db39edae277
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6ca1af1206a8d066057b98e75b300e8d7081120a3ccea4dcce21fc296cc98cd2
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
755cd97a3391b8d851c7b57294d60c0f2166071ff147f058829b47551d1e0f4b
7b023f0d19978e317e8741914f1f87dee1f79b9add3254abea78e07899678ffa
7d43d185437c15e3182b51d54fb7c1e8095a27d82bf2e65ebc68c39782a1746e
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2
806a1e163beecb7b187585bd8b8f042a1c66822d91f87b854f81895baf18852a
83af0c09a4f51158ec41f22995415aad509db6ef38d91c7feda2503acf5c49f6
86d45e218fa301b4e1f81d6ecad50c1a8f847e669aa2d9c91f0b487ceb56b67f
878a2cd75957206fa5958be9c549e0b8f9adf16b6ae5aa305b1405649f2d84a5
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad
8f43a30f00a2ddcafd222f6f0f53043d1ea97c7fdf2ab1f56a548f0b96328a07
8f525c8a1e0f49d618f5ed59753c69909674a918c173c70ec2ac5b86b227146c
8fa59dac01976842c2efc18afe8e1a06d6d67e409b81df57fc59c262d06466cb
953db07ea9fa323bee1041eaf95fa42a90866f77f584b2f4ec34175f2f9820c3
968659ae88a758f81820dcea6c35acc77c0796eb1f2a4ab05f557458b357b90e
9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b7b3356a9e9f16394497383ae6bcc1d460e8f7a499bc8432694f78067bcfd54
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9bf1c654a10a7fdd2d0332b5bf36243196745fff286b17744a356e3a9576871e
9d94fbe1f6076904619a993982d9d26ad6f865e69ae4cf38d1289bc8ed0fc6c2
9ecba293bbe768ad2ed68b2ebf4c8005b461ec9931529b164ecdd24b95c4eb1c
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1
a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e
a7f6920b1216faae12808a2e64ba3b1b4eef43e85fb3bb52d964dff2a5386c21
a9b4ab467cb9a01f083b4fd37b808ea5797f28acfaa15516286e1701ecd1656a
abee69f8e19beceb0686062f34822a7bcc3df5bd8037e4de7b485a368369beb3
ac439302b7c53baaf06a8e6cbaf9bf8798f15c1dc2002caca73c91c96d1e927d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb22b6f1eaa16879c8550599bc09f556bba897ecd3826a49db742558c1e0751a
be84a66669bfea469df00fb17cdbe0b0b8c10abab7c43c324125aebbd0a65a75
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5
c28e20f7a454f88927bb699b98e9cda962757250cb0e6243877ef10dcf86249d
c74738cf4a920f226e5bba15a84fd44eff55a9f4eca98399ca44ad5a25add5a5
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a
d50653c6b567749e8af96b01371c0830a1ab0731ac3e13230bc12913e00c4f52
d89af053267d4e7fd540efb1644477d56d03bdec78ee6ac865812b562a8fdde9
dc1ca4850a9ee967d6ebcb561007bdea073f8380ae5a0a4f634945e3f9b59b87
dca1a0dc1f2b52f18cf46789de016d2937b1829b3f2db9a19aa78f31a9694e5a
dce03f3336254bd93ae523da00dc35de7a9851eb33fb6fbe20d94d4d32612a2a
de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421
e0435079f9a4a1280a9ccfbb593d29768c3f96b4cd7b0c6ee2134f820b5f65cf
e05770121bbc89182fd5212edf5b0ff81aec17671df965bc06012ed9477cca4a
e192a14be7d5b9bf6b3df8e6c7e1b05eb683de4a8824ba4c32018cd7e9a431d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40d97b983b5756bf934b6b97d8d3fbb7cd719406bf82fee6e8a2c1acced376d
e47fa5f6d76a39b08a4c59b4459509721c1039c9cc2ccfc2275424d8f90eee2b
eaefa592663c92593430ad63502d671501fa8947c02d63ad42e0e25db919e837
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec779693b9bb1ab1a9c775188c095704fa564d18a339dc74bf74321cf9f9f7d3
ed57d561e7595b538a43cd374f083ea8ad7df59588b03be18dda484e1be0625f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb08ef4f0cd70649983ecb03951894f04d7233db1699b410c9b44249a002565
f95bf3d9ca94a417eab8cd36c998a5d35392e917c2080182ee5ec206ef6fe3d7

www.xgcartoon.com Open in urlscan Pro 169.150.222.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

206 Requests

91 %HTTPS

33 %IPv6

29 Domains

41 Subdomains

31 IPs

9 Countries

2782 kBTransfer

6953 kBSize

27 Cookies

1 Outgoing links

Redirected requests

206 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.xgcartoon.com Open in urlscan Pro
169.150.222.217 Public Scan

Screenshot
Live screenshot

Full Image

206
Requests

91 %
HTTPS

33 %
IPv6

29
Domains

41
Subdomains

31
IPs

9
Countries

2782 kB
Transfer

6953 kB
Size

27
Cookies

206 HTTP transactions
12 data transactions