www.xgcartoon.com Open in urlscan Pro
169.150.222.217 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing
Submission: On September 19 via api (September 19th 2023, 9:33:29 pm UTC) from US — Scanned from DE

Summary HTTP 215 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 37 IPs in 10 countries across 36 domains to perform 215 HTTP transactions. The main IP is 169.150.222.217, located in Hong Kong, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.xgcartoon.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on September 14th 2022. Valid for: a year.

This is the only time www.xgcartoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	169.150.222.217 169.150.222.217	60068 (CDN77 ^_^) (CDN77 ^_^)
12	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	104.20.219.77 104.20.219.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:10:... 2606:4700:10::6816:2f93	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 28	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
31	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2251:8200:3:4706:a6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:249... 2600:9000:2491:f400:1b:f040:3600:93a1	16509 (AMAZON-02) (AMAZON-02)
1	154.58.197.185 154.58.197.185	174 (COGENT-174) (COGENT-174)
24	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 16	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3	18.197.176.130 18.197.176.130	16509 (AMAZON-02) (AMAZON-02)
3 3	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	2600:9000:211... 2600:9000:211e:8600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	35.214.187.157 35.214.187.157	15169 (GOOGLE) (GOOGLE)
1	35.157.117.145 35.157.117.145	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
2 3	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
2	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:cdf9:6ebb:c08d:dd	16509 (AMAZON-02) (AMAZON-02)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	23.56.205.163 23.56.205.163	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	172.217.23.102 172.217.23.102	15169 (GOOGLE) (GOOGLE)
2 2	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
1	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	2606:4700::68... 2606:4700::6810:c0cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.43.142.172 13.43.142.172	16509 (AMAZON-02) (AMAZON-02)
215	37

5 169.150.222.217 (Hong Kong, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-222-217.datapacket.com

www.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.219.77 (None, )

ASN13335 (CLOUDFLARENET, US)

c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6816:2f93 (United States)

ASN13335 (CLOUDFLARENET, US)

static-a.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:8200:3:4706:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cti.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2491:f400:1b:f040:3600:93a1 (United States)

ASN16509 (AMAZON-02, US)

ads.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.58.197.185 (Mumbai, India)

ASN174 (COGENT-174, US)
PTR: staticip-hv4m185.hispavista.com

t.hspvst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 216.58.206.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Weil am Rhein, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.197.176.130 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-176-130.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.19 (United States) 3 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:8600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.187.157 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 157.187.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.117.145 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-117-145.eu-central-1.compute.amazonaws.com

i.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.158.49 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.233 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.254 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:cdf9:6ebb:c08d:dd (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.27.193 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.56.205.163 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-205-163.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.102 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.200.5.215 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.130 (France)

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:c0cb (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.43.142.172 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-43-142-172.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
73	googlesyndication.com e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 tpc.googlesyndication.com — Cisco Umbrella Rank: 169 81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com 497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com	691 KB
50	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 cm.g.doubleclick.net — Cisco Umbrella Rank: 329 ad.doubleclick.net — Cisco Umbrella Rank: 180	667 KB
28	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 29602 ad4m.at — Cisco Umbrella Rank: 10446 assets.ad4m.at — Cisco Umbrella Rank: 38846	2 MB
12	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 331	251 KB
10	xgcartoon.com www.xgcartoon.com static-a.xgcartoon.com — Cisco Umbrella Rank: 680248	445 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	511 KB
8	google.com www.google.com — Cisco Umbrella Rank: 11	4 KB
3	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 146856 static-de.ad4mat.net — Cisco Umbrella Rank: 189372	4 KB
3	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 1153	879 B
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 1171	2 KB
3	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 614	436 B
3	w55c.net cti.w55c.net — Cisco Umbrella Rank: 4390 ads.w55c.net — Cisco Umbrella Rank: 18839 i.w55c.net — Cisco Umbrella Rank: 2963	33 KB
2	webgains.com track.webgains.com — Cisco Umbrella Rank: 44441
2	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 16620	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 781	2 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 954	1 KB
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 1332	1 KB
2	ctnsnet.com 2 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 51511	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 637	529 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 178
2	gstatic.com www.gstatic.com fonts.gstatic.com	49 KB
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 106268	494 B
1	medialead.de pv.medialead.de — Cisco Umbrella Rank: 42019	466 B
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 76385	1 KB
1	lead-alliance.net 1 redirects www.lead-alliance.net — Cisco Umbrella Rank: 70859	330 B
1	telefonica-partner.de 1 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 70307	184 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1029	236 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 783	755 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1260	463 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 1499	413 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 1092	235 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2164	586 B
1	hspvst.com t.hspvst.com — Cisco Umbrella Rank: 192863	928 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	2 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1878	256 B
1	statcounter.com c.statcounter.com — Cisco Umbrella Rank: 12701	468 B
215	36

	Domain	Requested by
31	pagead2.googlesyndication.com	e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com pagead2.googlesyndication.com securepubads.g.doubleclick.net www.xgcartoon.com 81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com tpc.googlesyndication.com 497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
30	tpc.googlesyndication.com	e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com securepubads.g.doubleclick.net 81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com tpc.googlesyndication.com 497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com googleads.g.doubleclick.net www.xgcartoon.com pagead2.googlesyndication.com
28	securepubads.g.doubleclick.net	1 redirects cdn.ampproject.org e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com www.xgcartoon.com securepubads.g.doubleclick.net 81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com 497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com www.googletagservices.com
16	cm.g.doubleclick.net	1 redirects bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com www.xgcartoon.com 497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com googleads.g.doubleclick.net
12	assets.ad4m.at	as.ad4m.at
12	cdn.ampproject.org	www.xgcartoon.com cdn.ampproject.org
9	www.googletagservices.com	e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com 81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com 497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com googleads.g.doubleclick.net
8	ad4m.at	as.ad4m.at ad4m.at
8	as.ad4m.at	bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com as.ad4m.at googleads.g.doubleclick.net ad4m.at
8	www.google.com	tpc.googlesyndication.com 497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com googleads.g.doubleclick.net
6	e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com	cdn.ampproject.org
5	static-a.xgcartoon.com	www.xgcartoon.com
5	www.xgcartoon.com	www.xgcartoon.com cdn.ampproject.org
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	onetag-sys.com	2 redirects googleads.g.doubleclick.net
3	image6.pubmatic.com	3 redirects
3	x.bidswitch.net	bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com 497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com googleads.g.doubleclick.net
2	track.webgains.com	as.ad4m.at
2	ad.doubleclick.net	2 redirects
2	www.awin1.com	1 redirects as.ad4m.at
2	ssum-sec.casalemedia.com	2 redirects
2	prod-rtb.ad4mat.net	bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com googleads.g.doubleclick.net
2	c1.adform.net	2 redirects
2	um.simpli.fi	2 redirects
2	gcm.ctnsnet.com	2 redirects
2	match.adsrvr.org	bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com 497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com
2	bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.googleadservices.com	www.xgcartoon.com
2	497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.conrad.de	as.ad4m.at
1	pv.medialead.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	www.lead-alliance.net	1 redirects
1	www.telefonica-partner.de	1 redirects
1	static-de.ad4mat.net	as.ad4m.at
1	rtb.openx.net	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	cms.quantserve.com	497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com
1	i.w55c.net	497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com
1	csync.loopme.me	1 redirects
1	s.ad.smaato.net	bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com
1	dsp.adfarm1.adition.com	1 redirects
1	t.hspvst.com	497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com
1	ads.w55c.net	497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com
1	cti.w55c.net	497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.gstatic.com	e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com
1	fonts.googleapis.com	e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com
1	region1.google-analytics.com	cdn.ampproject.org
1	c.statcounter.com	www.xgcartoon.com
215	51

This site contains links to these domains. Also see Links.

Domain
cn.xgcartoon.com

Subject Issuer	Validity	Valid
*.xgcartoon.com AlphaSSL CA - SHA256 - G2	`2022-09-14` - `2023-10-16`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-24` - `2023-12-24`	a year	crt.sh
xgcartoon.com GTS CA 1P5	`2023-09-18` - `2023-12-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.w55c.net Amazon RSA 2048 M02	`2023-05-29` - `2024-06-25`	a year	crt.sh
ads.w55c.net Amazon RSA 2048 M02	`2023-07-19` - `2024-08-16`	a year	crt.sh
*.hspvst.com Gandi Standard SSL CA 2	`2022-12-12` - `2023-12-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-07-31` - `2023-10-29`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
pv.medialead.de R3	`2023-08-13` - `2023-11-11`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh

This page contains 35 frames:

Primary Page: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing
Frame ID: 1C1BBC37BF79796095A5A53441CC4670
Requests: 38 HTTP requests in this frame

Frame: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: AC79ED958A31FB6F83FF0C15B3C8641D
Requests: 11 HTTP requests in this frame

Frame: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: E5E131DC200A82B07F9F084F38F8E46D
Requests: 10 HTTP requests in this frame

Frame: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 490ECC876B0073B45DFD5758EE9238B1
Requests: 15 HTTP requests in this frame

Frame: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 619A46D6825400E9AC91B826F5140552
Requests: 10 HTTP requests in this frame

Frame: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 6DF3AFE86C6C52EFDF4E719EBB185FA1
Requests: 11 HTTP requests in this frame

Frame: https://81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 97F64C9D484C782E02A1C7597CA3F408
Requests: 1 HTTP requests in this frame

Frame: https://497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 11BB740709DFF22D110208FBC150B5F4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230918/r20190131/zrt_lookup.html
Frame ID: 858C185C4694692603123159AA15708C
Requests: 1 HTTP requests in this frame

Frame: https://bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 66BA29997D7EF48D82174329C887CA65
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b6KMqTAYqBIA24ZWjqYq8V8pGhE_E2wERo_hclhyfAY.js
Frame ID: 71E461C5C9A935118F80DC68BF2EA7B2
Requests: 1 HTTP requests in this frame

Frame: https://81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: AD50DFA23EE1B76F1CCBF118220594D6
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046732&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695159202633&bpp=295&bdt=248&idt=557&shv=r20230918&mjsv=m202309140101&ptt=5&saldr=sd&is_amp=1&correlator=54&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=2934163405&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31077698%2C44800659%2C44798323&oid=2&pvsid=3278015393583231&tmod=10187715&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w4v8eictjy61&fsb=1&dtd=573
Frame ID: DBA06B533E82A9186413A991556D3D07
Requests: 8 HTTP requests in this frame

Frame: https://497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: C2CE84781A117C150E4F91482428F53F
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0DF0A6B50FE85D3C345AD28720F58169
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 876FB544F7A6BCBBC4BD465DDC8E465C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B7C01E434D7FECD14B6734EEBCF745EE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 432722331DA26893DBC109E88B4B8F41
Requests: 2 HTTP requests in this frame

Frame: https://bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 1256AA902B4B80A6C210EE6B0D096B84
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AEDCFA42AEEB7EF8676E3C1989C7AD0A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 750FE3038B821152D9958A8B766C2613
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hpsv6fgs42jnssbn4jee6xtfwtz6tmr03vcj7mhkbf9fgxq9evb4z2qc5h802rq4b8gtajas3etp848r63khy901fnnr48hq2svgy2q6stan4pkqxv3kqey4szrere7s1q3szkx71gyr11ah72nqxffzn0j2weewbv5yw97mn0n3vjn9y4e2p8gxk9fa0114mvca6n7jcnvca198hc3yr4mjdh98zf4f0ye39egc7qydft1zd9kmw1e1x6gb4m8g015q0v7yqwk4z277e0qdgcpqgc3pt4p1wp9na67w3qhw0yg7k9r5bbfv5vdzavg2az6z8w52321kn06mycj2mwcvw7fp7ejs2bkg79d39t5xkzgz9qwbysr00j3prbq3xeqfsedf94evtenrmt75041cmw85k9v5tejw8r9330s4k414sy8wvxccj88n4j1a1gm46w578&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClQUmoxMKZejbBcy9gAff7Li4DJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAvxC_Kni7LE-4AIAqAMByAMCqgS1Ak_QeWu5L-EBq0UnNs5MeV_HrjCx65pJk7Mz0XpQgo9N53KJcKqVfWeVomdzDu8l9k-1MEMFfn_GVX19G5h5JTC9qj4e7ZmFNGOBaKJM9yUeL03dcV7qVrzcGGV_DdK1UrcUFDKSkaJgnFbasOJ5MJ0IuxyvzKeASpegRbF_xJsqWsWNkt4V2P7XN-Sm9QbI3PnAwKUqthgWw04gyC1W-PobwhrAtL7X1RaZcHCqae4mgSkKi2CMAuWsceXMW_EWDa0MlI-XxRwEX8lnxKgamceAq0WLtaQz2Q3ZyDSRzk5yxa8BIgrNu662OxexSJ25M7vsDxL0HCCjV4H_OHO3WlqSBLkr6nyMhx8tJLd-21TwzjRRYO_vFhy2QXlrabpujEi26zWccnmGKnr-kz91KkmUmNgLNuAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gTmDX4p-uhR3rpVQTp1QNS5YpUQ%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: AD34ACC4589188C01B6DDA5A9EC6A593
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8CBBA4550A67ED2CE3FCA8C4AA4F3C16
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C015A42B234144A982BF1444EAC1297D
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1grbps6n4nmzgp6qkk682s0cd5wq5qzpkmqcxgg6qx4ap475dk02hw073ahq9xkc8r23jd5t7xc0mb3jc79awgwxqaxkkxdtwwm7g7yks7e6qb99evy7ggqzaywwgrre0vzpavamxhm1wzeaj4aqcfhjq0zcpf4evqvxe5q95nyvhqderdcx4a9ka06xjhg3g9wstqssqn887teqj612w7eapdjkkxy6q8a1vhs89s185swad1d50x4ppc23d877rst1mvwskqq8r51rx5mm27y9gnwbv565wqz19chn7hsgdfddp2p3hpx41vqpja77579fkym3nwvqwejzxnxz8e156cjxm9memhgdnp34zvpgn692y81azrbpzsxbnpj3w8gjvcbm25qts32483mwqbq281tp400yaye92n4jnqmshnz13p3wjbswfvt60sdrx0thzfw218&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD8N6oxMKZeCQE-Oi2OMPiZCusAKQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLQPwr2qOuxPqgDAcgDAqoEzQFP0Pwqc3bGeJBTeE58gb091-L4lM09MZi8UHtsbtanzuM-JlwHQgneLuF4Y0glS6-VPij5Zav66PL2SyreldPxK40ufV4vo9fMeZSx8PYIe87XaWODPdg6Tye4VdQYkPmg0gfuJD9L8ryFhqRj_W47sTJIyAXKHGmF1Cx7mwWE1MC9smgTmDSwIFl_4OUnP5cao-MvTyxwG-fCDCrkFoCneVOE9Rh93dof5SVg6SGQPqgrdwcnLLyiQQnQm5YXRB7XkFqXvctJlMNpARD0gAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2AkqO9FcVbaAXJSj0y1GrkzyxtGw%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: A532D81036BFABA7842C1D02CC03C4A3
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B0E14F49B6A0BEE89851ACB1EED59260
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 44375970C74905F4AE961232935EE8F1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=4198761067&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fe800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695159203392&bpp=301&bdt=174&idt=560&shv=r20230918&mjsv=m202309140101&ptt=5&saldr=sd&correlator=2839905337117&frm=8&ife=1&pv=2&ga_vid=1636855247.1695159204&ga_sid=1695159204&ga_hid=677166799&ga_fc=0&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1913803454&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759842%2C44759876%2C31077704%2C31077970%2C31077857&oid=2&pvsid=4384785029985644&tmod=657798248&uas=0&nvt=1&top=https%3A%2F%2Fwww.xgcartoon.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.9rxer3u5hdfq&fsb=1&dtd=574
Frame ID: 07F491D94CBB7D1AB13EC7CD7D824B1E
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: ADCC7F8E67C4033A2E231B8D8515A597
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C15579&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=300&d=250&e=&g=4658bd69ca303d73d2299f2e79cd6f2e%2F7936394491961583521&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1695159204165&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hamsqpzc10b5hch8h90me23t0npkkyp7kwanarkbkq4m6wkasymj0wty6s7xhe12wksbt2nggxkfbjpn0p77dat8ac8svr25y7dp5vrfx2at71cdvr0wbff6pp4wt5sm9fh82qm19s7thjynkxcawmd8gky2v5mckecpjpdav5fdqthdptqe57vxj8b4mje09tdrdmx2a7cmajfey9z12gzgk01dq5dbmtynfd2dda6ce6j6fctp2gr1knxyyxkvkj24gfk2b9ry3hn29drqqm8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClQUmoxMKZejbBcy9gAff7Li4DJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAvxC_Kni7LE-4AIAqAMByAMCqgS1Ak_QeWu5L-EBq0UnNs5MeV_HrjCx65pJk7Mz0XpQgo9N53KJcKqVfWeVomdzDu8l9k-1MEMFfn_GVX19G5h5JTC9qj4e7ZmFNGOBaKJM9yUeL03dcV7qVrzcGGV_DdK1UrcUFDKSkaJgnFbasOJ5MJ0IuxyvzKeASpegRbF_xJsqWsWNkt4V2P7XN-Sm9QbI3PnAwKUqthgWw04gyC1W-PobwhrAtL7X1RaZcHCqae4mgSkKi2CMAuWsceXMW_EWDa0MlI-XxRwEX8lnxKgamceAq0WLtaQz2Q3ZyDSRzk5yxa8BIgrNu662OxexSJ25M7vsDxL0HCCjV4H_OHO3WlqSBLkr6nyMhx8tJLd-21TwzjRRYO_vFhy2QXlrabpujEi26zWccnmGKnr-kz91KkmUmNgLNuAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3gTmDX4p-uhR3rpVQTp1QNS5YpUQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: 279F30AC45ABE10328321BBAB2262E22
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14019%2C197862%2C175059&b=3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CkkDa5f3fdjzGh4HwHetBtXYGdsZSjTmmAa91Ye&f=WPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CzGDuRfYfqe1wCpHBHMtJCPV4BtVSwTQQ8fGm3k&c=120&d=600&e=&g=92771391067931a9aa325ff2a34a5352%2F12837300214234493813&i=21596%2C71725%2C65915&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1695159204169&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjpk72tvd1016c37ac44309vtp6j9pnb74cafbdf36jytqgjz6zz9cxhfa67b0ryfvay71d6y0beh6n6wp3eyprtkj3wvgy8nhrvm94xjdqt6wftx78gys8d3pb1b10f84gt08s6z2ynhv3zesz8d4dvgsc5vpz4y5fanxe2hzkq4d92m6re1xyhmzzck4h96za2hd7yhmp4k82em75bkxsg2af5rbk4qgfc4f3hwyqgzcabzhz558w66zpb7xc53ay579dv6jksc8zvtmf95jw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCD8N6oxMKZeCQE-Oi2OMPiZCusAKQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLQPwr2qOuxPqgDAcgDAqoEzQFP0Pwqc3bGeJBTeE58gb091-L4lM09MZi8UHtsbtanzuM-JlwHQgneLuF4Y0glS6-VPij5Zav66PL2SyreldPxK40ufV4vo9fMeZSx8PYIe87XaWODPdg6Tye4VdQYkPmg0gfuJD9L8ryFhqRj_W47sTJIyAXKHGmF1Cx7mwWE1MC9smgTmDSwIFl_4OUnP5cao-MvTyxwG-fCDCrkFoCneVOE9Rh93dof5SVg6SGQPqgrdwcnLLyiQQnQm5YXRB7XkFqXvctJlMNpARD0gAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2AkqO9FcVbaAXJSj0y1GrkzyxtGw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: 999E81487F2F44ACB0024C2485C5DD0C
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EFE837023115EA2A94689CB69F5014E1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F9124F88E5010D8C67E055E959BA2CE1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3D266B4EB3E7B837B6009D8BFCF45D21
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 247A62EA066E5471888ACA07C472FEF3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🍸果果成長日記(4K)【國語】免費高清卡通動漫在線看 - 西瓜卡通

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js
tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

215
Requests

93 %
HTTPS

50 %
IPv6

36
Domains

51
Subdomains

37
IPs

10
Countries

4220 kB
Transfer

9049 kB
Size

33
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://cn.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing
Title: 简

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78

https://securepubads.g.doubleclick.net/pagead/adview?ai=C5ZEnnhMKZemJMJOygQerp7XoB_rS6K5y69nG2_4QZBABINPLzjBglcKmgrAHoAHY9pa3AsgBCakC_EL8qeLssT7gAgCoAwHIA9sEqgTCAk_QuOWMgp9CZg59tzhR8nW7g9mO2XahWZwSq_M7u9Jt94FcGYhpY7ZN0ZmFNToOfkL7n8UMElyKCrI_mgJ-tlTi3IOxkWYfYniWCybI5z62QjiS7qhN3jE_9sLT2VXtBJY2P2bGMiW35tZ0-71DwFSQM2L9qeWG6KJLs7CKe-129zUrhF3AiqE0QT7ftbuYRWSgpeczATlaLfYHJ66ypm2agNX8_MWppyfjf8ntdFB5uCR4MoaJMiq2aHQYYYCuwte98SNMuVG-OC51JbhQudeKRWpt4lLKGE5WEkhu6dkEWVtXxYj3-U8yHv77Ri4WL0n_JVTA4g1lSJneKyPcY9M25iAOg678tW5S3lFex5QInoxigq3sQQXlcUu-MArkrzeWMqBvjMDdpbT-Tu6ukX1r4R54ivJeQQBukBXWtyOQW7jABLu4v5j6A-AEAYgFwsPb4z-SBQQIBBgBkgUECAUYBKAGLoAHkInpyAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxCCN9IIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCTpodHRwczovL3d3dy5sYXNlcnpvbmUuZGUvbnJ3L2JpZWxlZmVsZC9sYXNlcnRhZy1iaWVsZWZlbGQvgAoDyAsBmAzbpseY-gO4E4ME2BMO0BUBmBYBgBcBshceChwIABIUcHViLTMwMzkxOTk1MDM0MDM2MzQYmdIh&sigh=P31fes8iw48&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWcM_UAPD0stGJn4RB16DudVcnDd5_QRgB&template_id=515&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221615902222679683441%22,%22debug_reporting%22:true,%22destination%22:%22https://laserzone.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22652589912%22],%224%22:[%2209-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212123560022929737089%22}&andc=true

Request Chain 130

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEG3f_SlQc-ISN5KchSbkfiI&google_cver=1&google_push=AXcoOmSF-P-7yGTiYvAZI360zNytKOoZwVFQyskFvFclNPnwWf3NU1xkWLkAhElSRkle2Weyn7c82PGpM0DpofZRn5HSUOu3Q122dw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSF-P-7yGTiYvAZI360zNytKOoZwVFQyskFvFclNPnwWf3NU1xkWLkAhElSRkle2Weyn7c82PGpM0DpofZRn5HSUOu3Q122dw&google_hm=16DkE-dYQFavRzRYet0TVGw

Request Chain 131

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAwj_gAieac0CRlxJascPI4&google_cver=1&google_push=AXcoOmQjK1uaVBmqHQt4S1jb5Q-89LjmLnGgVBR3ifoL9pyu5PjdYzX20CpT2iaLMA3bJIk7oBJ-s4E-zcpF-gLpZbN4SjbnLQrn5w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4MDY1MzMzODQxMjUxMzQzMA%3D%3D&google_push=AXcoOmQjK1uaVBmqHQt4S1jb5Q-89LjmLnGgVBR3ifoL9pyu5PjdYzX20CpT2iaLMA3bJIk7oBJ-s4E-zcpF-gLpZbN4SjbnLQrn5w

Request Chain 133

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPxGdQOuJJajjAqdn8Iz6uI&google_cver=1&google_push=AXcoOmRiNS_Ef_RNcXagLzva00RN7tT3lL7uD0TICUb5zFp6dI5AFbc-kX_dW2G3fUPqk1A2LCAQ3I5ynVV5wgzWpWj8Bd_pCSbltQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPxGdQOuJJajjAqdn8Iz6uI&google_cver=1&google_push=AXcoOmRiNS_Ef_RNcXagLzva00RN7tT3lL7uD0TICUb5zFp6dI5AFbc-kX_dW2G3fUPqk1A2LCAQ3I5ynVV5wgzWpWj8Bd_pCSbltQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OxoQ3ssTRXq2nWPx2ksueg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRiNS_Ef_RNcXagLzva00RN7tT3lL7uD0TICUb5zFp6dI5AFbc-kX_dW2G3fUPqk1A2LCAQ3I5ynVV5wgzWpWj8Bd_pCSbltQ

Request Chain 135

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESED30eo7_uz7ix0emm--kbek&google_cver=1&google_push=AXcoOmSghp2zs81JpnpyfCnL3DnNUZWU1SlqwgYqU5AArZjt_gpAsI6LJSmdaxK7nd6Ne65j6NAWDSdcj9oDreGVLuf7V5oMq5bMvw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=cc858898-0cc0-4044-800e-e62f2a836e98&google_cver=1&google_gid=CAESED30eo7_uz7ix0emm--kbek&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSghp2zs81JpnpyfCnL3DnNUZWU1SlqwgYqU5AArZjt_gpAsI6LJSmdaxK7nd6Ne65j6NAWDSdcj9oDreGVLuf7V5oMq5bMvw&gdpr=${GDPR}

Request Chain 149

https://um.simpli.fi/gp_match?google_gid=CAESEK-PUVr7IQMFRQ7JZ7sMIfc&google_cver=1&google_push=AXcoOmTi-wKjq0pXux8DgHcjxzvLUgAj1TCPHlyzUhcuH4MuiVCfWZhA4q8OeqVLTqwhTGdv-eu4GHn5VTsZENHY1gZr9QyOFA2F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=69ABA07BFEA041508961D73AF1047730&google_push=AXcoOmTi-wKjq0pXux8DgHcjxzvLUgAj1TCPHlyzUhcuH4MuiVCfWZhA4q8OeqVLTqwhTGdv-eu4GHn5VTsZENHY1gZr9QyOFA2F

Request Chain 151

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEG3f_SlQc-ISN5KchSbkfiI&google_cver=1&google_push=AXcoOmRMg3z-wPOLIYafzOvFXveSnmDF2ef5gxgcjE8eB0TKmwOwGKUnHsHRbHzpRhxAJ0I2Q2xpADfWt7e43L40ZTZjuF7mq3L3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRMg3z-wPOLIYafzOvFXveSnmDF2ef5gxgcjE8eB0TKmwOwGKUnHsHRbHzpRhxAJ0I2Q2xpADfWt7e43L40ZTZjuF7mq3L3&google_hm=16DkE-dYQFavRzRYet0TVGw

Request Chain 153

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEH430nkc0c6n-9GFBVSVM08&google_cver=1&google_push=AXcoOmSetsx4p_kGoshLtUmq3qIbhLmYOHcSdv2BM7t-oBO1v4IyZhriwpFK-0agBwzsUmd5SYT9FSqyohsFAOmEETTzKjGYSeo HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEH430nkc0c6n-9GFBVSVM08&google_cver=1&google_push=AXcoOmSetsx4p_kGoshLtUmq3qIbhLmYOHcSdv2BM7t-oBO1v4IyZhriwpFK-0agBwzsUmd5SYT9FSqyohsFAOmEETTzKjGYSeo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE5NTAxNzQyODUyNzYxMTU4OA&google_push=AXcoOmSetsx4p_kGoshLtUmq3qIbhLmYOHcSdv2BM7t-oBO1v4IyZhriwpFK-0agBwzsUmd5SYT9FSqyohsFAOmEETTzKjGYSeo

Request Chain 154

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAdJZWlIMf6fxgEZY2-gncU&google_cver=1&google_push=AXcoOmR-UbPIa8Qw2ccBeV3TlisvcfSgRMx06DO3K46Pq7VJ8HKtDH7VT3NYtYbKNYNyg1tNjmeYp-_EyiWydAkg2vEgizZLtm4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR-UbPIa8Qw2ccBeV3TlisvcfSgRMx06DO3K46Pq7VJ8HKtDH7VT3NYtYbKNYNyg1tNjmeYp-_EyiWydAkg2vEgizZLtm4

Request Chain 165

https://um.simpli.fi/gp_match?google_gid=CAESEK-PUVr7IQMFRQ7JZ7sMIfc&google_cver=1&google_push=AXcoOmQJGF3Xgl05mo-sXJrTGlHgOeLH5YVALX_hmo5X6UexpCQYsNLTmXk5x88XGOx93OwzXOwd-dvapUEyWVPKR-SXxqELyxg-fGiyFMS-gVHjLqNZ7JdyXT3iTomANMCa2Qc8PDyukdu8Fo0G9Rxf2thM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=69ABA07BFEA041508961D73AF1047730&google_push=AXcoOmQJGF3Xgl05mo-sXJrTGlHgOeLH5YVALX_hmo5X6UexpCQYsNLTmXk5x88XGOx93OwzXOwd-dvapUEyWVPKR-SXxqELyxg-fGiyFMS-gVHjLqNZ7JdyXT3iTomANMCa2Qc8PDyukdu8Fo0G9Rxf2thM

Request Chain 167

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEF2ljgX3YTfMfpDTdLfDZhE&google_cver=1&google_push=AXcoOmRA4F2YWdkMZFaFX-a1mktf7maCun2misq6mdigJvP2uiEsP0gEmowvw3oaebK8a_vBS_Gb70MBAUzksRI9pmEsKZ4cd1bHb0dZ67zKAntnLUbXIxUO3E6vFp1yjIt_T07zujZEY7XOO9FFx-g4C_QH HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRA4F2YWdkMZFaFX-a1mktf7maCun2misq6mdigJvP2uiEsP0gEmowvw3oaebK8a_vBS_Gb70MBAUzksRI9pmEsKZ4cd1bHb0dZ67zKAntnLUbXIxUO3E6vFp1yjIt_T07zujZEY7XOO9FFx-g4C_QH&google_hm=eS1GTVBITzlsRTJwRnloUE0yUXNJcm9Ddk9EY3BpaWhCU35B

Request Chain 169

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPxGdQOuJJajjAqdn8Iz6uI&google_cver=1&google_push=AXcoOmQ8H6il2wDED6vMhQAzLqzu4WRzMY_o-l1SGgRjGqaAQWfbDyhqDcs8Qe9boyYV7_NGQ4MrI8C1cL1-fc0V23bmMznKGiwty3tKhsNuh_QLCGzEI2RHO7_ET3UCl11M0pAD2_XB0hrnabDaiu7jHtPL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OxoQ3ssTRXq2nWPx2ksueg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQ8H6il2wDED6vMhQAzLqzu4WRzMY_o-l1SGgRjGqaAQWfbDyhqDcs8Qe9boyYV7_NGQ4MrI8C1cL1-fc0V23bmMznKGiwty3tKhsNuh_QLCGzEI2RHO7_ET3UCl11M0pAD2_XB0hrnabDaiu7jHtPL

Request Chain 170

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEDqF85HhqjeZo2OZTRd9SM&google_cver=1&google_push=AXcoOmRuUDcNiJBNt_GaWdyTC9PLqkquFnGK86FpZGvlOwjHloPLrAMv9mi115bDC5m6VOyVZZrBcMnx0JKoFCDhM4vRcGNqEOkI0-Q1ukbuSa_cMrai8wLEe4mZvRYIYKN2F25tNUIWthub1nPOrIr8jes8 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEDqF85HhqjeZo2OZTRd9SM&google_push=AXcoOmRuUDcNiJBNt_GaWdyTC9PLqkquFnGK86FpZGvlOwjHloPLrAMv9mi115bDC5m6VOyVZZrBcMnx0JKoFCDhM4vRcGNqEOkI0-Q1ukbuSa_cMrai8wLEe4mZvRYIYKN2F25tNUIWthub1nPOrIr8jes8&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEDqF85HhqjeZo2OZTRd9SM&google_hm=ZQoTpHMSLsPyb5hkf5sFpwAADOcAAAAB&google_nid=index&google_push=AXcoOmRuUDcNiJBNt_GaWdyTC9PLqkquFnGK86FpZGvlOwjHloPLrAMv9mi115bDC5m6VOyVZZrBcMnx0JKoFCDhM4vRcGNqEOkI0-Q1ukbuSa_cMrai8wLEe4mZvRYIYKN2F25tNUIWthub1nPOrIr8jes8

Request Chain 171

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAdJZWlIMf6fxgEZY2-gncU&google_cver=1&google_push=AXcoOmR5Zn2mpVkFRXzvF9fIh20ICI_Qw6OZBqtuUCBlGJj3oOVGkVjxHIpvNaFy4HjdMsomQ7_WCYOPGNvLmgN_R_LTjAA5vlQ70aYxwMnD6QY96FjqsPlFb82hmmDGo8toB4r4m7E5glt6k_Ltnhc7wC5enQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR5Zn2mpVkFRXzvF9fIh20ICI_Qw6OZBqtuUCBlGJj3oOVGkVjxHIpvNaFy4HjdMsomQ7_WCYOPGNvLmgN_R_LTjAA5vlQ70aYxwMnD6QY96FjqsPlFb82hmmDGo8toB4r4m7E5glt6k_Ltnhc7wC5enQ HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 195

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dmm_SUBIDTEST_view HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CI7B35HQt4EDFZ-R_Qcd7cgCIg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dmm_SUBIDTEST_view HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view HTTP 302
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023091923332588983589163X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023091923332588983589163X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218

Request Chain 202

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1695159204_29b41e11-5734-11ee-898e-223287d3f473&insert=AW&&gdpr=0&gdpr_consent=

215 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request guoguochengzhangriji4kguoyu-wangzhaobing Show response
www.xgcartoon.com/detail/ 99 KB
19 KB 878ms
426ms Document
text/html 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6913fc807ae2a9adc032eba5049753e0ad2cecc858f1e23e32cdc0c00fb6e92e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=60
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 19 Sep 2023 21:33:17 GMT
etag: "18c0b-RqrMH1jAk3Zmn6P4lDZ4JPAJGPs"
expires: Tue, 19 Sep 2023 21:34:17 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 277 KB
71 KB 263ms
131ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5b67149257bc5b172463989ab9e0f33a2229adc07012eb7a7c90468505bd6d1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 19 Sep 2023 21:33:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73017
x-xss-protection: 0
server: sffe
etag: "1fbcd51b50b3cf51"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 21:33:17 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/v0/ 82 KB
23 KB 245ms
113ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07df410a176c32b013d26ce0b4db400e46aebd9b2018752192543475a2a3e277

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 19 Sep 2023 21:33:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23158
x-xss-protection: 0
server: sffe
etag: "8a714469099e0dc8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 21:33:17 GMT

GET
H2 200 amp-autocomplete-0.1.js Show response
cdn.ampproject.org/v0/ 29 KB
10 KB 177ms
49ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a2c94a2249fc39e6b610f4dcad6dcd8e0ddab399007f146abdd21f6b25022de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 19 Sep 2023 21:33:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9457
x-xss-protection: 0
server: sffe
etag: "89b1af06ee85e758"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 21:33:17 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/v0/ 49 KB
15 KB 216ms
89ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-form-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31e8df25e1cae2d82c9d61e7020d99e9d0afe919a0d9139d505c46d34b43f476

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 19 Sep 2023 21:33:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14976
x-xss-protection: 0
server: sffe
etag: "3510a6706d31dd7a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 21:33:17 GMT

GET
H2 200 amp-mustache-0.2.js Show response
cdn.ampproject.org/v0/ 45 KB
15 KB 187ms
61ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-mustache-0.2.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d24822b2b52ecc6c409876ef17e44560c2519fd4b4fd953ad40588c2d50bf828

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 19 Sep 2023 21:33:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15367
x-xss-protection: 0
server: sffe
etag: "363c8866aed1f1f2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 21:33:17 GMT

GET
H2 200 amp-social-share-0.1.js Show response
cdn.ampproject.org/v0/ 14 KB
5 KB 232ms
105ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-social-share-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4095ef60dc2a51dadc1d2f407052a07ba2358e86c5b748a784328e2e6376722c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 19 Sep 2023 21:33:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4735
x-xss-protection: 0
server: sffe
etag: "f4656ca95aa76a9d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 21:33:17 GMT

GET
H2 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/v0/ 40 KB
10 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d524ce5d2397ffe8ef2f9771a41cc80b3e9ba474fe88ffa38382901da891af7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 19 Sep 2023 21:33:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10344
x-xss-protection: 0
server: sffe
etag: "4a70bd87a093b2a9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 21:33:17 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
31 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

593dcf703b3dd6a15b5130c1c82bc85076d4fa5aadccad68e62ef4a44a8f87ab

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 19 Sep 2023 21:33:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32117
x-xss-protection: 0
server: sffe
etag: "a2077d8c9b16930f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Sep 2023 21:33:17 GMT

GET
H2 200 /
c.statcounter.com/12916097/0/c55d9f9f/1/ 49 B
468 B 270ms
173ms Image
image/gif 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.statcounter.com/12916097/0/c55d9f9f/1/
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:17 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
cf-ray: 8094f2398c403a9e-FRA
content-length: 49
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 logo.png
www.xgcartoon.com/img/ 13 KB
13 KB 226ms
226ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/logo.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:17 GMT
last-modified: Sun, 28 Aug 2022 14:10:33 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"3473-182e4ca3706"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 13427
expires: Tue, 19 Sep 2023 21:36:17 GMT

GET
H2 200 guoguochengzhangriji4kguoyu-wangzhaobing.jpg
static-a.xgcartoon.com/cover/ 96 KB
96 KB 4295ms
4021ms Image
image/png 2606:4700:10::6816:2f93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/guoguochengzhangriji4kguoyu-wangzhaobing.jpg?w=230&h=280&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2f93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9f08e0e42d6f997f85664e63335c38150a82d4aed7ba2cecd17ad1e2c70061b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:20 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 03 Jul 2023 05:26:47 GMT
server: cloudflare
etag: "5A180706EC4FACADD64043A1DA396D7A"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8094f23cff9130e8-FRA
content-length: 97871
expires: Fri, 22 Sep 2023 21:33:19 GMT

GET
H2 200 play.png
www.xgcartoon.com/img/ 470 B
667 B 226ms
225ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/play.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:18 GMT
last-modified: Wed, 17 Aug 2022 11:09:20 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"1d6-182ab7e5700"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 470
expires: Tue, 19 Sep 2023 21:36:18 GMT

GET
H2 200 star.png
www.xgcartoon.com/img/ 424 B
621 B 227ms
226ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/star.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:18 GMT
last-modified: Wed, 17 Aug 2022 11:09:12 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"1a8-182ab7e37c0"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 424
expires: Tue, 19 Sep 2023 21:36:18 GMT

GET
H2 200 jiangguozhitianyingxingriyu-jiatengzhengnai.jpg
static-a.xgcartoon.com/cover/ 80 KB
80 KB 4215ms
3941ms Image
image/png 2606:4700:10::6816:2f93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/jiangguozhitianyingxingriyu-jiatengzhengnai.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2f93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d82fb2f5bcec9f5fdf6cb0002d1eca7b46122e1920e0acc73dfa3a383be04aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:18 GMT
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 05:30:12 GMT
server: cloudflare
etag: "2FDAF1C6D46517519153E47FB2FA3F71"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8094f23cff9330e8-FRA
content-length: 81739
expires: Fri, 22 Sep 2023 09:00:13 GMT

GET
H2 200 sanyanxiaotianlu_dongtaimanhua_di1ji-liusa.jpg
static-a.xgcartoon.com/cover/ 76 KB
76 KB 4294ms
4020ms Image
image/png 2606:4700:10::6816:2f93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/sanyanxiaotianlu_dongtaimanhua_di1ji-liusa.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2f93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47033d2ead9c33914d4f69347560b72578a35178fcd0edc1b11b1fac372bb233

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:19 GMT
cf-cache-status: HIT
last-modified: Tue, 27 Dec 2022 01:09:58 GMT
server: cloudflare
etag: "41E71E16C24EBB62C80B73BF78935185"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8094f23cff9530e8-FRA
content-length: 78059
expires: Fri, 22 Sep 2023 11:07:54 GMT

GET
H2 200 reshangshouxizongcai_dongtaimanhua_dierji-youluwenhua.jpg
static-a.xgcartoon.com/cover/ 75 KB
75 KB 4294ms
4021ms Image
image/png 2606:4700:10::6816:2f93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/reshangshouxizongcai_dongtaimanhua_dierji-youluwenhua.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2f93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a164e0223db575926d77e703cb06a636acd3fc75ccd163b916aee331e1b82d10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:19 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Jan 2023 06:43:43 GMT
server: cloudflare
etag: "B6CEDDFF834FE1BFFB1D6FFE7FC568E7"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8094f23cff9630e8-FRA
content-length: 76948
expires: Fri, 22 Sep 2023 08:05:10 GMT

GET
H2 200 yishiduzun4kguoyu-yueruhuo.jpg
static-a.xgcartoon.com/cover/ 81 KB
82 KB 4294ms
4020ms Image
image/png 2606:4700:10::6816:2f93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/yishiduzun4kguoyu-yueruhuo.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2f93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aac14e5e84bdd11591e1c0f01324bb1ca5991e26524438e299eb2d28cea422e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:19 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Jun 2023 05:25:34 GMT
server: cloudflare
etag: "40C9C91B6B9140F7107D4728B96E1B31"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8094f23cff9830e8-FRA
content-length: 83316
expires: Fri, 22 Sep 2023 11:01:44 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012309082229000/v0/ 8 KB
3 KB 126ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309082229000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

620ffdaa666bbf15e58038ef061ba78acbf5729c714fa3e991c025089009c23c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Sep 2023 19:01:48 GMT
age: 9090
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2974
x-xss-protection: 0
server: sffe
etag: "a25d3dc3efab77a0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Sep 2024 19:01:48 GMT

GET
H3 200 amp-ad-network-doubleclick-impl-0.1.js Show response
cdn.ampproject.org/rtv/012309082229000/v0/ 237 KB
63 KB 94ms
46ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309082229000/v0/amp-ad-network-doubleclick-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15d0b16ddf2081e93f76e34160de1a1fb86c59646b6121e2bad441860420f03f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Sep 2023 19:01:48 GMT
age: 9090
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64178
x-xss-protection: 0
server: sffe
etag: "e43e0d72aa44a7b8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Sep 2024 19:01:48 GMT

GET
DATA 200
OK truncated
/ 393 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 953 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 792 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 440 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 394 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 308 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 227 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 154 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012309082229000/v0/ 12 KB
4 KB 75ms
42ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309082229000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94d24d38cbc44ff8e2821d5172b11409ce6c6c0485fd3a3c2ea56c679a6aaa61

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Sep 2023 19:01:48 GMT
age: 9090
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3934
x-xss-protection: 0
server: sffe
etag: "178fe5d904a50e55"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Sep 2024 19:01:48 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 142 KB
43 KB 4050ms
3925ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_header&adk=1412529771&sz=728x90%7C728x90&output=html&impl=ifr&ifi=1&msz=1200x-1&psz=1200x-1&fws=4&adf=2815854195&nhd=0&adx=436&ady=120&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309082229000&d_imp=1&c=54&ga_cid=amp-_bombsFQEQFAVTzKYFcvRA&ga_hid=54&dt=1695159198155&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguoguochengzhangriji4kguoyu-wangzhaobing&bdt=594&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fcdba554ac3bf63bca7163b61cb6ecdb33888daac00393a0603320788762d5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:19 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43408
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: COnQho_Qt4EDFRNZ4Aodq1MNfQ
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Tue, 19 Sep 2023 21:33:19 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
14 KB 4032ms
3910ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_vrec_1&adk=3018598273&sz=320x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=2&fluid=height&msz=232x-1&psz=232x-1&fws=4&adf=1409058554&nhd=0&adx=350&ady=801&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309082229000&d_imp=1&c=54&ga_cid=amp-_bombsFQEQFAVTzKYFcvRA&ga_hid=54&dt=1695159198156&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguoguochengzhangriji4kguoyu-wangzhaobing&bdt=595&dtd=12&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4525acb8a165c9a85324df303093eb859b331e05785f0b6d917134eea59159e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:18 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 120x600
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13037
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CKe06o7Qt4EDFUQHVQgdqt8Puw
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138351399041
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Tue, 19 Sep 2023 21:33:18 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 67 KB
23 KB 4039ms
3917ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_hrec_1&adk=948107268&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=3&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=2674978360&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309082229000&d_imp=1&c=54&ga_cid=amp-_bombsFQEQFAVTzKYFcvRA&ga_hid=54&dt=1695159198156&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguoguochengzhangriji4kguoyu-wangzhaobing&bdt=595&dtd=14&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

987949d39bdd7f9f9ea5b3912c856531bb93a2bfa06bb52daea8287078086aaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:18 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 300x600
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23294
x-xss-protection: 0
google-lineitem-id: 6350518020
x-qqid: CNqz6o7Qt4EDFWUJVQgdkhADSg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138441312640
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Tue, 19 Sep 2023 21:33:18 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 67 KB
23 KB 4091ms
3969ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_vrec_1&adk=132656383&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=4&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=1627611741&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309082229000&d_imp=1&c=54&ga_cid=amp-_bombsFQEQFAVTzKYFcvRA&ga_hid=54&dt=1695159198156&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguoguochengzhangriji4kguoyu-wangzhaobing&bdt=595&dtd=15&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3609e2bfaf2b1695c7082465faf8400897aacbbb0a3bc10bb14d0adfe09a9fc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:19 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 300x600
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23281
x-xss-protection: 0
google-lineitem-id: 6350518038
x-qqid: CNi-6o7Qt4EDFRzXEQgdDzAKVg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138440647307
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Tue, 19 Sep 2023 21:33:19 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 66 KB
23 KB 4109ms
3989ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_hrec_1&adk=156774037&sz=320x50%7C728x90%7C468x60&output=html&impl=ifr&ifi=5&fluid=height&msz=892x-1&psz=892x-1&fws=4&adf=1662822972&nhd=0&adx=954&ady=988&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2309082229000&d_imp=1&c=54&ga_cid=amp-_bombsFQEQFAVTzKYFcvRA&ga_hid=54&dt=1695159198156&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguoguochengzhangriji4kguoyu-wangzhaobing&bdt=595&dtd=16&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4159352737d936fb6a37ebbb9c792554d8f1ead757bdc43bc59ec354c3de9440

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:19 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
google-mediationgroup-id: -2
x-creativesize: 728x90
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23267
x-xss-protection: 0
google-lineitem-id: 6136661665
x-qqid: CKvc6o7Qt4EDFUn_EQgdr8EDhg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138370495019
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Tue, 19 Sep 2023 21:33:19 GMT

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012309082229000/v0/analytics-vendors/ 2 KB
886 B 3205ms
3204ms Fetch
application/json 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309082229000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Sep 2023 19:01:36 GMT
age: 9106
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 856
x-xss-protection: 0
server: sffe
etag: "bb5b0e8e9955f6c7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Sep 2024 19:01:36 GMT

GET
H2 200 ga4.json Show response
www.xgcartoon.com/js/ 4 KB
2 KB 3388ms
3388ms Fetch
application/json 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xgcartoon.com/js/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing
AMP-Same-Origin: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:22 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 10:49:40 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"11d8-187c255423d"
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
cache-control: max-age=180
accept-ranges: bytes
expires: Tue, 19 Sep 2023 21:36:22 GMT

GET
H2 200 container.html
e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ 0
0 174ms
49ms Other
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H2 200 container.html Show response
e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AC79 6 KB
3 KB 160ms
48ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 21:33:22 GMT
expires: Wed, 18 Sep 2024 21:33:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E5E1 6 KB
3 KB 152ms
50ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 21:33:22 GMT
expires: Wed, 18 Sep 2024 21:33:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 490E 6 KB
3 KB 114ms
52ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 21:33:22 GMT
expires: Wed, 18 Sep 2024 21:33:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 619A 6 KB
3 KB 102ms
56ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 21:33:22 GMT
expires: Wed, 18 Sep 2024 21:33:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6DF3 6 KB
3 KB 89ms
54ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 21:33:22 GMT
expires: Wed, 18 Sep 2024 21:33:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 133ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8WE8LSVZQB&ds=AMP&_p=54&cid=amp-_bombsFQEQFAVTzKYFcvRA&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguoguochengzhangriji4kguoyu-wangzhaobing&dr=&dt=%F0%9F%8D%B8%E6%9E%9C%E6%9E%9C%E6%88%90%E9%95%B7%E6%97%A5%E8%A8%98(4K)%E3%80%90%E5%9C%8B%E8%AA%9E%E3%80%91%20%E5%85%8D%E8%B2%BB%E9%AB%98%E6%B8%85%E5%8D%A1%E9%80%9A%E5%8B%95%E6%BC%AB%E5%9C%A8%E7%B7%9A%E7%9C%8B%20-%20%E8%A5%BF%E7%93%9C%E5%8D%A1%E9%80%9A&_fv=1&_ss=1&__dbg=1&en=page_view&sid=1695159202&sct=1&seg=1&_et=4000&gcs=
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xgcartoon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 21:33:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.xgcartoon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame AC79 18 KB
8 KB 199ms
79ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com
URL: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3f8b45c06abfc7f1d1e424a087d1f5d5d9b80a7bc0104d68e4f0737f30a5ff8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7885
x-xss-protection: 0
server: cafe
etag: 13648391237744692648
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 21:33:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AC79 182 KB
57 KB 153ms
51ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com
URL: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 21:33:22 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame AC79 0
461 B 78ms
77ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXn7ZfYiHKTtbgERdN9_UwEhs6CHou0uoeUDL1QguW13SACe9BQ_USAGgnwAK5SYnQQR1406qlh4smr3GJ3vcqUTOHREr2MTA7_hbZakuKKJPWAD0kBstfnytYykg30xfDQzqcaNFDWNEYlM8TKbVum-wXNNN5uKkUl5dw3Ay7EedGGV1Qu8voF05_WyhKH3Y7q7DeWilItsIrPJ1684UY13li8fvuU_rXuHPHuoAIDDHwaa_q0x3VxzyO0Q_xe9rhGiKcTsHdE2k9cLXJsFxVVImhk0DKsfjlYeu1UBkCzONaTBE2LP4V33epRvArlanOOSNM84STu5zrl1lDMRjUdCMjMc8x1HFXX8wTkwtA&sai=AMfl-YSRh-vuwkEEabVxr-27FLxxzQaeWnJKTFMngsJMo9pbqak1C-OWnHMMDymAJLY0XztzqNlRsZV5lD9jIMg&sig=Cg0ArKJSzPRus7C1Xg_IEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com
URL: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Sep 2023 21:33:22 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame E5E1 99 KB
29 KB 101ms
100ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1bafaed2f9b66419f30f8eff520f615bb78e643805bce94712e8df3ed5514b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29351
x-xss-protection: 0
server: cafe
etag: 190 / 19619 / 31077993 / config-hash: 10560056370792808416
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 21:33:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E5E1 182 KB
57 KB 201ms
114ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com
URL: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 21:33:22 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame E5E1 0
294 B 78ms
77ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstUvyuFoozJRl59sw3McrvMiF3LY0Ls2U4xH5Y3SKAUdMxDBu8FDMbpZ0lcTWnyVlePWZI37GjMQuyQQ9YQfg0f9L72GJxinPWYh416cyeWbSbp9e8oy36Dh3cViRBMieuXF8SE1Z0FJF0cI2tzGN6v5QaqWIsA8heFFKvN8laS8WLkT_GOs8uueBsVJvgtQHloAJZv-15De-o0k2RbZD-kkBbBs_iP1oJgkCM6FX-vGuiHfFtiS3jGJSceuqZldx-6MWNqpNXpfy6A4Hsjn8-ZQKA9MaTp0p0qMopcONZEL4IxenT50F0AHCsTYGk08edKNbZ7EwJ8_f02tWehDA6xk88mdYfDZ_gi92VAmhscjXSIgg&sai=AMfl-YTbwkvKjlOQElZC4PeCkVPWrNK_sXQ7EFtj8Z-0SwfqEBt-A9ak1x49IK1-xVnV1B-IRUbFW8Ffw4YJ5BU&sig=Cg0ArKJSzIRmzQ7q8s8xEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com
URL: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Sep 2023 21:33:22 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 490E 14 KB
2 KB 136ms
49ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com
URL: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Sep 2023 21:33:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 19:41:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Sep 2023 21:33:22 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 490E 2 KB
945 B 159ms
44ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com
URL: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 19:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5692
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 19:58:30 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/ Frame 490E 23 KB
9 KB 159ms
44ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/abg_lite_fy2021.js

Requested by

Host: e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com
URL: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 19:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5692
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 19:58:30 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 490E 3 KB
1 KB 166ms
51ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/window_focus_fy2021.js

Requested by

Host: e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com
URL: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 17:26:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14804
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 17:26:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 490E 20 KB
8 KB 153ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com
URL: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 19:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5692
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 19:58:30 GMT

GET
H2 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 490E 225 B
355 B 188ms
75ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Host: e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com
URL: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 09:44:05 GMT
x-content-type-options: nosniff
server: cafe
age: 42557
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Wed, 20 Sep 2023 09:44:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 490E 182 KB
57 KB 242ms
174ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com
URL: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 21:33:22 GMT

GET
H2 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame 490E 36 KB
15 KB 128ms
39ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com
URL: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 09:37:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 23:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 09:37:14 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 6DF3 99 KB
29 KB 146ms
145ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5417cb51e6a752000bcdba03fdeaa32b2f24d0c7b98ad07e89031c51017ed74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29345
x-xss-protection: 0
server: cafe
etag: 796 / 19619 / m202309140101 / config-hash: 10560056370792808416
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 21:33:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6DF3 182 KB
57 KB 228ms
171ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com
URL: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 21:33:22 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6DF3 0
292 B 77ms
77ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstNtADp_D-q4ag_bGtG-IR0MfoxE2vGr0_1o3r9r3H-kI1UqvDS7tnpltoIQBAaC95er25AkbSDECsGbZqOjE759cKZ1LsxKb9dE95l4ArxDTpQ-GnaDYc9ePT6vugpQSsftdzIxM1lhEluIy6rOLOckg_V1FISLMW9AA97q367JTT-6Tes7mvTfgLRq0Dm7nrp5_ctinn79Q0NsGlcjAD4b-pCCl-FNQ5QObnQ7sB-8v9MfRm7WrvW_atLe0CM8TGOECBxch48Zk5cKkswyj421bBRLq-iYiKRIalP3lu-Oeq8gTKv8wcflXjhQzgeW32IZ5F08znPgF87_dxYedNQkuboRyZu2wVU7AB4bH4h_G2czhA&sai=AMfl-YRbEyrQURlvMb1WTKgmVx7nq2hULstBjT5IkA-ToW8q3RTiUvALwc0tdcJeUsxRZjWoKbgv94DAEi4PMXY&sig=Cg0ArKJSzDC3uURn0RTpEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com
URL: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Sep 2023 21:33:22 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 619A 98 KB
29 KB 173ms
172ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5db3be4cd1e8fbbbdd9c9b101dc2c70794fd2684d60db42d2cedd8e61d2dc636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29322
x-xss-protection: 0
server: cafe
etag: 321 / 19619 / 31077994 / config-hash: 10560056370792808416
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 21:33:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 619A 182 KB
57 KB 190ms
144ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com
URL: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 21:33:22 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 619A 0
293 B 77ms
76ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVwBX-QLQ67Hnq0532cqplWNitv4A7lWRuB6inAZ772ZlSmHH1TBpe8oFirJBmEEgyabePQbEhm23vFAtgtNdOAtZ1tuNSr2KVYAovYuEMsYI8rSfbeIPzlc0POQZdUh3Mud1JwBMiMACKpQfbQkChYU2HkHMuMxG_ULb9wSvsOhtOw0_ECqyL4IV0JkDd0qa81S5DoI3h1b6ceI45mCfDgnrMM94wlc_4TgYKjL_7IwCE-firSn7EEe_Yb5by5r_A0rUxJmJBEjwNDFsCCXXyeETsGJFSKXVzLuaMACzuZy6QA-bfqKk23rrNXT5MA4sCp07eCG7jubv53H8ZYuOqUB2p4lt39H4If5XxZ_bfKX_Z_w&sai=AMfl-YThaXLQTTLyhCEtG2izquru6M98fXP99PVbXyGqb5v-JG33DzLaIM3GsTCYK9v8SpX56Pw_zLvZtkXYiF4&sig=Cg0ArKJSzDhFS9fCFOixEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com
URL: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Sep 2023 21:33:22 GMT

GET
H2 200 12689500185575797283
tpc.googlesyndication.com/simgad/ Frame 490E 18 KB
18 KB 164ms
76ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12689500185575797283?w=100&h=100

Requested by

Host: e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com
URL: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96debb48b959e7206300a08ea3c9d7d159367b988c234f65c84129b660e47ba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 00:00:42 GMT
x-content-type-options: nosniff
age: 77560
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18199
x-xss-protection: 0
last-modified: Wed, 30 Nov 2022 12:51:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 18 Sep 2024 00:00:42 GMT

GET
DATA 200
OK truncated
/ Frame 490E 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/ Frame E5E1 409 KB
129 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1bde658df6e7fc967fdfa663ef601083be84e4dfb80de29e5423d8d618bf790e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 10:36:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39396
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131810
x-xss-protection: 0
server: cafe
etag: 9411153894055172020
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 18 Sep 2024 10:36:46 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/ Frame 6DF3 409 KB
129 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1bde658df6e7fc967fdfa663ef601083be84e4dfb80de29e5423d8d618bf790e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 19:33:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7203
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131810
x-xss-protection: 0
server: cafe
etag: 9411153894055172020
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 18 Sep 2024 19:33:19 GMT

GET
DATA 200
OK truncated
/ Frame 490E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f757339b082b621a2f55bbac92a8d6c93cbd30d688db58bd86d16ba4fb7e26db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame AC79 144 KB
50 KB 103ms
102ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a04f4f0b028721b0253262000436b7ba7ec607ce03c9b1643b647fca48af4f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50600
x-xss-protection: 0
server: cafe
etag: 1360721087074793557
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 21:33:22 GMT

GET
DATA 200
OK truncated
/ Frame AC79 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1539eb2245e86f37b969d1c9aafb1ff0472a41f04c05419f04f8c31de088c9e5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/ Frame 619A 409 KB
129 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

520fd704b94c711b19d5c44660660a755d191c4400fd493bde84da71344e30e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 10:36:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39415
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131891
x-xss-protection: 0
server: cafe
etag: 12284941131365068139
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 18 Sep 2024 10:36:27 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame E5E1 28 KB
12 KB 320ms
319ms Fetch
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3145686858935280&correlator=754329432016950&eid=31076404%2C31077993%2C31076407%2C31077705&output=ldjh&gdfp_req=1&vrg=202309140101&ptt=17&impl=fifs&tfcd=0&iu_parts=71161633%2CXGTON_xgcartoon%2Camp_mob_anime_hrec_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C120x600%7C160x600%7C300x100%7C300x250%7C300x600&fluid=height&ifi=1&sfv=1-0-40&eri=4&sc=1&cdm=e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com&abxe=1&dt=1695159202809&adxs=-12245933&adys=-12245933&biw=300&bih=1200&scr_x=0&scr_y=0&ucis=6dn4jhcil2v3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguoguochengzhangriji4kguoyu-wangzhaobing&loc=https%3A%2F%2Fe800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D0&top=www.xgcartoon.com&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&dlt=1695159202387&idt=397&prev_scp=in2w_key9001%3D1%26in2w_key%3D95%26in2w_key2%3Dnope%26in2w_key4%3D--38gz%26in2w_key5%3Doptimization%26in2w_key6%3D--3qgz%26in2w_key7%3D1580%26in2w_key8%3D95%26in2w_key9%3Doptimization_request%26in2w_key15%3Do0%26in2w_key16%3D1&adks=3343453572&frm=24

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8eaa961ae8ab1f71eb4c9804664f4d62cd51e123e71f9a91b870a09f95acc41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11910
x-xss-protection: 0
google-lineitem-id: 208234953
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138324663403
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 97F6 6 KB
3 KB 61ms
46ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 21:33:22 GMT
expires: Wed, 18 Sep 2024 21:33:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 6DF3 39 KB
16 KB 291ms
290ms Fetch
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=278733757820323&correlator=3032438921318160&eid=31077942%2C31077232&output=ldjh&gdfp_req=1&vrg=202309140101&ptt=17&impl=fifs&tfcd=0&iu_parts=71161633%2CXGTON_xgcartoon%2Camp_desk_anime_hrec_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C468x60%7C728x90&fluid=height&ifi=1&sfv=1-0-40&eri=4&sc=1&cdm=e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com&abxe=1&dt=1695159202895&adxs=0&adys=0&biw=728&bih=180&isw=728&scr_x=0&scr_y=0&ucis=nnugca791ez5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguoguochengzhangriji4kguoyu-wangzhaobing&loc=https%3A%2F%2Fe800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D0&top=www.xgcartoon.com&vis=1&psz=0x0&msz=728x0&fws=256&ohw=0&ea=0&dlt=1695159202417&idt=459&prev_scp=in2w_key9001%3D1%26in2w_key%3D93%26in2w_key2%3Dnope%2Cbenchmark%26in2w_key3%3Dnop%26in2w_key4%3Dnop%26in2w_key5%3Dbenchmark%26in2w_key6%3D--3---%26in2w_key7%3D1580%26in2w_key8%3D93%26in2w_key9%3Dbenchmark_request%26in2w_key12%3Dbenchmark%26in2w_key15%3Db0%26in2w_key16%3D1&adks=1552626643&frm=24

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30e1e2c12586170ea07b265c5ee4d7e1677d2a3ea8cb82517919991cf0359213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16295
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 11BB 6 KB
3 KB 61ms
46ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 21:33:22 GMT
expires: Wed, 18 Sep 2024 21:33:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6DF3 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4b74d0620cd8a435315afa905e809f8075e2d5fb6b8d24081083cc315721c75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/ Frame AC79 379 KB
129 KB 108ms
108ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fd71256053f3bb91eca8b987eff43c3bbba168fb2c09ba8fcee04f7d5431a83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131559
x-xss-protection: 0
server: cafe
etag: 12670464520371071104
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 21:33:22 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230918/r20190131/ Frame 858C 10 KB
5 KB 128ms
39ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230918/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2963
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 20:44:00 GMT
etag: 8554266389219770021
expires: Tue, 03 Oct 2023 20:44:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 205ms
74ms Preflight
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=C5ZEnnhMKZemJMJOygQerp7XoB_rS6K5y69nG2_4QZBABINPLzjBglcKmgrAHoAHY9pa3AsgBCakC_EL8qeLssT7gAgCoAwHIA9sEqgTCAk_QuOWMgp9CZg59tzhR8nW7g9mO2XahWZwSq_M7u9Jt94FcGYhpY7ZN0ZmFNToOfkL7n8UMElyKCrI_mgJ-tlTi3IOxkWYfYniWCybI5z62QjiS7qhN3jE_9sLT2VXtBJY2P2bGMiW35tZ0-71DwFSQM2L9qeWG6KJLs7CKe-129zUrhF3AiqE0QT7ftbuYRWSgpeczATlaLfYHJ66ypm2agNX8_MWppyfjf8ntdFB5uCR4MoaJMiq2aHQYYYCuwte98SNMuVG-OC51JbhQudeKRWpt4lLKGE5WEkhu6dkEWVtXxYj3-U8yHv77Ri4WL0n_JVTA4g1lSJneKyPcY9M25iAOg678tW5S3lFex5QInoxigq3sQQXlcUu-MArkrzeWMqBvjMDdpbT-Tu6ukX1r4R54ivJeQQBukBXWtyOQW7jABLu4v5j6A-AEAYgFwsPb4z-SBQQIBBgBkgUECAUYBKAGLoAHkInpyAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxCCN9IIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCTpodHRwczovL3d3dy5sYXNlcnpvbmUuZGUvbnJ3L2JpZWxlZmVsZC9sYXNlcnRhZy1iaWVsZWZlbGQvgAoDyAsBmAzbpseY-gO4E4ME2BMO0BUBmBYBgBcBshceChwIABIUcHViLTMwMzkxOTk1MDM0MDM2MzQYmdIh&sigh=P31fes8iw48&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWcM_UAPD0stGJn4RB16DudVcnDd5_QRgB&template_id=515&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 19 Sep 2023 21:33:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 490E
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=C5ZEnnhMKZemJMJOygQerp7XoB_rS6K5y69nG2_4QZBABINPLzjBglcKmgrAHoAHY9pa3AsgBCakC_EL8qeLssT7gAgCoAwHIA9sEqgTCAk_QuOWMgp9CZg59tzhR8nW7g9mO2XahWZwS...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221615902222679683441%22,%22debug_reporting%22:true,%22destination%22:%22https://laserzone.de%22,%22event_report_window%22:%...

0
0

163ms
73ms

Fetch
text/css

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221615902222679683441%22,%22debug_reporting%22:true,%22destination%22:%22https://laserzone.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22652589912%22],%224%22:[%2209-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212123560022929737089%22}&andc=true

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"1615902222679683441","debug_reporting":true,"destination":"https://laserzone.de","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["652589912"],"4":["09-19"],"6":["true"]},"priority":"500","source_event_id":"12123560022929737089"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Sep 2023 21:33:23 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 19 Sep 2023 21:33:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"1615902222679683441","debug_reporting":true,"destination":"https://laserzone.de","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["652589912"],"4":["09-19"],"6":["true"]},"priority":"500","source_event_id":"12123560022929737089"}&andc=true
access-control-allow-origin: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 490E 33 KB
34 KB 127ms
39ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 05:14:28 GMT
x-content-type-options: nosniff
age: 577135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Sep 2024 05:14:28 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E5E1 0
0 188ms
77ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstUMeXDoEjjyrw1Etc6UpRW4ilKPe0e88gt71_2eyfl245hHDSEGzaVa-Ga-rxI3rwR7uWXZkK3AUpYcIRHIWveCBB8tlxED1eDWyzMykrCFUzul82WdK9LfHecmM-r556SR7wgP7yXEfHd-_Pe10YNiR7_zl8mAzv8BHBQvUX1PluqdJCzJ5t8ChTx8YYR4zYJVz6E7BuBwSXFr7-oQAco4y1U8abofqbX7TL6Zuy61IHOGEiH1Z0PMPa9o44PGpv_Qkzn3ZS7BLD5PsRiiq71yISibrw29yEVPgXEXBbepAxvPxWqQS9CtgrUAMCoHSIzckWZmKBYqn7NOzkVR57SjK44adQRl1fjdwnddOKf0_s6OwrA&sai=AMfl-YT7Coge0XhAN3Px5vBeA5_MWJdZtXE744DS0zEU3g4n9-4CvBIjBmL3vMmffL6zugqZdI50WpiR-_5uB6M&sig=Cg0ArKJSzLR55lI5UFDSEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Sep 2023 21:33:23 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E5E1 16 KB
12 KB 172ms
88ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309140101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0cd648035cda53f1d4016e18afdcea868ca6760a14e1c3ea646c8c6882e168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12115
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 619A 38 KB
16 KB 285ms
285ms Fetch
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3892060698215008&correlator=3698042584844738&eid=31077994&output=ldjh&gdfp_req=1&vrg=202309180101&ptt=17&impl=fifs&tfcd=0&iu_parts=71161633%2CXGTON_xgcartoon%2Camp_mob_anime_vrec_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C120x600%7C160x600%7C300x100%7C300x250%7C300x600&fluid=height&ifi=1&sfv=1-0-40&eri=4&sc=1&cdm=e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com&abxe=1&dt=1695159203017&adxs=-12245933&adys=-12245933&biw=300&bih=1200&scr_x=0&scr_y=0&ucis=f2vftk8l1e9y&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguoguochengzhangriji4kguoyu-wangzhaobing&loc=https%3A%2F%2Fe800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D0&top=www.xgcartoon.com&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&dlt=1695159202419&idt=575&prev_scp=in2w_key9001%3D1%26in2w_key%3D1%26in2w_key2%3Dnope%2Cbenchmark%26in2w_key3%3Dnop%26in2w_key4%3Dnop%26in2w_key5%3Dbenchmark%26in2w_key6%3D--3---%26in2w_key7%3D1580%26in2w_key8%3D1%26in2w_key9%3Dbenchmark_request%26in2w_key12%3Dbenchmark%26in2w_key15%3Db0%26in2w_key16%3D1&adks=1043206358&frm=24

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bfda8b8e1ad756bc3a910d0c4dd6a9f0438090edeafb0b247935949d34a008bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16030
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 66BA 6 KB
3 KB 63ms
46ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 21:33:23 GMT
expires: Wed, 18 Sep 2024 21:33:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6DF3 0
0 118ms
77ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuTwUJBe29HkmUN0eQid-aSF2B-rrvhF912gAo1TwcuffK5M8MElUiD_b2fy8_inCl7yDaKH6ol_C5-jumBVtnQhh8r8QVlgn-sXo4WIlsll0JVnUY5rMt0n7TwWMKGqd3dsoFBCdE60ChODWI_5XUulUwfaSnHwtVm9gDDPb8Om69t9e_Hhe0iVFyPC_96U-YbHIK_dZov_KSaAAwB9jiTT_HxfqPHRBpwjtacafJtJPzz2vGelNrBRRIBQF48iHhTuoDmT6zzzmVARVzhNcndTNNBTV4qwRoYz7ux1JsZDuiyndoDWK2SJNG5LqGkFYAo66Vx0-6jbvt-s5OUdStIpp5IicIP3P8Y2MxXrtT_7wTE10BpZg&sai=AMfl-YRnoPzUOLyKD-kgAJGhHf67FvcGFSRLFQrG7QEwlNY0irE9kjlUJfBiQ4EWaAqToAnH7G5Wgbrmd0xRewE&sig=Cg0ArKJSzFc2-CtHeBGNEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Sep 2023 21:33:23 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6DF3 16 KB
12 KB 104ms
89ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309140101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4306bf64175691d6c1a4183484f10588493cdd1ea3230f5bdc76c4426d6fcd10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12048
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 619A 0
0 76ms
76ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstS1TBY5VcH1EV-4hfEVbSpXMaczkOEb-I0AeIHj5Yxa6GKEFW0U-_OrPtJh8YRrCG2xwasa-TtizJ79GlLU5hGIdkPYQ_UpfQj-TkYnUKouoOc4tsyla4oGKurzJ5ap1wR4QyUPXu5TCd9QFwzM0Z9Dpjvm2roF4jW1bW8WGMJ-lFUcInYreuatHu3AFe-3lQ3SygIU5WmctCyKRfEFC1TQnGlijUCrptdEFH8jFcc5ZsEFyLHSMs9eGAfJaw1G1rSnqCv74HyAqnl_EnPfXayJlVZgrfQBtk81zFybHkPjv0-WOO9ve7He-t1SphipZutTmbtKCdeIZ8th9obGos62qt4pyJUUhOq-JLiT5RQGMEFssg0&sai=AMfl-YQWOuKukeTJVV6qDIyJXEqVXMSyRIOpUUOMwu-ZvYdbhy66_lnggIfPYVF95HyEsivDTsCXszAX6j7LUjs&sig=Cg0ArKJSzJpguwqxDlTIEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Sep 2023 21:33:23 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 619A 16 KB
12 KB 98ms
98ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d27b5a578595629fe5a964ad42fabd168a400d8b892b60f939fac8139cb5f759

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12348
x-xss-protection: 0

GET
H3 200 b6KMqTAYqBIA24ZWjqYq8V8pGhE_E2wERo_hclhyfAY.js Show response
pagead2.googlesyndication.com/bg/ Frame 71E4 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b6KMqTAYqBIA24ZWjqYq8V8pGhE_E2wERo_hclhyfAY.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fa28ca93018a81200db86568ea62af15f291a113f136c04468fe17258727c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 05:12:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 404429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14647
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Sep 2024 05:12:54 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E5E1 17 KB
7 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 21:33:23 GMT

GET
H2 200 container.html Show response
81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AD50 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 21:33:22 GMT
expires: Wed, 18 Sep 2024 21:33:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6DF3 17 KB
6 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 21:33:23 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DBA0 38 KB
16 KB 441ms
439ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046732&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695159202633&bpp=295&bdt=248&idt=557&shv=r20230918&mjsv=m202309140101&ptt=5&saldr=sd&is_amp=1&correlator=54&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=2934163405&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31077698%2C44800659%2C44798323&oid=2&pvsid=3278015393583231&tmod=10187715&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w4v8eictjy61&fsb=1&dtd=573

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc5a7b6c79ac84d96302a6de2c67b34f6bce248199721c44edb4d69ea0d91a4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 16158
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 21:33:23 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 619A 17 KB
6 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 21:33:23 GMT

GET
H2 200 container.html Show response
497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C2CE 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 21:33:22 GMT
expires: Wed, 18 Sep 2024 21:33:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame AD50 24 KB
6 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com
URL: https://81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 07:26:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50833
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Sep 2024 07:26:10 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame AD50 18 KB
8 KB 111ms
111ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com
URL: https://81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

154dc086233f311722b1aadd4dc4e9d4a7a912ab2a679141b9cd59df50a04f92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7888
x-xss-protection: 0
server: cafe
etag: 18285963378948733987
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 21:33:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AD50 182 KB
57 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com
URL: https://81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 21:33:23 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 188ms
74ms Preflight
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 19 Sep 2023 21:33:23 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0DF0 13 KB
5 KB 40ms
40ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 14473
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 17:32:10 GMT
expires: Wed, 18 Sep 2024 17:32:10 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 876F 829 B
1 KB 138ms
50ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cd89e3f99017ac265e91962d66dc94a4f46861cef60101397676727d3f697143

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MDh3HZdttm4l5qPrz2RkaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-MDh3HZdttm4l5qPrz2RkaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 21:33:23 GMT
expires: Tue, 19 Sep 2023 21:33:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B7C0 13 KB
5 KB 41ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 14473
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 17:32:10 GMT
expires: Wed, 18 Sep 2024 17:32:10 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4327 829 B
767 B 124ms
51ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a21796fbb56623050e3fc640b86422620318554846fdbc3aebd046cf05c6baf0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LCZe3op30E_kOz8hzsVD8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-LCZe3op30E_kOz8hzsVD8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 21:33:23 GMT
expires: Tue, 19 Sep 2023 21:33:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 creative_add_on.js Show response
cti.w55c.net/ct/ Frame C2CE 5 KB
2 KB 156ms
42ms Script
application/javascript 2600:9000:2251:8200:3:4706:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cti.w55c.net/ct/creative_add_on.js?w=728&h=90&zindex=0&ci=Xm5m1vekkx&ei=GOOGLE&ob=0&ai=0DaDXCcU00&epid=R0wxMDA5Ng&fiu=WG1KVFAyNDVlMA&s=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguoguochengzhangriji4kguoyu-wangzhaobing&ciu=XRK8N4Rwai&btid=RDZBMzcyRjNCRUFCQzVENkU5MUE0NEI2RkUyMzU4QzR8R0ZZbU9zZnZyOXwxNjk1MTU5MjAzMDU4fDF8WG1KVFAyNDVlMHxYUks4TjRSd2FpfC0xMDI3MDQ2OTJfRVh8NDQ1NjB8fHx8LjBQfFVTRA&c=DE&dt=2dt0005&sd=xgcartoon.com&cip=1&hmt=1&uidu=CAESEN6w_ovplEbnqdFWvhvmgM8&spidu=GOOGLE&pidu=10096&hmpvu=62959ece-1398-483d-80fc-b098109e2f44&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XRK8N4Rwai&

Requested by

Host: 497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com
URL: https://497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:8200:3:4706:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: 0IYa12QvFdrNK.CC2JhaeEJAYjkhUjCe
content-encoding: br
via: 1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
date: Sun, 17 Sep 2023 23:44:30 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-amz-cf-pop: FRA60-P3
age: 164934
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 17 Sep 2021 21:17:39 GMT
server: AmazonS3
etag: W/"a6c8a5bdec77729759b220b95bf503f9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: must-revalidate
x-amz-cf-id: _mmeBX5bJMjYwcE1ECKdpZY2lP5NXgrehKkczfJelCIvAknkHwCjWQ==

GET
H2 200 XassetJtVGFj2g.png
ads.w55c.net/t/d/ Frame C2CE 29 KB
30 KB 153ms
45ms Image
image/png 2600:9000:2491:f400:1b:f040:3600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.w55c.net/t/d/XassetJtVGFj2g.png?at=0&rtbhost=conf01-europe-west1.rtb.roku.com&btid=RDZBMzcyRjNCRUFCQzVENkU5MUE0NEI2RkUyMzU4QzR8R0ZZbU9zZnZyOXwxNjk1MTU5MjAzMDU4fDF8WG1KVFAyNDVlMHxYUks4TjRSd2FpfC0xMDI3MDQ2OTJfRVh8NDQ1NjB8fHx8LjBQfFVTRA&ei=GOOGLE&ac=WFM2YVdYQTl2bjpYU2YwU29uZW43fDB8MHxFVVI7&js=0&ob=0&ccw=SUFCMSMwLjM1MTI5OTV8SUFCMTkjMC4xMzc4NDc3MnxJQUIxOS0xNyMwLjEzNzg0NzcyfElBQjktMjgjMC4xMzc4NDc3MnxJQUIxLTUjMC4xMzc4NDc3MnxJQUI5IzAuMTM3ODQ3NzI&ci=Xm5m1vekkx&psid=NTkzOTA4MTEyNTc&s=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguoguochengzhangriji4kguoyu-wangzhaobing&ts=1695159203060&c=DE&r=NW&m=0&pc=59302&epid=R0wxMDA5Ng&mi=d2Vi&wp_exchange=NWP
Requested by: Host: 497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com
URL: https://497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:f400:1b:f040:3600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c5275956fa1bf68a0418dddb092a5881af6b6be10f6dca54dfacda6ba41992a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: 8SPBXJhT_RiSNmerbyVsLrwEkkTx88nO
date: Tue, 19 Sep 2023 08:42:09 GMT
via: 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 46275
x-amz-server-side-encryption: AES256
x-amz-meta-width: 728
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-meta-filesize: 29942
x-amz-meta-height: 90
content-length: 29942
last-modified: Thu, 15 Jun 2023 15:29:43 GMT
server: AmazonS3
etag: "1ff110a85bc3d8deeb9bac4954656b3b"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: 3JkfKzz4hIMk4VXRgICsjrJ0xufj0JnpMq-lVZynISKppi8mzm3Fsw==

GET
H/1.1 200
OK pixel.php
t.hspvst.com/ Frame C2CE 95 B
928 B 287ms
69ms Image
image/png 154.58.197.185
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.hspvst.com/pixel.php?id=2677&t=P&cb=3594204078075656
Requested by: Host: 497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com
URL: https://497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.58.197.185 Mumbai, India, ASN174 (COGENT-174, US),
Reverse DNS: staticip-hv4m185.hispavista.com
Software: Apache / PHP/5.4.45-1~dotdeb+7.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Tue, 19 Sep 2023 21:33:21 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-1~dotdeb+7.1
Transfer-Encoding: chunked
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type: image/png
Cache-Control: max-age=315360000
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Keep-Alive: timeout=3, max=1000
Expires: Fri, 16 Sep 2033 21:33:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame C2CE 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/window_focus_fy2021.js

Requested by

Host: 497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com
URL: https://497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 17:26:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14805
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 17:26:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame C2CE 20 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com
URL: https://497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 19:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5693
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 19:58:30 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C2CE 0
0 114ms
48ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSQJgVuzGOO6FYJuwfIQUiC_qZVJTbE-crHlAviiCeWLUGYnsCIeitp80MPjFkVGGGgxucgchfF_ztK1ZKUFIOawxV3Dw
Requested by: Host: 497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com
URL: https://497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C2CE 24 KB
6 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com
URL: https://497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 07:26:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50833
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Sep 2024 07:26:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C2CE 182 KB
57 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com
URL: https://497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 21:33:23 GMT

GET
H3 200 container.html Show response
bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1256 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309180101/pubads_impl.js?cb=31077994

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 21:33:23 GMT
expires: Wed, 18 Sep 2024 21:33:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AEDC 13 KB
5 KB 45ms
44ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 14473
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 17:32:10 GMT
expires: Wed, 18 Sep 2024 17:32:10 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 750F 829 B
768 B 87ms
52ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7e07060d456ef3bd806091f35cc369f1dc239ca4fa2e1c43a1cc1107a1e5ea05

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IcckGa2XU2RMjWIBuNABPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 539
content-security-policy: script-src 'report-sample' 'nonce-IcckGa2XU2RMjWIBuNABPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 21:33:23 GMT
expires: Tue, 19 Sep 2023 21:33:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AD50 0
0 78ms
77ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVdUmGdm_KmYAXxO3v4-Tv7R3moCufZhLV_BVesKdJ8DwE-F61doRK1KX4mBLX1XktoIhrKqOU86VM1TUH1vFBqgTSXyDdQu3ZtGRaMovI_ZR_N1ccVzg-ftwINRj8lU-DyBv9ce9c3okmtxib9061OJcpc3Bc5frhy9JxKAN8kUmA8XmFz6vjOOuXGQQn_V0z-TkPBEudsLwY6A0nU639smq12wF45MzZ2UYohesiapXkjJpokZKiku6oQQ9FQ8uF95o_cmRZ5pvQJqT3fxUdQuAXIKYfJiLveTEpTxnCf78ROyc4M1JkcQUtdg15eSuyx5D8NKyaGfkFCvpE-QBWKheWOUv2nrdnNTzIZAg&sai=AMfl-YS95GNPnVUrzwlKI-x4T7PpNzUf4Br-P3-yQIrqmbe1e5muUVQs1J7VR31ZfVoAmnwBouRbk_zCFK01m7c8QxRh2xNwVysvsWP5jA&sig=Cg0ArKJSzK_jUYY9Awx6EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com
URL: https://81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame AD50 144 KB
49 KB 136ms
135ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9236c342bce6028e8b1b5ca7f7a359175dd77779095b57617b5566e30d58b979

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50601
x-xss-protection: 0
server: cafe
etag: 6376961869229928026
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 21:33:23 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame AD34 2 KB
3 KB 178ms
75ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hpsv6fgs42jnssbn4jee6xtfwtz6tmr03vcj7mhkbf9fgxq9evb4z2qc5h802rq4b8gtajas3etp848r63khy901fnnr48hq2svgy2q6stan4pkqxv3kqey4szrere7s1q3szkx71gyr11ah72nqxffzn0j2weewbv5yw97mn0n3vjn9y4e2p8gxk9fa0114mvca6n7jcnvca198hc3yr4mjdh98zf4f0ye39egc7qydft1zd9kmw1e1x6gb4m8g015q0v7yqwk4z277e0qdgcpqgc3pt4p1wp9na67w3qhw0yg7k9r5bbfv5vdzavg2az6z8w52321kn06mycj2mwcvw7fp7ejs2bkg79d39t5xkzgz9qwbysr00j3prbq3xeqfsedf94evtenrmt75041cmw85k9v5tejw8r9330s4k414sy8wvxccj88n4j1a1gm46w578&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClQUmoxMKZejbBcy9gAff7Li4DJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAvxC_Kni7LE-4AIAqAMByAMCqgS1Ak_QeWu5L-EBq0UnNs5MeV_HrjCx65pJk7Mz0XpQgo9N53KJcKqVfWeVomdzDu8l9k-1MEMFfn_GVX19G5h5JTC9qj4e7ZmFNGOBaKJM9yUeL03dcV7qVrzcGGV_DdK1UrcUFDKSkaJgnFbasOJ5MJ0IuxyvzKeASpegRbF_xJsqWsWNkt4V2P7XN-Sm9QbI3PnAwKUqthgWw04gyC1W-PobwhrAtL7X1RaZcHCqae4mgSkKi2CMAuWsceXMW_EWDa0MlI-XxRwEX8lnxKgamceAq0WLtaQz2Q3ZyDSRzk5yxa8BIgrNu662OxexSJ25M7vsDxL0HCCjV4H_OHO3WlqSBLkr6nyMhx8tJLd-21TwzjRRYO_vFhy2QXlrabpujEi26zWccnmGKnr-kz91KkmUmNgLNuAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gTmDX4p-uhR3rpVQTp1QNS5YpUQ%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Host: bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com
URL: https://bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11be2e3900ce3217df5fc10ba44e69a0200baffb343fc242ebd923e0cfb8d2df

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8094f25e48c9364d-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 21:33:23 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 1256 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/window_focus_fy2021.js

Requested by

Host: bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com
URL: https://bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 17:26:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14805
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 17:26:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8CBB 1 KB
643 B 42ms
40ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com
URL: https://bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 68670
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 02:28:53 GMT
etag: 48472445140208031
expires: Wed, 20 Sep 2023 02:28:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 1256 20 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com
URL: https://bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 19:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5693
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 19:58:30 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1256 0
0 48ms
47ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSDfaHyFIGuQDCvcllDOKHL0NvRFhtKhFzdYpgHPLxh3RaTheaaJuHmFaPdlT8Pppbs3zwq7JlaZ_5Mn73e_vgAlvCRCQ
Requested by: Host: bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com
URL: https://bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1256 24 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com
URL: https://bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 07:26:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50833
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Sep 2024 07:26:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1256 182 KB
57 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com
URL: https://bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 21:33:23 GMT

GET
H3 200 D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js Show response
pagead2.googlesyndication.com/bg/ Frame 0DF0 37 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 12:37:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14739
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Sep 2024 12:37:50 GMT

GET
H3 200 D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js Show response
pagead2.googlesyndication.com/bg/ Frame B7C0 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 12:37:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14739
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Sep 2024 12:37:50 GMT

GET
H3 200 D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js Show response
pagead2.googlesyndication.com/bg/ Frame AEDC 37 KB
14 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 12:37:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14739
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Sep 2024 12:37:50 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 876F 0
0 75ms
74ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309140101&jk=3145686858935280&rc=
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4327 0
0 75ms
74ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309140101&jk=278733757820323&rc=
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 750F 0
0 74ms
73ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309180101&jk=3892060698215008&rc=
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 8CBB 70 B
265 B 189ms
57ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEArpLyWx2ofsKLkb2zPa4UY&google_cver=1&google_push=AXcoOmT_Bn60r6UT5Nu4T0fAZJGsykPEDciEtW_UHrZKM0Av8jmfZFCrGsvLJirBXfMuC37dHAWOpxKmjsD8wQG1EpriYajqQEGoKQ
Requested by: Host: bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com
URL: https://bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 19 Sep 2023 21:33:23 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8CBB
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEG3f_SlQc-ISN5KchSbkfiI&google_cver=1&google_push=AXcoOmSF-P-7yGTiYvAZI360zNytKOoZwVFQyskFvFclNPnwWf3NU1xkWLkAhElSRkle2Weyn7c82PGpM0D...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSF-P-7yGTiYvAZI360zNytKOoZwVFQyskFvFclNPnwWf3NU1xkWLkAhElSRkle2Weyn7c82PGpM0DpofZRn5HSUOu3Q122dw&google_hm=16DkE-dYQFavRzRYet...

170 B
329 B

50ms
50ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSF-P-7yGTiYvAZI360zNytKOoZwVFQyskFvFclNPnwWf3NU1xkWLkAhElSRkle2Weyn7c82PGpM0DpofZRn5HSUOu3Q122dw&google_hm=16DkE-dYQFavRzRYet0TVGw

Requested by

Host: bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com
URL: https://bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 21:33:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Sep 2023 21:33:22 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSF-P-7yGTiYvAZI360zNytKOoZwVFQyskFvFclNPnwWf3NU1xkWLkAhElSRkle2Weyn7c82PGpM0DpofZRn5HSUOu3Q122dw&google_hm=16DkE-dYQFavRzRYet0TVGw
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8CBB
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAwj_gAieac0CRlxJascPI4&google_cver=1&google_push=AXcoOmQjK1uaVBmqHQt4S1jb5Q-89LjmLnGgVBR3ifoL9pyu5PjdYzX20CpT2iaLMA3bJIk7oBJ-s4E-zcpF-g...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4MDY1MzMzODQxMjUxMzQzMA%3D%3D&google_push=AXcoOmQjK1uaVBmqHQt4S1jb5Q-89LjmLnGgVBR3ifoL9pyu5PjdYzX20CpT2iaLMA3bJIk7oBJ-s4E-zcpF-gLpZb...

170 B
232 B

51ms
51ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4MDY1MzMzODQxMjUxMzQzMA%3D%3D&google_push=AXcoOmQjK1uaVBmqHQt4S1jb5Q-89LjmLnGgVBR3ifoL9pyu5PjdYzX20CpT2iaLMA3bJIk7oBJ-s4E-zcpF-gLpZbN4SjbnLQrn5w

Requested by

Host: bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com
URL: https://bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 21:33:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4MDY1MzMzODQxMjUxMzQzMA%3D%3D&google_push=AXcoOmQjK1uaVBmqHQt4S1jb5Q-89LjmLnGgVBR3ifoL9pyu5PjdYzX20CpT2iaLMA3bJIk7oBJ-s4E-zcpF-gLpZbN4SjbnLQrn5w
Date: Tue, 19 Sep 2023 21:33:23 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 sync
x.bidswitch.net/ Frame 8CBB 43 B
146 B 143ms
41ms Image
image/gif 18.197.176.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPPP-lJEJApxfGVL9KpcZ4U&google_cver=1&google_push=AXcoOmRbOAGNpkQDgSzAOf4k3m91jwCpsj_fbw7Ceyl-2o6i5NQsmGx8TafcTf1I0EzF25SOnYrSeCkG2LsNqvjfVoYfb3J71mVOGQ
Requested by: Host: bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com
URL: https://bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.176.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-176-130.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8CBB
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OxoQ3ssTRXq2nWPx2ksueg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
232 B

51ms
50ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OxoQ3ssTRXq2nWPx2ksueg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRiNS_Ef_RNcXagLzva00RN7tT3lL7uD0TICUb5zFp6dI5AFbc-kX_dW2G3fUPqk1A2LCAQ3I5ynVV5wgzWpWj8Bd_pCSbltQ

Requested by

Host: bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com
URL: https://bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 21:33:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OxoQ3ssTRXq2nWPx2ksueg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRiNS_Ef_RNcXagLzva00RN7tT3lL7uD0TICUb5zFp6dI5AFbc-kX_dW2G3fUPqk1A2LCAQ3I5ynVV5wgzWpWj8Bd_pCSbltQ
date: Tue, 19 Sep 2023 21:33:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame 8CBB 0
235 B 168ms
58ms Image
text/plain 2600:9000:211e:8600:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELDYwlZPHSR7OpNrxUfwb3I&google_cver=1&google_push=AXcoOmTacTUZ0_vsySOM3l42PFjBBB6Rl_SgrnBtL5s63SuhQdzxN-l3uBhwlk7exStJQ6OIH4xvuxoVS3_H3Fja1SGBJ-U9PgVsrw
Requested by: Host: bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com
URL: https://bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:8600:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
cache-control: no-cache, must-revalidate
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: Ohebtwx3lpastE3VoW4qIChGtC9IWfhIk8K8N24lg8G5qwkI2mJ7vA==
x-cache: Miss from cloudfront

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8CBB
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=cc858898-0cc0-4044-800e-e62f2a836e98&google_cver=1&google_gid=CAESED30eo7_uz7ix0emm--kbek&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
232 B

51ms
50ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=cc858898-0cc0-4044-800e-e62f2a836e98&google_cver=1&google_gid=CAESED30eo7_uz7ix0emm--kbek&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSghp2zs81JpnpyfCnL3DnNUZWU1SlqwgYqU5AArZjt_gpAsI6LJSmdaxK7nd6Ne65j6NAWDSdcj9oDreGVLuf7V5oMq5bMvw&gdpr=${GDPR}

Requested by

Host: bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com
URL: https://bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 21:33:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=cc858898-0cc0-4044-800e-e62f2a836e98&google_cver=1&google_gid=CAESED30eo7_uz7ix0emm--kbek&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSghp2zs81JpnpyfCnL3DnNUZWU1SlqwgYqU5AArZjt_gpAsI6LJSmdaxK7nd6Ne65j6NAWDSdcj9oDreGVLuf7V5oMq5bMvw&gdpr=${GDPR}
date: Tue, 19 Sep 2023 21:33:23 GMT
server: _
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 8CBB 0
139 B 153ms
46ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KDevlxMSz4UPuwZw_qGtJIewFxstUoBPCBu-QNS5wCo4RzMwZLNrOirvmCCjA8fMl5w_xSkw

Requested by

Host: bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com
URL: https://bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C015 1 KB
643 B 48ms
39ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com
URL: https://497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 68670
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 02:28:53 GMT
etag: 48472445140208031
expires: Wed, 20 Sep 2023 02:28:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C2CE 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f5243918c5de6b1d345562e0aeb648cb096a12f12903be9d70af67e1a53a7b68

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C2CE 0
0 95ms
94ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cj02MohMKZbqpOsyn9u8Pq_2vqA66iLSPXJzX7u6pCMCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJ4AIAqAMByAMCqgSsAk_QEkyPg3-r7GuGKv0Pg45oTv2R2iM4yEAUyvkh9Bm1gFD8g7H3nuOd80sgPp6PVnfcP1tnDbDPLzLY-PH-fYIeB9HruUP15yJGsDmOIDD0Cp17Ls7qpeyfKrFpJhDN86USQJONvwpE-36PpiE_bna29psQZ9166rkGiXEzaeMHUqpNOCTvje1R9AbUltWi6PZhdqk9bCE-ZdSRtp1Y4WRunBBNgyTKh5i4ibII5usCDjK7AgT3A5sW312c3R3wpKx4WHeyGSrXY8L-1mzaOcG2T4dLLWwPU4BgIxUk0yZwaOIUMEjaTj_xkGTHysIo8fAEflzTJV-tv48YVQmxh54zxLGvq3wOtcTmRjvE3244V3xv879pfBsjjx7ZUzpMwpGYi6MVp9xPqqluKOAEAYAGtrny8N7048SLAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01ODg0Mjk0NDc5MzkxNjM4GJnSIQ&sigh=X2FA4aHELGE&uach_m=[UACH]&cid=CAQSKQBpAlJWk2Nwa1jasMG4wsC8hyx6g2RASUcEnjtwmKS3e4puY51yHX-uGAE&cbvp=2&vis=1
Requested by: Host: 497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com
URL: https://497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H/1.1 200 a.gif
i.w55c.net/ Frame C2CE 42 B
582 B 187ms
43ms Image
image/gif 35.157.117.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.w55c.net/a.gif?t=0&rtbhost=conf01-europe-west1.rtb.roku.com&rts=1&btid=RDZBMzcyRjNCRUFCQzVENkU5MUE0NEI2RkUyMzU4QzR8R0ZZbU9zZnZyOXwxNjk1MTU5MjAzMDU4fDF8WG1KVFAyNDVlMHxYUks4TjRSd2FpfC0xMDI3MDQ2OTJfRVh8NDQ1NjB8fHx8LjBQfFVTRA&ei=GOOGLE&wp_exchange=ZQoTogAOlLoH_ZPMAAv-q0aCo1MOFFGlKXpHag&ac=WFM2YVdYQTl2bjpYU2YwU29uZW43fDB8MHxFVVI7&psid=NTkzOTA4MTEyNTc&js=0&ob=0&ccw=SUFCMSMwLjM1MTI5OTV8SUFCMTkjMC4xMzc4NDc3MnxJQUIxOS0xNyMwLjEzNzg0NzcyfElBQjktMjgjMC4xMzc4NDc3MnxJQUIxLTUjMC4xMzc4NDc3MnxJQUI5IzAuMTM3ODQ3NzI&ci=Xm5m1vekkx&fiu=WG1KVFAyNDVlMA&fid=XmJTP245e0&sd=xgcartoon.com&s=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguoguochengzhangriji4kguoyu-wangzhaobing&ts=1695159203060&dvdp=i.w55c.net/dv.jpg&ai=0DaDXCcU00&c=DE&r=NW&m=0&pc=59302&rnd=3594204078075656&epid=R0wxMDA5Ng&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=NzI4NWEyMmNjZmE2NGM1Y2JmMzBmYzExNmQzNGFhNGU&dm=MU1PcTFSYndWSA&l=emh8fA&ri=2rxtlU&cip=1&alg=TGcwMDA4&v=1&euid=Q0FFU0VONndfb3ZwbEVibnFkRld2aHZtZ004&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=RXVyb3BlL0Jlcmxpbg&sg=WtG8RgXwV_Evh7H5ZgJqwQ&buid=Xdb4DXiaK1Q&dv=MUxWSXJn&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=CAESEN6w_ovplEbnqdFWvhvmgM8&spidu=GOOGLE&pidu=10096&hmpvu=62959ece-1398-483d-80fc-b098109e2f44&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XRK8N4Rwai&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif&cbvp=2

Requested by

Host: 497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com
URL: https://497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.117.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-117-145.eu-central-1.compute.amazonaws.com

Software

PixelTracking/v2.0.30-788-gfcd4f77#rel-ec2-master i-064d20a31ca5f1852@eu-central-1a@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Sep 2023 21:33:23 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PixelTracking/v2.0.30-788-gfcd4f77#rel-ec2-master i-064d20a31ca5f1852@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame AD34 115 KB
14 KB 53ms
52ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hpsv6fgs42jnssbn4jee6xtfwtz6tmr03vcj7mhkbf9fgxq9evb4z2qc5h802rq4b8gtajas3etp848r63khy901fnnr48hq2svgy2q6stan4pkqxv3kqey4szrere7s1q3szkx71gyr11ah72nqxffzn0j2weewbv5yw97mn0n3vjn9y4e2p8gxk9fa0114mvca6n7jcnvca198hc3yr4mjdh98zf4f0ye39egc7qydft1zd9kmw1e1x6gb4m8g015q0v7yqwk4z277e0qdgcpqgc3pt4p1wp9na67w3qhw0yg7k9r5bbfv5vdzavg2az6z8w52321kn06mycj2mwcvw7fp7ejs2bkg79d39t5xkzgz9qwbysr00j3prbq3xeqfsedf94evtenrmt75041cmw85k9v5tejw8r9330s4k414sy8wvxccj88n4j1a1gm46w578&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClQUmoxMKZejbBcy9gAff7Li4DJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAvxC_Kni7LE-4AIAqAMByAMCqgS1Ak_QeWu5L-EBq0UnNs5MeV_HrjCx65pJk7Mz0XpQgo9N53KJcKqVfWeVomdzDu8l9k-1MEMFfn_GVX19G5h5JTC9qj4e7ZmFNGOBaKJM9yUeL03dcV7qVrzcGGV_DdK1UrcUFDKSkaJgnFbasOJ5MJ0IuxyvzKeASpegRbF_xJsqWsWNkt4V2P7XN-Sm9QbI3PnAwKUqthgWw04gyC1W-PobwhrAtL7X1RaZcHCqae4mgSkKi2CMAuWsceXMW_EWDa0MlI-XxRwEX8lnxKgamceAq0WLtaQz2Q3ZyDSRzk5yxa8BIgrNu662OxexSJ25M7vsDxL0HCCjV4H_OHO3WlqSBLkr6nyMhx8tJLd-21TwzjRRYO_vFhy2QXlrabpujEi26zWccnmGKnr-kz91KkmUmNgLNuAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gTmDX4p-uhR3rpVQTp1QNS5YpUQ%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hpsv6fgs42jnssbn4jee6xtfwtz6tmr03vcj7mhkbf9fgxq9evb4z2qc5h802rq4b8gtajas3etp848r63khy901fnnr48hq2svgy2q6stan4pkqxv3kqey4szrere7s1q3szkx71gyr11ah72nqxffzn0j2weewbv5yw97mn0n3vjn9y4e2p8gxk9fa0114mvca6n7jcnvca198hc3yr4mjdh98zf4f0ye39egc7qydft1zd9kmw1e1x6gb4m8g015q0v7yqwk4z277e0qdgcpqgc3pt4p1wp9na67w3qhw0yg7k9r5bbfv5vdzavg2az6z8w52321kn06mycj2mwcvw7fp7ejs2bkg79d39t5xkzgz9qwbysr00j3prbq3xeqfsedf94evtenrmt75041cmw85k9v5tejw8r9330s4k414sy8wvxccj88n4j1a1gm46w578&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClQUmoxMKZejbBcy9gAff7Li4DJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAvxC_Kni7LE-4AIAqAMByAMCqgS1Ak_QeWu5L-EBq0UnNs5MeV_HrjCx65pJk7Mz0XpQgo9N53KJcKqVfWeVomdzDu8l9k-1MEMFfn_GVX19G5h5JTC9qj4e7ZmFNGOBaKJM9yUeL03dcV7qVrzcGGV_DdK1UrcUFDKSkaJgnFbasOJ5MJ0IuxyvzKeASpegRbF_xJsqWsWNkt4V2P7XN-Sm9QbI3PnAwKUqthgWw04gyC1W-PobwhrAtL7X1RaZcHCqae4mgSkKi2CMAuWsceXMW_EWDa0MlI-XxRwEX8lnxKgamceAq0WLtaQz2Q3ZyDSRzk5yxa8BIgrNu662OxexSJ25M7vsDxL0HCCjV4H_OHO3WlqSBLkr6nyMhx8tJLd-21TwzjRRYO_vFhy2QXlrabpujEi26zWccnmGKnr-kz91KkmUmNgLNuAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gTmDX4p-uhR3rpVQTp1QNS5YpUQ%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1694166205
age: 992610
cf-polished: origSize=118430
x-guploader-uploadid: ADPycdvRNDSrLsq4rFUBrYyffZGk57AlA6TL7aGiXTaN2eXe7Da_6kEdpo2XHnuDhOFVbuKqZ3BrvbcSkuQiB84ETmeFsA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 08 Sep 2023 09:43:56 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
x-goog-generation: 1694166236174866
content-type: text/css
x-goog-hash: crc32c=4fid0Q==, md5=SGUHzM6axYfRHA7z8yoQmg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dl5sCrY6ig2oQDUUD0eHuSuKzfPqu1xmJOVqUb6Z88kofBLhBT3LhQGL6pX6LlR20uHFSvWuXwJyU21vwWrTFE7d0qW6yiwQLHDrUZGlR%2FPF2jr%2Fph5pm6yrFWKtZf49Vmt02ZbZ7LQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 118430
cf-ray: 8094f25ef9cb364d-FRA
expires: Tue, 19 Sep 2023 22:33:23 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame AD34 25 KB
10 KB 68ms
58ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hpsv6fgs42jnssbn4jee6xtfwtz6tmr03vcj7mhkbf9fgxq9evb4z2qc5h802rq4b8gtajas3etp848r63khy901fnnr48hq2svgy2q6stan4pkqxv3kqey4szrere7s1q3szkx71gyr11ah72nqxffzn0j2weewbv5yw97mn0n3vjn9y4e2p8gxk9fa0114mvca6n7jcnvca198hc3yr4mjdh98zf4f0ye39egc7qydft1zd9kmw1e1x6gb4m8g015q0v7yqwk4z277e0qdgcpqgc3pt4p1wp9na67w3qhw0yg7k9r5bbfv5vdzavg2az6z8w52321kn06mycj2mwcvw7fp7ejs2bkg79d39t5xkzgz9qwbysr00j3prbq3xeqfsedf94evtenrmt75041cmw85k9v5tejw8r9330s4k414sy8wvxccj88n4j1a1gm46w578&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClQUmoxMKZejbBcy9gAff7Li4DJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAvxC_Kni7LE-4AIAqAMByAMCqgS1Ak_QeWu5L-EBq0UnNs5MeV_HrjCx65pJk7Mz0XpQgo9N53KJcKqVfWeVomdzDu8l9k-1MEMFfn_GVX19G5h5JTC9qj4e7ZmFNGOBaKJM9yUeL03dcV7qVrzcGGV_DdK1UrcUFDKSkaJgnFbasOJ5MJ0IuxyvzKeASpegRbF_xJsqWsWNkt4V2P7XN-Sm9QbI3PnAwKUqthgWw04gyC1W-PobwhrAtL7X1RaZcHCqae4mgSkKi2CMAuWsceXMW_EWDa0MlI-XxRwEX8lnxKgamceAq0WLtaQz2Q3ZyDSRzk5yxa8BIgrNu662OxexSJ25M7vsDxL0HCCjV4H_OHO3WlqSBLkr6nyMhx8tJLd-21TwzjRRYO_vFhy2QXlrabpujEi26zWccnmGKnr-kz91KkmUmNgLNuAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gTmDX4p-uhR3rpVQTp1QNS5YpUQ%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 18171
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66rPt%2B57dJC3WXUoL1X8hCm9IiuAiKgwpZRozVe%2BUOmJ0miPEX1%2FOl%2FjTF0lVh8z56yx28poIvhm8Cw5GLHdRnR2gPPU%2FXtkxWKQ38wLsaDMydLHcdcaGdLMv9%2FRwcQPCyXEUZo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 8094f25f09dd364d-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 19 Sep 2023 16:30:22 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/ Frame AD50 379 KB
129 KB 102ms
101ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fd71256053f3bb91eca8b987eff43c3bbba168fb2c09ba8fcee04f7d5431a83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131559
x-xss-protection: 0
server: cafe
etag: 12670464520371071104
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Sep 2023 21:33:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame DBA0 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046732&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695159202633&bpp=295&bdt=248&idt=557&shv=r20230918&mjsv=m202309140101&ptt=5&saldr=sd&is_amp=1&correlator=54&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=2934163405&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31077698%2C44800659%2C44798323&oid=2&pvsid=3278015393583231&tmod=10187715&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w4v8eictjy61&fsb=1&dtd=573

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 17:26:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14805
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 17:26:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame DBA0 20 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 19:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5693
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Oct 2023 19:58:30 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DBA0 0
0 48ms
47ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTHjw9mGaDXe-D8zsWcqCLdXxWYd1WHhhNCMDcCzRC3L0Ii8nWxvbvX-Em13TdZEIUMbqAY6xx3vv4_qvIJ_sMTQjuRdQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046732&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695159202633&bpp=295&bdt=248&idt=557&shv=r20230918&mjsv=m202309140101&ptt=5&saldr=sd&is_amp=1&correlator=54&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=2934163405&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31077698%2C44800659%2C44798323&oid=2&pvsid=3278015393583231&tmod=10187715&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w4v8eictjy61&fsb=1&dtd=573
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DBA0 182 KB
57 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 21:33:23 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame C015 35 B
463 B 149ms
42ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPVKpvaYF2Pi-t-GUNer41g&google_cver=1&google_push=AXcoOmRsoakuvbM9LFVMIGCrDFNPzG-ItPNg-HH1Dj-TKssfdnTzGd6SujvmuUkEQoRfTPU7LoLXNayFJ75xgTxfY35uxVhcj0vP

Requested by

Host: 497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com
URL: https://497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 21:33:23 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C015
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEK-PUVr7IQMFRQ7JZ7sMIfc&google_cver=1&google_push=AXcoOmTi-wKjq0pXux8DgHcjxzvLUgAj1TCPHlyzUhcuH4MuiVCfWZhA4q8OeqVLTqwhTGdv-eu4GHn5VTsZENHY1gZr9QyOFA2F
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=69ABA07BFEA041508961D73AF1047730&google_push=AXcoOmTi-wKjq0pXux8DgHcjxzvLUgAj1TCPHlyzUhcuH4MuiVCfWZhA4q8OeqVLTqwhTGdv-eu4GHn5VTsZENH...

170 B
188 B

48ms
48ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=69ABA07BFEA041508961D73AF1047730&google_push=AXcoOmTi-wKjq0pXux8DgHcjxzvLUgAj1TCPHlyzUhcuH4MuiVCfWZhA4q8OeqVLTqwhTGdv-eu4GHn5VTsZENHY1gZr9QyOFA2F

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 21:33:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 19 Sep 2023 21:33:23 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=69ABA07BFEA041508961D73AF1047730&google_push=AXcoOmTi-wKjq0pXux8DgHcjxzvLUgAj1TCPHlyzUhcuH4MuiVCfWZhA4q8OeqVLTqwhTGdv-eu4GHn5VTsZENHY1gZr9QyOFA2F
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 18 Sep 2023 21:33:23 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame C015 70 B
264 B 60ms
57ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEArpLyWx2ofsKLkb2zPa4UY&google_cver=1&google_push=AXcoOmTjQfHLI1-r1EyuKSnrzv5_YPb0Z-VLBT6eT3UoD48icTEr3FifQ5w9knLEgUFCk5GyKqjja0H09pihRYi9DsMynibMYbB0
Requested by: Host: 497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com
URL: https://497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 19 Sep 2023 21:33:23 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C015
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEG3f_SlQc-ISN5KchSbkfiI&google_cver=1&google_push=AXcoOmRMg3z-wPOLIYafzOvFXveSnmDF2ef5gxgcjE8eB0TKmwOwGKUnHsHRbHzpRhxAJ0I2Q2xpADfWt7e...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRMg3z-wPOLIYafzOvFXveSnmDF2ef5gxgcjE8eB0TKmwOwGKUnHsHRbHzpRhxAJ0I2Q2xpADfWt7e43L40ZTZjuF7mq3L3&google_hm=16DkE-dYQFavRzRYet0TVGw

170 B
232 B

51ms
50ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRMg3z-wPOLIYafzOvFXveSnmDF2ef5gxgcjE8eB0TKmwOwGKUnHsHRbHzpRhxAJ0I2Q2xpADfWt7e43L40ZTZjuF7mq3L3&google_hm=16DkE-dYQFavRzRYet0TVGw

Requested by

Host: 497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com
URL: https://497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 21:33:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Sep 2023 21:33:23 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRMg3z-wPOLIYafzOvFXveSnmDF2ef5gxgcjE8eB0TKmwOwGKUnHsHRbHzpRhxAJ0I2Q2xpADfWt7e43L40ZTZjuF7mq3L3&google_hm=16DkE-dYQFavRzRYet0TVGw
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame C015 43 B
145 B 43ms
40ms Image
image/gif 18.197.176.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPPP-lJEJApxfGVL9KpcZ4U&google_cver=1&google_push=AXcoOmR1w2NRl8qmuNxxYicoBq3SSlhNbRVcq1ow5gDLxuT4OZuLsPEfrvQyxTpDEEMn3vS_yQASr2gPksAKyReYtOmAxNRlGHk0
Requested by: Host: 497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com
URL: https://497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.176.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-176-130.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C015
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEH430nkc0c6n-9GFBVSVM08&google_cver=1&google_push=AXcoOmSetsx4p_kGoshLtUmq3qIbhLmYOHcSdv2BM7t-oBO1v4IyZhriwpFK-0agBwzsUmd5SYT9FSqy...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEH430nkc0c6n-9GFBVSVM08&google_cver=1&google_push=AXcoOmSetsx4p_kGoshLtUmq3qIbhLmYOHcSdv2BM7t-oBO1v4IyZhriwpFK-0agBwzsUmd5SYT...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE5NTAxNzQyODUyNzYxMTU4OA&google_push=AXcoOmSetsx4p_kGoshLtUmq3qIbhLmYOHcSdv2BM7t-oBO1v4IyZhriwpFK-0agBwzsUmd5SYT9FS...

170 B
188 B

66ms
66ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE5NTAxNzQyODUyNzYxMTU4OA&google_push=AXcoOmSetsx4p_kGoshLtUmq3qIbhLmYOHcSdv2BM7t-oBO1v4IyZhriwpFK-0agBwzsUmd5SYT9FSqyohsFAOmEETTzKjGYSeo

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 21:33:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Sep 2023 21:33:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODE5NTAxNzQyODUyNzYxMTU4OA&google_push=AXcoOmSetsx4p_kGoshLtUmq3qIbhLmYOHcSdv2BM7t-oBO1v4IyZhriwpFK-0agBwzsUmd5SYT9FSqyohsFAOmEETTzKjGYSeo
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C015
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAdJZWlIMf6fxgEZY2-gncU&google_cver=1&google_push=AXcoOmR-UbPIa8Qw2ccBeV3TlisvcfSgRMx06DO3K46Pq7VJ8HKtDH7VT3NYtYbKNYNyg1tNjmeYp-_EyiWy...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR-UbPIa8Qw2ccBeV3TlisvcfSgRMx06DO3K46Pq7VJ8HKtDH7VT3NYtYbKNYNyg1tNjmeYp-_EyiWydAkg2vEgizZLtm4

170 B
188 B

49ms
49ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR-UbPIa8Qw2ccBeV3TlisvcfSgRMx06DO3K46Pq7VJ8HKtDH7VT3NYtYbKNYNyg1tNjmeYp-_EyiWydAkg2vEgizZLtm4

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 21:33:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR-UbPIa8Qw2ccBeV3TlisvcfSgRMx06DO3K46Pq7VJ8HKtDH7VT3NYtYbKNYNyg1tNjmeYp-_EyiWydAkg2vEgizZLtm4
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame C015 0
40 B 49ms
47ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JF6kk60BUHu_kN1yCNvGriQvBeHygvmLXA-apSgwdpo9ulv2Qy9KUKqJh2Es8B3TCI38mK

Requested by

Host: 497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com
URL: https://497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame A532 2 KB
3 KB 65ms
64ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1grbps6n4nmzgp6qkk682s0cd5wq5qzpkmqcxgg6qx4ap475dk02hw073ahq9xkc8r23jd5t7xc0mb3jc79awgwxqaxkkxdtwwm7g7yks7e6qb99evy7ggqzaywwgrre0vzpavamxhm1wzeaj4aqcfhjq0zcpf4evqvxe5q95nyvhqderdcx4a9ka06xjhg3g9wstqssqn887teqj612w7eapdjkkxy6q8a1vhs89s185swad1d50x4ppc23d877rst1mvwskqq8r51rx5mm27y9gnwbv565wqz19chn7hsgdfddp2p3hpx41vqpja77579fkym3nwvqwejzxnxz8e156cjxm9memhgdnp34zvpgn692y81azrbpzsxbnpj3w8gjvcbm25qts32483mwqbq281tp400yaye92n4jnqmshnz13p3wjbswfvt60sdrx0thzfw218&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD8N6oxMKZeCQE-Oi2OMPiZCusAKQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLQPwr2qOuxPqgDAcgDAqoEzQFP0Pwqc3bGeJBTeE58gb091-L4lM09MZi8UHtsbtanzuM-JlwHQgneLuF4Y0glS6-VPij5Zav66PL2SyreldPxK40ufV4vo9fMeZSx8PYIe87XaWODPdg6Tye4VdQYkPmg0gfuJD9L8ryFhqRj_W47sTJIyAXKHGmF1Cx7mwWE1MC9smgTmDSwIFl_4OUnP5cao-MvTyxwG-fCDCrkFoCneVOE9Rh93dof5SVg6SGQPqgrdwcnLLyiQQnQm5YXRB7XkFqXvctJlMNpARD0gAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2AkqO9FcVbaAXJSj0y1GrkzyxtGw%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad6d935aff08e961d9ca2f7ab8200530622c16a5f117cb45715095999cdbf27d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8094f25fabf937f5-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 21:33:23 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B0E1 1 KB
643 B 40ms
39ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 68670
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 02:28:53 GMT
etag: 48472445140208031
expires: Wed, 20 Sep 2023 02:28:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1256 0
0 85ms
84ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cs8g_oxMKZejbBcy9gAff7Li4DJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAvxC_Kni7LE-4AIAqAMByAMCqgSyAk_QeWu5L-EBq0UnNs5MeV_HrjCx65pJk7Mz0XpQgo9N53KJcKqVfWeVomdzDu8l9k-1MEMFfn_GVX19G5h5JTC9qj4e7ZmFNGOBaKJM9yUeL03dcV7qVrzcGGV_DdK1UrcUFDKSkaJgnFbasOJ5MJ0IuxyvzKeASpegRbF_xJsqWsWNkt4V2P7XN-Sm9QbI3PnAwKUqthgWw04gyC1W-PobwhrAtL7X1RaZcHCqae4mgSkKi2CMAuWsceXMW_EWDa0MlI-XxRwEX8lnxKgamceAq0WLtaQz2Q3ZyDSRzk5yxa8BIgrNu662OxexSJ25M7vsDxL0HCCjV4H_OHO3WlqSBLkr6nyMhx8tJLc82XViGc3WICdoXopsCOuZUK5kIUKY8-gcsDAU0u7gvyeg9tbUUOAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01ODg0Mjk0NDc5MzkxNjM4GJnSIQ&sigh=SmeraKw5I60&uach_m=[UACH]&cid=CAQSKQBpAlJWXKqwsRG1XF83185nZunWiXq_P75kQtTHhNHRunAFTHjTG0KoGAE&cbvp=2&vis=1
Requested by: Host: bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com
URL: https://bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 1256 0
103 B 148ms
49ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kkgkeaxy5ssbteh7fj86vfk01t8nne9vtqkppsmw1rtm9y5gjexm1tt0k6fqvkpa9g0v9n5nbgrd2847stf7sb9pwh7a3102dkr1f26a1b4719ehz67gkc695z4584kk1q8sz760005s6ryxm6w52jcmqj8zxbbs2zw04ptk8wxx7ck0pxprxsmjs526165a60wnbp7t5bk16t4br3qqha3r3akgktswx29h8ha5waegt0f0783t2e6e8nqe6w77131rzb9bm5a4kgddvp8wv5gxkzhdcef1w5r91eewahdtvfbn1hg43018y99hz1zrspzh7ntvf76xng7nxr5592t1y1qs64j2qeb0wjj085vjcqyqe84v4mhtak7qdy9cameffearq0rpy8&b=ZQoTowABbegK4B7MAA42X_C4VIMnyjwq6UZutA&cbvp=2
Requested by: Host: bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com
URL: https://bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 19 Sep 2023 21:33:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame DBA0 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7d6a5d91b552c6e2bea5a3cc86e97e1384de7b29c7ed4c3473da6be0e919d4a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 frame.html Show response
ad4m.at/ Frame 4437 2 KB
1 KB 51ms
50ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1845088
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 8094f2602cb437f5-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Tue, 19 Sep 2023 21:33:23 GMT
expires: Wed, 09 Aug 2023 01:00:19 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FPkgpgNGeS%2BgZ6BbUpi30iyAm4DNst1mJ8k2LSZrjGJTefJ4f6s7CwP0XhMBwI23Nv4Mu6AK%2FtDU9THanT7n5n%2BcHWo4RyfB6%2FWik5yRzSvJ4a%2B7MnbiDfG%2FmauD8pE2gC4uHvw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B7C0 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3Edd_A
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame A532 115 KB
14 KB 52ms
51ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1grbps6n4nmzgp6qkk682s0cd5wq5qzpkmqcxgg6qx4ap475dk02hw073ahq9xkc8r23jd5t7xc0mb3jc79awgwxqaxkkxdtwwm7g7yks7e6qb99evy7ggqzaywwgrre0vzpavamxhm1wzeaj4aqcfhjq0zcpf4evqvxe5q95nyvhqderdcx4a9ka06xjhg3g9wstqssqn887teqj612w7eapdjkkxy6q8a1vhs89s185swad1d50x4ppc23d877rst1mvwskqq8r51rx5mm27y9gnwbv565wqz19chn7hsgdfddp2p3hpx41vqpja77579fkym3nwvqwejzxnxz8e156cjxm9memhgdnp34zvpgn692y81azrbpzsxbnpj3w8gjvcbm25qts32483mwqbq281tp400yaye92n4jnqmshnz13p3wjbswfvt60sdrx0thzfw218&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD8N6oxMKZeCQE-Oi2OMPiZCusAKQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLQPwr2qOuxPqgDAcgDAqoEzQFP0Pwqc3bGeJBTeE58gb091-L4lM09MZi8UHtsbtanzuM-JlwHQgneLuF4Y0glS6-VPij5Zav66PL2SyreldPxK40ufV4vo9fMeZSx8PYIe87XaWODPdg6Tye4VdQYkPmg0gfuJD9L8ryFhqRj_W47sTJIyAXKHGmF1Cx7mwWE1MC9smgTmDSwIFl_4OUnP5cao-MvTyxwG-fCDCrkFoCneVOE9Rh93dof5SVg6SGQPqgrdwcnLLyiQQnQm5YXRB7XkFqXvctJlMNpARD0gAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2AkqO9FcVbaAXJSj0y1GrkzyxtGw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1grbps6n4nmzgp6qkk682s0cd5wq5qzpkmqcxgg6qx4ap475dk02hw073ahq9xkc8r23jd5t7xc0mb3jc79awgwxqaxkkxdtwwm7g7yks7e6qb99evy7ggqzaywwgrre0vzpavamxhm1wzeaj4aqcfhjq0zcpf4evqvxe5q95nyvhqderdcx4a9ka06xjhg3g9wstqssqn887teqj612w7eapdjkkxy6q8a1vhs89s185swad1d50x4ppc23d877rst1mvwskqq8r51rx5mm27y9gnwbv565wqz19chn7hsgdfddp2p3hpx41vqpja77579fkym3nwvqwejzxnxz8e156cjxm9memhgdnp34zvpgn692y81azrbpzsxbnpj3w8gjvcbm25qts32483mwqbq281tp400yaye92n4jnqmshnz13p3wjbswfvt60sdrx0thzfw218&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD8N6oxMKZeCQE-Oi2OMPiZCusAKQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLQPwr2qOuxPqgDAcgDAqoEzQFP0Pwqc3bGeJBTeE58gb091-L4lM09MZi8UHtsbtanzuM-JlwHQgneLuF4Y0glS6-VPij5Zav66PL2SyreldPxK40ufV4vo9fMeZSx8PYIe87XaWODPdg6Tye4VdQYkPmg0gfuJD9L8ryFhqRj_W47sTJIyAXKHGmF1Cx7mwWE1MC9smgTmDSwIFl_4OUnP5cao-MvTyxwG-fCDCrkFoCneVOE9Rh93dof5SVg6SGQPqgrdwcnLLyiQQnQm5YXRB7XkFqXvctJlMNpARD0gAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2AkqO9FcVbaAXJSj0y1GrkzyxtGw%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1694166205
age: 992610
cf-polished: origSize=118430
x-guploader-uploadid: ADPycdvRNDSrLsq4rFUBrYyffZGk57AlA6TL7aGiXTaN2eXe7Da_6kEdpo2XHnuDhOFVbuKqZ3BrvbcSkuQiB84ETmeFsA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 08 Sep 2023 09:43:56 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
x-goog-generation: 1694166236174866
content-type: text/css
x-goog-hash: crc32c=4fid0Q==, md5=SGUHzM6axYfRHA7z8yoQmg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWEgP2a73eO0YfmGtsXnpgTOGa%2B4hhh173qAcbtbelwFObK1KmllRPDuILx7iM3k6vtQT4z5SbWDmR9IeIfpTBLRy%2BUeJjluG%2FUIR%2B0Vw9v%2FcTN4KprC7XZVxDrbrukM09wJPZ6l3kM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 118430
cf-ray: 8094f2603cca37f5-FRA
expires: Tue, 19 Sep 2023 22:33:23 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame A532 25 KB
10 KB 91ms
90ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1grbps6n4nmzgp6qkk682s0cd5wq5qzpkmqcxgg6qx4ap475dk02hw073ahq9xkc8r23jd5t7xc0mb3jc79awgwxqaxkkxdtwwm7g7yks7e6qb99evy7ggqzaywwgrre0vzpavamxhm1wzeaj4aqcfhjq0zcpf4evqvxe5q95nyvhqderdcx4a9ka06xjhg3g9wstqssqn887teqj612w7eapdjkkxy6q8a1vhs89s185swad1d50x4ppc23d877rst1mvwskqq8r51rx5mm27y9gnwbv565wqz19chn7hsgdfddp2p3hpx41vqpja77579fkym3nwvqwejzxnxz8e156cjxm9memhgdnp34zvpgn692y81azrbpzsxbnpj3w8gjvcbm25qts32483mwqbq281tp400yaye92n4jnqmshnz13p3wjbswfvt60sdrx0thzfw218&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD8N6oxMKZeCQE-Oi2OMPiZCusAKQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLQPwr2qOuxPqgDAcgDAqoEzQFP0Pwqc3bGeJBTeE58gb091-L4lM09MZi8UHtsbtanzuM-JlwHQgneLuF4Y0glS6-VPij5Zav66PL2SyreldPxK40ufV4vo9fMeZSx8PYIe87XaWODPdg6Tye4VdQYkPmg0gfuJD9L8ryFhqRj_W47sTJIyAXKHGmF1Cx7mwWE1MC9smgTmDSwIFl_4OUnP5cao-MvTyxwG-fCDCrkFoCneVOE9Rh93dof5SVg6SGQPqgrdwcnLLyiQQnQm5YXRB7XkFqXvctJlMNpARD0gAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2AkqO9FcVbaAXJSj0y1GrkzyxtGw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 18171
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5l0HO%2BVapsOgR2%2Fb%2BxhRDGBq5EetR0oDbpQfl1ZVjNX5gtAMx0YhGv8AuSb5mEYKIA9Pv%2FFxa9hnLcDuiRAn2mKf75ynodOhBuFCJ2MU9GMA%2B4BO1iGRQbDBvBZshaaOkj38qfQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 8094f2603ccd37f5-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 19 Sep 2023 16:30:22 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B0E1
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEK-PUVr7IQMFRQ7JZ7sMIfc&google_cver=1&google_push=AXcoOmQJGF3Xgl05mo-sXJrTGlHgOeLH5YVALX_hmo5X6UexpCQYsNLTmXk5x88XGOx93OwzXOwd-dvapUEyWVPKR-SXxqELyxg-fG...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=69ABA07BFEA041508961D73AF1047730&google_push=AXcoOmQJGF3Xgl05mo-sXJrTGlHgOeLH5YVALX_hmo5X6UexpCQYsNLTmXk5x88XGOx93OwzXOwd-dvapUEyWVP...

170 B
188 B

120ms
120ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=69ABA07BFEA041508961D73AF1047730&google_push=AXcoOmQJGF3Xgl05mo-sXJrTGlHgOeLH5YVALX_hmo5X6UexpCQYsNLTmXk5x88XGOx93OwzXOwd-dvapUEyWVPKR-SXxqELyxg-fGiyFMS-gVHjLqNZ7JdyXT3iTomANMCa2Qc8PDyukdu8Fo0G9Rxf2thM

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 21:33:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 19 Sep 2023 21:33:23 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=69ABA07BFEA041508961D73AF1047730&google_push=AXcoOmQJGF3Xgl05mo-sXJrTGlHgOeLH5YVALX_hmo5X6UexpCQYsNLTmXk5x88XGOx93OwzXOwd-dvapUEyWVPKR-SXxqELyxg-fGiyFMS-gVHjLqNZ7JdyXT3iTomANMCa2Qc8PDyukdu8Fo0G9Rxf2thM
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 18 Sep 2023 21:33:23 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame B0E1 43 B
145 B 42ms
40ms Image
image/gif 18.197.176.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPPP-lJEJApxfGVL9KpcZ4U&google_cver=1&google_push=AXcoOmTGSkVyBSq1GiVEP24GsGvktwh7Mq-og1bwrt5yjXFRQ8QfaAQYxqdRA3N9MufY60SjpSpkvM8HRRHFV4TLkBLKnpEUWH6UCL19u6A49qbqu7rAIYd7JW1CR9yZw4IRnUVOWZIRbhdEfMnqa-wES3g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046732&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695159202633&bpp=295&bdt=248&idt=557&shv=r20230918&mjsv=m202309140101&ptt=5&saldr=sd&is_amp=1&correlator=54&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=2934163405&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31077698%2C44800659%2C44798323&oid=2&pvsid=3278015393583231&tmod=10187715&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w4v8eictjy61&fsb=1&dtd=573
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.176.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-176-130.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B0E1
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEF2ljgX3YTfMfpDTdLfDZhE&google_cver=1&google_push=AXcoOmRA4F2YWdkMZFaFX-a1mktf7maCun2misq6mdigJvP2uiEsP0gEmowvw3oaebK8a_vBS_Gb70MBAUzksRI9pmEsKZ4...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRA4F2YWdkMZFaFX-a1mktf7maCun2misq6mdigJvP2uiEsP0gEmowvw3oaebK8a_vBS_Gb70MBAUzksRI9pmEsKZ4cd1bHb0dZ67zKAntnLUbXIxUO3E6vFp1yjIt_T...

170 B
188 B

52ms
52ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRA4F2YWdkMZFaFX-a1mktf7maCun2misq6mdigJvP2uiEsP0gEmowvw3oaebK8a_vBS_Gb70MBAUzksRI9pmEsKZ4cd1bHb0dZ67zKAntnLUbXIxUO3E6vFp1yjIt_T07zujZEY7XOO9FFx-g4C_QH&google_hm=eS1GTVBITzlsRTJwRnloUE0yUXNJcm9Ddk9EY3BpaWhCU35B

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 21:33:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 19 Sep 2023 21:33:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRA4F2YWdkMZFaFX-a1mktf7maCun2misq6mdigJvP2uiEsP0gEmowvw3oaebK8a_vBS_Gb70MBAUzksRI9pmEsKZ4cd1bHb0dZ67zKAntnLUbXIxUO3E6vFp1yjIt_T07zujZEY7XOO9FFx-g4C_QH&google_hm=eS1GTVBITzlsRTJwRnloUE0yUXNJcm9Ddk9EY3BpaWhCU35B
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame B0E1 43 B
236 B 203ms
115ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEFhNfwl5wS1Wz61RK6hSdMw&google_cver=1&google_push=AXcoOmRF9ghliUvNeGqS2fPRekDBrROadDhCizrCHtMgDwTc4UeKhms97MyUWrR9qhD4w-rA8Co1UTl30JhSYXmWuRSsKdgQNU-GbDCy6f1wWBZB_GstnH5gypskH-JaGbGyiaJjrXmwpB7KP7AyneoFcHg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046732&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695159202633&bpp=295&bdt=248&idt=557&shv=r20230918&mjsv=m202309140101&ptt=5&saldr=sd&is_amp=1&correlator=54&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=2934163405&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31077698%2C44800659%2C44798323&oid=2&pvsid=3278015393583231&tmod=10187715&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w4v8eictjy61&fsb=1&dtd=573
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 21:33:24 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B0E1
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OxoQ3ssTRXq2nWPx2ksueg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

74ms
74ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OxoQ3ssTRXq2nWPx2ksueg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQ8H6il2wDED6vMhQAzLqzu4WRzMY_o-l1SGgRjGqaAQWfbDyhqDcs8Qe9boyYV7_NGQ4MrI8C1cL1-fc0V23bmMznKGiwty3tKhsNuh_QLCGzEI2RHO7_ET3UCl11M0pAD2_XB0hrnabDaiu7jHtPL

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 21:33:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=OxoQ3ssTRXq2nWPx2ksueg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQ8H6il2wDED6vMhQAzLqzu4WRzMY_o-l1SGgRjGqaAQWfbDyhqDcs8Qe9boyYV7_NGQ4MrI8C1cL1-fc0V23bmMznKGiwty3tKhsNuh_QLCGzEI2RHO7_ET3UCl11M0pAD2_XB0hrnabDaiu7jHtPL
date: Tue, 19 Sep 2023 21:33:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B0E1
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEDqF85HhqjeZo2OZTRd9SM&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEDqF85HhqjeZo2OZTRd9SM&google_push=AX...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEDqF85HhqjeZo2OZTRd9SM&google_hm=ZQoTpHMSLsPyb5hkf5sFpwAADOcAAAAB&google_nid=index&google_push=AXcoOmRuUDcNiJBNt_GaWdyTC9PLqkquFnGK8...

170 B
188 B

55ms
54ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEDqF85HhqjeZo2OZTRd9SM&google_hm=ZQoTpHMSLsPyb5hkf5sFpwAADOcAAAAB&google_nid=index&google_push=AXcoOmRuUDcNiJBNt_GaWdyTC9PLqkquFnGK86FpZGvlOwjHloPLrAMv9mi115bDC5m6VOyVZZrBcMnx0JKoFCDhM4vRcGNqEOkI0-Q1ukbuSa_cMrai8wLEe4mZvRYIYKN2F25tNUIWthub1nPOrIr8jes8

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 21:33:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Sep 2023 21:33:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MHsP2H5b%2BijQ45pzHOcGCu83YNU2mU96Zmfybm2AVOQC0Rt7zkJjs%2B4rIJI09o7Ck9aJ8QjnHTRMFQvLsQKIdbZkaOhRIfBkxlU800wU2I%2F%2FEVS67RJRb41SF%2FBUkUlC3javbVvcqVZFkw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEDqF85HhqjeZo2OZTRd9SM&google_hm=ZQoTpHMSLsPyb5hkf5sFpwAADOcAAAAB&google_nid=index&google_push=AXcoOmRuUDcNiJBNt_GaWdyTC9PLqkquFnGK86FpZGvlOwjHloPLrAMv9mi115bDC5m6VOyVZZrBcMnx0JKoFCDhM4vRcGNqEOkI0-Q1ukbuSa_cMrai8wLEe4mZvRYIYKN2F25tNUIWthub1nPOrIr8jes8
cache-control: no-cache
cf-ray: 8094f2637d449199-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame B0E1
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAdJZWlIMf6fxgEZY2-gncU&google_cver=1&google_push=AXcoOmR5Zn2mpVkFRXzvF9fIh20ICI_Qw6OZBqtuUCBlGJj3oOVGkVjxHIpvNaFy4HjdMsomQ7_WCYOPGNv...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmR5Zn2mpVkFRXzvF9fIh20ICI_Qw6OZBqtuUCBlGJj3oOVGkVjxHIpvNaFy4HjdMsomQ7_WCYOPGNvLmgN_R_LTjAA5vlQ70aYxwMnD6QY96FjqsPlF...
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

40ms
40ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 19 Sep 2023 21:33:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B0E1 0
12 B 48ms
47ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LzHDnxS8g1mi3NQT_BHWayTvYkfEncPTA4Utfdcq_PQX7dk86H4Vj45B-5E4EM817qKhSbQA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0DF0 0
10 B 40ms
39ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?BxlxYQ
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame AEDC 0
10 B 41ms
40ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?vDGZuA
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 07F4 603 B
65 B 294ms
293ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3568108137&adf=4198761067&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fe800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695159203392&bpp=301&bdt=174&idt=560&shv=r20230918&mjsv=m202309140101&ptt=5&saldr=sd&correlator=2839905337117&frm=8&ife=1&pv=2&ga_vid=1636855247.1695159204&ga_sid=1695159204&ga_hid=677166799&ga_fc=0&nhd=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1913803454&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759842%2C44759876%2C31077704%2C31077970%2C31077857&oid=2&pvsid=4384785029985644&tmod=657798248&uas=0&nvt=1&top=https%3A%2F%2Fwww.xgcartoon.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.9rxer3u5hdfq&fsb=1&dtd=574

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 21:33:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame A532 3 KB
4 KB 157ms
51ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 344
x-guploader-uploadid: ADPycdu_bETbAO3L7E3ZwmLe8QxiVBASGCjfRAxwlm_tkXJYko3jNEaJxZb3LISJ1TPqVw-ds5Su5eyQQRqdQCYhbG3a5A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
last-modified: Tue, 21 Jun 2022 12:31:17 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1655814677405990
content-type: image/png
content-language: en
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HeRUSQlpFbde%2Foa6E3Ja09%2B5J9zCv3FdeePJL%2FppTI6ksejQ1odGfsZNDXmy512tgvEBoookxz71mG0KvIepdMb0Ey9xy%2BrZZTBc7MdJqC1x82n8oQaHoC5JpJSaxtRW0YSgy79UiM3SvTQmAdLYCLNO"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 8094f261ea143633-FRA
expires: Tue, 19 Sep 2023 21:35:44 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame ADCC 2 KB
1 KB 56ms
55ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1845089
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 8094f2614e3337f5-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Tue, 19 Sep 2023 21:33:24 GMT
expires: Wed, 09 Aug 2023 01:00:19 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xAPPMrEvkBJWLf%2B28yVk0ZgEviB15tZ1QgXHAUCovWyaaW8BOYXoLGRh8eOjiLGydw774RAxtXqNevqJOeOhPRzZipM18IU9HRKBH93wwDgf3Yh9Uk95Nw9MsKnCElZhsdmLYzM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame AD34 2 KB
2 KB 66ms
66ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbb4712db1f4a180095df35bd472e3f012e57cc18c61b588e3dbd699ee01fa14

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 19 Sep 2023 21:33:24 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Fi%2F3w3%2BcW8T5GVWjg%2Bqi4QBf3isbfd7OTVoMfN2moWAsdZQI2GepV945gtiXPvshgCixHdlXc4bVmVg5quqUjQlnSM7krjqeJ5s0DM%2B1f0vdL6ZtSBgUgFCh6AR6qjdj4KNqqM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 8094f2621d02382c-FRA
x-backend-server: aa-reachservice-group-europe-west1-5ggx
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 126ms
80ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8094f2619c70382c-FRA
content-length: 24
content-type: text/plain
date: Tue, 19 Sep 2023 21:33:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7qax%2B2VmAfkJoXoXs%2BVJNK0E%2BZ6bwoHhhkoevpTDinC54l3mceTsTOlpieUdYRan%2B2kKqMNfL%2B051w0lqtbD9AWGIy3OA6foXC3%2BNB83gDNI5HNhyz1QeIjOShhqTgUwEzfavA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-5ggx

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 63ms
62ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8094f261bc9a382c-FRA
content-length: 24
content-type: text/plain
date: Tue, 19 Sep 2023 21:33:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfY5OgZK6skhN5oqCNROzkscunv77gmb%2FdO9BB54pSVAQZ5k%2BE2UBnniAbxG9%2B2CWXhQzUJ4aQhbYrYfLq3oiZ5NwTBeWReOqLg0F3FP5a3OZzI0hfJZyyvaU7Ss6JEDZ3FaZPk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-5ggx

POST
H3 200 rs Show response
ad4m.at/ Frame A532 1 KB
2 KB 69ms
68ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e8daf2a992c1665964e5e6a11a6ab31b376102dff62058576ca996b6793d3d2

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 19 Sep 2023 21:33:24 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9%2BO3F5Zr7VNwiYRzVcCYb%2BzAH%2FJA%2BWQi8KqfxKID2tPGpXUxUwyZ6PJ%2BAJCnHd3Be91x5v9%2BP5OygsToEYKIaLVWyXKuW8aySvCeql8HpXcJMhLGY1Qfhh%2BHHZcAjESEVLZUpo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 8094f2621d08382c-FRA
x-backend-server: aa-reachservice-group-europe-west1-5ggx
alt-svc: h3=":443"; ma=86400

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 490E 42 B
64 B 80ms
79ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsufc57cMU4kFUqMS7UREF-WNu4Rojs5Cm_BKOi1LZDkH6CeXR1v8eCrH_BxytImSW7TPUKOa5VsmtIHXKs0J_feBCg3St0eZC7WLqvKyOCnfa6yuqg10GsMfG5om-z5rTbItWtCqNEroqpUEG32rCkiReV8hFVnTZ-2Z8oGHTXqYbH-9RuBSgvHDUTdEXrjeW_O1WJ3Dn5STD91blAATKkBpLHGRP74PROmsEgDqb2Yiiv4ai-OMNl_NU_xbNmT-UE1jKDcR4BckS7SwFHX582BPI-42MKi65TIDzVybIXeLNBS0LgZYBQXobwOdbXlNr1Psbbt7xkkpiHmb63S7M-dmtNQS1KENFCNbJtdFqtzvo_2_qJN1pqxMnoWc7O4xA-GC2kK-WUAy3xicZF8iZS4lMXRRSvLp7MYZB_SFjcEtAEcVcplUCOn3O_7emX57wjaiBPI9RWNyQBvCIe6b8a8lUWTKG7inwxAoLRYUjZ0IL5RJNiT--Inoz-4ZcMZBny3A21ofAHKFITsoid0NNsBB9EIkJ6tg1UMe_H5rQnS7wQCmn9VOgQ-kEXypOY1MJlBQ2ZpYTQw5WH87i6ec51FpsxET_t42QK2do7XzH6BCK37TfMiSimvFKfPnjwOggFcwMCszejq-ph75m3fpawCwIceNUBb8dtybyEFv0G6ySTuA5aVj0AUM6tZrKYt_DUuC4Q8OtoSKl30ra7laeKXAJ-AYOdNOe4OY1j0STmD2xSLd6kAJI9Cf6mHfxj97aRSXgMaE_13wGHbQPHFsa3vpEF64w48fSBKq7FxxiVuguRPS_AVXGw9wfP34PR3P7elDJ21CVdWWBdxlcPxhf0dAGGlYVqZivVSndCpX56cWuJLRncKb_2SAslZXqg9Um1Kmn4IAWJdNF2cE0K_y6BM2B2QMKTK4bbDXJ5pEMHeklboN6KjdZXtfIUf9GxNQ3QTZlcyqvCyc50vY8WP6zrISlnvKHpu6henXlcrfkArdiXQ1E1v4SbrT4jVzdLeeKgQzRjkaOZr1mblSB1teCC7-ajZ8xFAdsgHdt7N3gSaUHpBxM0pnZ77THJk4hiq991x-Sbag-L7IZNup0DyTrOtbnh9KzqStgq4e7sbbyQ8aAEUl3LMGmtzCeFisHmUj3k96hAyg_w2BTl-ZzKB0275wthAms-E2fQ8lSzodGqhUZMLOF49Wvhn-_YnuKksoV6zSXxEj0aqR-4p52WwsP_OJ9KpkJi8EyfYG_tYNie_awbjpkovGILC6evNPlPj3uO0fUjCDy2Qe_dgC19K-M1T6sg2GStjvWlSw0nYII-2arzBaU-L5hvjY61MpcyXUq86oyzxfRW-65uj7gvK2ksvZ6vS1xTjQJHgwsVMyY2W1_DEOcoF&sai=AMfl-YQ4a0RBjnVDr5t1SqMHEkfLDvbxq8ZlOdcn0yYqrJUwdCxssqwlQXf8NWCS1Sh8giU8sndB-gkA6lw2Qa8yPsiEDemED7yjEQ&sig=Cg0ArKJSzB2bXrt9Mw-WEAE&cid=CAQSGwBpAlJWcM_UAPD0stGJn4RB16DudVcnDd5_QRgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230913&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1412529771&rs=1&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695159202268&rpt=881&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Sep 2023 21:33:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DBA0 0
19 B 82ms
81ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CC2MqoxMKZeCQE-Oi2OMPiZCusAKQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLQPwr2qOuxPqgDAcgDAqoEygFP0Pwqc3bGeJBTeE58gb091-L4lM09MZi8UHtsbtanzuM-JlwHQgneLuF4Y0glS6-VPij5Zav66PL2SyreldPxK40ufV4vo9fMeZSx8PYIe87XaWODPdg6Tye4VdQYkPmg0gfuJD9L8ryFhqRj_W47sTJIyAXKHGmF1Cx7mwWE1MC9smgTmDSwIFl_4OUnP5cao-MvTyxwG-fCDCrkFoCneVOE9Vp__EjIHKIgIabYqHJi5fUeOLYPSyfIRhbVDYwvBES7pR6VC4OhgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTg4NDI5NDQ3OTM5MTYzOBiZ0iE&sigh=aTT6wVRfdyI&uach_m=[UACH]&cid=CAQSKQBpAlJWG2-BieSheI5Un2h41KdrKmvcnvMf5qJoT0acLarZ8eFehsv4GAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046732&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695159202633&bpp=295&bdt=248&idt=557&shv=r20230918&mjsv=m202309140101&ptt=5&saldr=sd&is_amp=1&correlator=54&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=2934163405&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31077698%2C44800659%2C44798323&oid=2&pvsid=3278015393583231&tmod=10187715&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w4v8eictjy61&fsb=1&dtd=573
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 19 Sep 2023 21:33:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame DBA0 0
39 B 52ms
49ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jf3dw45y08hftaeghjktcvz4a9r449j4mcx1ex70dc25r5hg17akafev3azwn6rj8wkb3417dt378ktnbntns60fty0rq6xczybx3ney8vh03pcjapthgtp29mbe2paj1p09yy4a0rawbxbny8dtrjgm6v7addzcy6vr35vkr0rfnfzaadcp3gg0m2tvenyz2afz07jnxf1vn19fw8gpgrs857c7tgthgaqgbktd9qwc0r25erq9q3pmb7pncna7v5gs6w2z8k0jxxxs861g2v5qjr6j69skkwsddq4npr9je1tqx5e0y31w93g4zkmh13g11x8w7tv8v9009nc8g6hyh25btv29vn7p8mfjkt4ef4qvvyx6t9a46qpzcafzvaxxccmc5b1228&b=ZQoTowAEyGAGdhFjAAuICYg8M4p9ARjocg8IBA&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046732&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695159202633&bpp=295&bdt=248&idt=557&shv=r20230918&mjsv=m202309140101&ptt=5&saldr=sd&is_amp=1&correlator=54&frm=24&ife=2&pv=2&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=2934163405&scr_x=-12245933&scr_y=-12245933&eid=44759842%2C44759875%2C44759926%2C31077698%2C44800659%2C44798323&oid=2&pvsid=3278015393583231&tmod=10187715&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.w4v8eictjy61&fsb=1&dtd=573
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 19 Sep 2023 21:33:24 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 279F 9 KB
4 KB 66ms
64ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=117569%2C195016%2C15579&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=300&d=250&e=&g=4658bd69ca303d73d2299f2e79cd6f2e%2F7936394491961583521&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1695159204165&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hamsqpzc10b5hch8h90me23t0npkkyp7kwanarkbkq4m6wkasymj0wty6s7xhe12wksbt2nggxkfbjpn0p77dat8ac8svr25y7dp5vrfx2at71cdvr0wbff6pp4wt5sm9fh82qm19s7thjynkxcawmd8gky2v5mckecpjpdav5fdqthdptqe57vxj8b4mje09tdrdmx2a7cmajfey9z12gzgk01dq5dbmtynfd2dda6ce6j6fctp2gr1knxyyxkvkj24gfk2b9ry3hn29drqqm8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClQUmoxMKZejbBcy9gAff7Li4DJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAvxC_Kni7LE-4AIAqAMByAMCqgS1Ak_QeWu5L-EBq0UnNs5MeV_HrjCx65pJk7Mz0XpQgo9N53KJcKqVfWeVomdzDu8l9k-1MEMFfn_GVX19G5h5JTC9qj4e7ZmFNGOBaKJM9yUeL03dcV7qVrzcGGV_DdK1UrcUFDKSkaJgnFbasOJ5MJ0IuxyvzKeASpegRbF_xJsqWsWNkt4V2P7XN-Sm9QbI3PnAwKUqthgWw04gyC1W-PobwhrAtL7X1RaZcHCqae4mgSkKi2CMAuWsceXMW_EWDa0MlI-XxRwEX8lnxKgamceAq0WLtaQz2Q3ZyDSRzk5yxa8BIgrNu662OxexSJ25M7vsDxL0HCCjV4H_OHO3WlqSBLkr6nyMhx8tJLd-21TwzjRRYO_vFhy2QXlrabpujEi26zWccnmGKnr-kz91KkmUmNgLNuAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3gTmDX4p-uhR3rpVQTp1QNS5YpUQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b518dfddbe5e4efd902999777989736f263dc72fbba8e7c7a6f0b13769c2f7c2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hpsv6fgs42jnssbn4jee6xtfwtz6tmr03vcj7mhkbf9fgxq9evb4z2qc5h802rq4b8gtajas3etp848r63khy901fnnr48hq2svgy2q6stan4pkqxv3kqey4szrere7s1q3szkx71gyr11ah72nqxffzn0j2weewbv5yw97mn0n3vjn9y4e2p8gxk9fa0114mvca6n7jcnvca198hc3yr4mjdh98zf4f0ye39egc7qydft1zd9kmw1e1x6gb4m8g015q0v7yqwk4z277e0qdgcpqgc3pt4p1wp9na67w3qhw0yg7k9r5bbfv5vdzavg2az6z8w52321kn06mycj2mwcvw7fp7ejs2bkg79d39t5xkzgz9qwbysr00j3prbq3xeqfsedf94evtenrmt75041cmw85k9v5tejw8r9330s4k414sy8wvxccj88n4j1a1gm46w578&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClQUmoxMKZejbBcy9gAff7Li4DJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAvxC_Kni7LE-4AIAqAMByAMCqgS1Ak_QeWu5L-EBq0UnNs5MeV_HrjCx65pJk7Mz0XpQgo9N53KJcKqVfWeVomdzDu8l9k-1MEMFfn_GVX19G5h5JTC9qj4e7ZmFNGOBaKJM9yUeL03dcV7qVrzcGGV_DdK1UrcUFDKSkaJgnFbasOJ5MJ0IuxyvzKeASpegRbF_xJsqWsWNkt4V2P7XN-Sm9QbI3PnAwKUqthgWw04gyC1W-PobwhrAtL7X1RaZcHCqae4mgSkKi2CMAuWsceXMW_EWDa0MlI-XxRwEX8lnxKgamceAq0WLtaQz2Q3ZyDSRzk5yxa8BIgrNu662OxexSJ25M7vsDxL0HCCjV4H_OHO3WlqSBLkr6nyMhx8tJLd-21TwzjRRYO_vFhy2QXlrabpujEi26zWccnmGKnr-kz91KkmUmNgLNuAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gTmDX4p-uhR3rpVQTp1QNS5YpUQ%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8094f2629ffc37f5-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 21:33:24 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 999E 12 KB
4 KB 73ms
72ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14019%2C197862%2C175059&b=3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CkkDa5f3fdjzGh4HwHetBtXYGdsZSjTmmAa91Ye&f=WPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CzGDuRfYfqe1wCpHBHMtJCPV4BtVSwTQQ8fGm3k&c=120&d=600&e=&g=92771391067931a9aa325ff2a34a5352%2F12837300214234493813&i=21596%2C71725%2C65915&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1695159204169&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjpk72tvd1016c37ac44309vtp6j9pnb74cafbdf36jytqgjz6zz9cxhfa67b0ryfvay71d6y0beh6n6wp3eyprtkj3wvgy8nhrvm94xjdqt6wftx78gys8d3pb1b10f84gt08s6z2ynhv3zesz8d4dvgsc5vpz4y5fanxe2hzkq4d92m6re1xyhmzzck4h96za2hd7yhmp4k82em75bkxsg2af5rbk4qgfc4f3hwyqgzcabzhz558w66zpb7xc53ay579dv6jksc8zvtmf95jw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCD8N6oxMKZeCQE-Oi2OMPiZCusAKQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLQPwr2qOuxPqgDAcgDAqoEzQFP0Pwqc3bGeJBTeE58gb091-L4lM09MZi8UHtsbtanzuM-JlwHQgneLuF4Y0glS6-VPij5Zav66PL2SyreldPxK40ufV4vo9fMeZSx8PYIe87XaWODPdg6Tye4VdQYkPmg0gfuJD9L8ryFhqRj_W47sTJIyAXKHGmF1Cx7mwWE1MC9smgTmDSwIFl_4OUnP5cao-MvTyxwG-fCDCrkFoCneVOE9Rh93dof5SVg6SGQPqgrdwcnLLyiQQnQm5YXRB7XkFqXvctJlMNpARD0gAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2AkqO9FcVbaAXJSj0y1GrkzyxtGw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15075ae3b79fc0c8e783744266ebd423b2d9c08f6517ae837b6db78bbab74994

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1grbps6n4nmzgp6qkk682s0cd5wq5qzpkmqcxgg6qx4ap475dk02hw073ahq9xkc8r23jd5t7xc0mb3jc79awgwxqaxkkxdtwwm7g7yks7e6qb99evy7ggqzaywwgrre0vzpavamxhm1wzeaj4aqcfhjq0zcpf4evqvxe5q95nyvhqderdcx4a9ka06xjhg3g9wstqssqn887teqj612w7eapdjkkxy6q8a1vhs89s185swad1d50x4ppc23d877rst1mvwskqq8r51rx5mm27y9gnwbv565wqz19chn7hsgdfddp2p3hpx41vqpja77579fkym3nwvqwejzxnxz8e156cjxm9memhgdnp34zvpgn692y81azrbpzsxbnpj3w8gjvcbm25qts32483mwqbq281tp400yaye92n4jnqmshnz13p3wjbswfvt60sdrx0thzfw218&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCD8N6oxMKZeCQE-Oi2OMPiZCusAKQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLQPwr2qOuxPqgDAcgDAqoEzQFP0Pwqc3bGeJBTeE58gb091-L4lM09MZi8UHtsbtanzuM-JlwHQgneLuF4Y0glS6-VPij5Zav66PL2SyreldPxK40ufV4vo9fMeZSx8PYIe87XaWODPdg6Tye4VdQYkPmg0gfuJD9L8ryFhqRj_W47sTJIyAXKHGmF1Cx7mwWE1MC9smgTmDSwIFl_4OUnP5cao-MvTyxwG-fCDCrkFoCneVOE9Rh93dof5SVg6SGQPqgrdwcnLLyiQQnQm5YXRB7XkFqXvctJlMNpARD0gAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2AkqO9FcVbaAXJSj0y1GrkzyxtGw%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8094f262a81937f5-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 21:33:24 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AD50 0
0 78ms
77ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssPH_OjQKRh17_OL7-Pk27BR_zOHFC2DBtg3x2_21ID59G2-YVtqWsrhwLmWvMwDL0V6hJRHN1OabiZosOM_a-YCyKipWndtSIJb2zi-lcfuqofocpRhs413yJ9P6lzyVf-2lmzEwMH_tfFJQtTy_MdJAAMxqF7gjct3Wvjsiyf-VJ2qXpnU_iQhFnji8zL6RDz7U2sNibtcPQH-dznp9xMy8UqhoQbFDSmJj6s9QXGskVPjKe6cPUBSf8yp3aoG3XTQc9Q9YGZ4xqV3Y9tETOeKUsIO4ZuEalJpPlJV_QMdVkhaFNrBdTT845O60OohrasdNqYJlKmcoHwPnpRc6jAtIS1sI7JFPZHP67RW9sZHQ&sai=AMfl-YRolfCAECejwBeergiKpaQ2hfhn7fZ631W9pfAYLbwnVmwUCCMAQFyT4uqKRCYDN6KZuzVyuYEK3TCozV9hW19bQT7Z_4xV7UN-ug&sig=Cg0ArKJSzOvdZWeQYCQtEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Sep 2023 21:33:24 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame AD50 16 KB
12 KB 90ms
89ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230918&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfc6cfc4606af0660bf69fc1b6a6721d1f14f0ef2e3027e7e704515d7d88a620

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12013
x-xss-protection: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame 279F 115 KB
14 KB 53ms
52ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C15579&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=300&d=250&e=&g=4658bd69ca303d73d2299f2e79cd6f2e%2F7936394491961583521&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1695159204165&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hamsqpzc10b5hch8h90me23t0npkkyp7kwanarkbkq4m6wkasymj0wty6s7xhe12wksbt2nggxkfbjpn0p77dat8ac8svr25y7dp5vrfx2at71cdvr0wbff6pp4wt5sm9fh82qm19s7thjynkxcawmd8gky2v5mckecpjpdav5fdqthdptqe57vxj8b4mje09tdrdmx2a7cmajfey9z12gzgk01dq5dbmtynfd2dda6ce6j6fctp2gr1knxyyxkvkj24gfk2b9ry3hn29drqqm8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClQUmoxMKZejbBcy9gAff7Li4DJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAvxC_Kni7LE-4AIAqAMByAMCqgS1Ak_QeWu5L-EBq0UnNs5MeV_HrjCx65pJk7Mz0XpQgo9N53KJcKqVfWeVomdzDu8l9k-1MEMFfn_GVX19G5h5JTC9qj4e7ZmFNGOBaKJM9yUeL03dcV7qVrzcGGV_DdK1UrcUFDKSkaJgnFbasOJ5MJ0IuxyvzKeASpegRbF_xJsqWsWNkt4V2P7XN-Sm9QbI3PnAwKUqthgWw04gyC1W-PobwhrAtL7X1RaZcHCqae4mgSkKi2CMAuWsceXMW_EWDa0MlI-XxRwEX8lnxKgamceAq0WLtaQz2Q3ZyDSRzk5yxa8BIgrNu662OxexSJ25M7vsDxL0HCCjV4H_OHO3WlqSBLkr6nyMhx8tJLd-21TwzjRRYO_vFhy2QXlrabpujEi26zWccnmGKnr-kz91KkmUmNgLNuAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3gTmDX4p-uhR3rpVQTp1QNS5YpUQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C15579&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=300&d=250&e=&g=4658bd69ca303d73d2299f2e79cd6f2e%2F7936394491961583521&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1695159204165&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hamsqpzc10b5hch8h90me23t0npkkyp7kwanarkbkq4m6wkasymj0wty6s7xhe12wksbt2nggxkfbjpn0p77dat8ac8svr25y7dp5vrfx2at71cdvr0wbff6pp4wt5sm9fh82qm19s7thjynkxcawmd8gky2v5mckecpjpdav5fdqthdptqe57vxj8b4mje09tdrdmx2a7cmajfey9z12gzgk01dq5dbmtynfd2dda6ce6j6fctp2gr1knxyyxkvkj24gfk2b9ry3hn29drqqm8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClQUmoxMKZejbBcy9gAff7Li4DJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAvxC_Kni7LE-4AIAqAMByAMCqgS1Ak_QeWu5L-EBq0UnNs5MeV_HrjCx65pJk7Mz0XpQgo9N53KJcKqVfWeVomdzDu8l9k-1MEMFfn_GVX19G5h5JTC9qj4e7ZmFNGOBaKJM9yUeL03dcV7qVrzcGGV_DdK1UrcUFDKSkaJgnFbasOJ5MJ0IuxyvzKeASpegRbF_xJsqWsWNkt4V2P7XN-Sm9QbI3PnAwKUqthgWw04gyC1W-PobwhrAtL7X1RaZcHCqae4mgSkKi2CMAuWsceXMW_EWDa0MlI-XxRwEX8lnxKgamceAq0WLtaQz2Q3ZyDSRzk5yxa8BIgrNu662OxexSJ25M7vsDxL0HCCjV4H_OHO3WlqSBLkr6nyMhx8tJLd-21TwzjRRYO_vFhy2QXlrabpujEi26zWccnmGKnr-kz91KkmUmNgLNuAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3gTmDX4p-uhR3rpVQTp1QNS5YpUQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1694166205
age: 992611
cf-polished: origSize=118430
x-guploader-uploadid: ADPycdvRNDSrLsq4rFUBrYyffZGk57AlA6TL7aGiXTaN2eXe7Da_6kEdpo2XHnuDhOFVbuKqZ3BrvbcSkuQiB84ETmeFsA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 08 Sep 2023 09:43:56 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
x-goog-generation: 1694166236174866
content-type: text/css
x-goog-hash: crc32c=4fid0Q==, md5=SGUHzM6axYfRHA7z8yoQmg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XlTz1yhgeOcGYIA3EM7kBpJ7zJHi0dwuBvQ6Z4Gnnwa15Tsnp%2FyN6tFHdvV6S30Of4gQJhRPmTGOV30FrcGGrLnDnbYrlrzfTJj3o3rbvVXuHJh9KuYqLvoIuUPVkODk6Pt%2FAQp0xS4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 118430
cf-ray: 8094f263089637f5-FRA
expires: Tue, 19 Sep 2023 22:33:24 GMT

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 279F 2 KB
3 KB 115ms
90ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C15579&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=300&d=250&e=&g=4658bd69ca303d73d2299f2e79cd6f2e%2F7936394491961583521&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1695159204165&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hamsqpzc10b5hch8h90me23t0npkkyp7kwanarkbkq4m6wkasymj0wty6s7xhe12wksbt2nggxkfbjpn0p77dat8ac8svr25y7dp5vrfx2at71cdvr0wbff6pp4wt5sm9fh82qm19s7thjynkxcawmd8gky2v5mckecpjpdav5fdqthdptqe57vxj8b4mje09tdrdmx2a7cmajfey9z12gzgk01dq5dbmtynfd2dda6ce6j6fctp2gr1knxyyxkvkj24gfk2b9ry3hn29drqqm8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClQUmoxMKZejbBcy9gAff7Li4DJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAvxC_Kni7LE-4AIAqAMByAMCqgS1Ak_QeWu5L-EBq0UnNs5MeV_HrjCx65pJk7Mz0XpQgo9N53KJcKqVfWeVomdzDu8l9k-1MEMFfn_GVX19G5h5JTC9qj4e7ZmFNGOBaKJM9yUeL03dcV7qVrzcGGV_DdK1UrcUFDKSkaJgnFbasOJ5MJ0IuxyvzKeASpegRbF_xJsqWsWNkt4V2P7XN-Sm9QbI3PnAwKUqthgWw04gyC1W-PobwhrAtL7X1RaZcHCqae4mgSkKi2CMAuWsceXMW_EWDa0MlI-XxRwEX8lnxKgamceAq0WLtaQz2Q3ZyDSRzk5yxa8BIgrNu662OxexSJ25M7vsDxL0HCCjV4H_OHO3WlqSBLkr6nyMhx8tJLd-21TwzjRRYO_vFhy2QXlrabpujEi26zWccnmGKnr-kz91KkmUmNgLNuAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3gTmDX4p-uhR3rpVQTp1QNS5YpUQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 790955
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQAYgfSdRfVpCxJNwsdkUQMoHVm0YKCYMGtty296XfUjYsVPxRdthEn4JTWdZvLtk%2Bbyl2r8hSnCp8I9kNI3YDfjEi%2Fpl9nXXw30tFh21Ig8y%2FhNBh9GMvBSFXuJuiGRJ9wE9Uh5wJy4MEpl"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8094f2632ff4364d-FRA
expires: Wed, 20 Sep 2023 21:33:24 GMT

GET
H2 200 B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame 279F 253 KB
254 KB 112ms
90ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C15579&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=300&d=250&e=&g=4658bd69ca303d73d2299f2e79cd6f2e%2F7936394491961583521&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1695159204165&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hamsqpzc10b5hch8h90me23t0npkkyp7kwanarkbkq4m6wkasymj0wty6s7xhe12wksbt2nggxkfbjpn0p77dat8ac8svr25y7dp5vrfx2at71cdvr0wbff6pp4wt5sm9fh82qm19s7thjynkxcawmd8gky2v5mckecpjpdav5fdqthdptqe57vxj8b4mje09tdrdmx2a7cmajfey9z12gzgk01dq5dbmtynfd2dda6ce6j6fctp2gr1knxyyxkvkj24gfk2b9ry3hn29drqqm8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClQUmoxMKZejbBcy9gAff7Li4DJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAvxC_Kni7LE-4AIAqAMByAMCqgS1Ak_QeWu5L-EBq0UnNs5MeV_HrjCx65pJk7Mz0XpQgo9N53KJcKqVfWeVomdzDu8l9k-1MEMFfn_GVX19G5h5JTC9qj4e7ZmFNGOBaKJM9yUeL03dcV7qVrzcGGV_DdK1UrcUFDKSkaJgnFbasOJ5MJ0IuxyvzKeASpegRbF_xJsqWsWNkt4V2P7XN-Sm9QbI3PnAwKUqthgWw04gyC1W-PobwhrAtL7X1RaZcHCqae4mgSkKi2CMAuWsceXMW_EWDa0MlI-XxRwEX8lnxKgamceAq0WLtaQz2Q3ZyDSRzk5yxa8BIgrNu662OxexSJ25M7vsDxL0HCCjV4H_OHO3WlqSBLkr6nyMhx8tJLd-21TwzjRRYO_vFhy2QXlrabpujEi26zWccnmGKnr-kz91KkmUmNgLNuAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3gTmDX4p-uhR3rpVQTp1QNS5YpUQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 159313
cf-polished: origFmt=png, origSize=431531
alt-svc: h3=":443"; ma=86400
content-length: 259252
cf-bgj: imgq:85,h2pri
last-modified: Fri, 16 Jun 2023 10:20:07 GMT
server: cloudflare
etag: "16f7fe8ce7119ba0f513f8179ecb2d3a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmNKfajGljZMGgwymm8ZnlDKEfo6xC9M3qpHmRkMc8Fgiagrpe4bUuVBjQTysLsjlUxg7LwWDQTBe76PyURsRV8kwG%2BbnMJ9rBrPJ6cYu1l99dWi%2B1bERVyd5hy20LQxO%2B1eskznHMgr5aVf"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8094f2632fef364d-FRA
expires: Wed, 20 Sep 2023 21:33:24 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 279F 43 B
704 B 207ms
107ms Image
image/gif 23.56.205.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C15579&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=300&d=250&e=&g=4658bd69ca303d73d2299f2e79cd6f2e%2F7936394491961583521&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1695159204165&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hamsqpzc10b5hch8h90me23t0npkkyp7kwanarkbkq4m6wkasymj0wty6s7xhe12wksbt2nggxkfbjpn0p77dat8ac8svr25y7dp5vrfx2at71cdvr0wbff6pp4wt5sm9fh82qm19s7thjynkxcawmd8gky2v5mckecpjpdav5fdqthdptqe57vxj8b4mje09tdrdmx2a7cmajfey9z12gzgk01dq5dbmtynfd2dda6ce6j6fctp2gr1knxyyxkvkj24gfk2b9ry3hn29drqqm8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClQUmoxMKZejbBcy9gAff7Li4DJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAvxC_Kni7LE-4AIAqAMByAMCqgS1Ak_QeWu5L-EBq0UnNs5MeV_HrjCx65pJk7Mz0XpQgo9N53KJcKqVfWeVomdzDu8l9k-1MEMFfn_GVX19G5h5JTC9qj4e7ZmFNGOBaKJM9yUeL03dcV7qVrzcGGV_DdK1UrcUFDKSkaJgnFbasOJ5MJ0IuxyvzKeASpegRbF_xJsqWsWNkt4V2P7XN-Sm9QbI3PnAwKUqthgWw04gyC1W-PobwhrAtL7X1RaZcHCqae4mgSkKi2CMAuWsceXMW_EWDa0MlI-XxRwEX8lnxKgamceAq0WLtaQz2Q3ZyDSRzk5yxa8BIgrNu662OxexSJ25M7vsDxL0HCCjV4H_OHO3WlqSBLkr6nyMhx8tJLd-21TwzjRRYO_vFhy2QXlrabpujEi26zWccnmGKnr-kz91KkmUmNgLNuAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3gTmDX4p-uhR3rpVQTp1QNS5YpUQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-205-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Sep 2023 21:33:24 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 279F 53 KB
54 KB 109ms
88ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C15579&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=300&d=250&e=&g=4658bd69ca303d73d2299f2e79cd6f2e%2F7936394491961583521&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1695159204165&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hamsqpzc10b5hch8h90me23t0npkkyp7kwanarkbkq4m6wkasymj0wty6s7xhe12wksbt2nggxkfbjpn0p77dat8ac8svr25y7dp5vrfx2at71cdvr0wbff6pp4wt5sm9fh82qm19s7thjynkxcawmd8gky2v5mckecpjpdav5fdqthdptqe57vxj8b4mje09tdrdmx2a7cmajfey9z12gzgk01dq5dbmtynfd2dda6ce6j6fctp2gr1knxyyxkvkj24gfk2b9ry3hn29drqqm8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClQUmoxMKZejbBcy9gAff7Li4DJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAvxC_Kni7LE-4AIAqAMByAMCqgS1Ak_QeWu5L-EBq0UnNs5MeV_HrjCx65pJk7Mz0XpQgo9N53KJcKqVfWeVomdzDu8l9k-1MEMFfn_GVX19G5h5JTC9qj4e7ZmFNGOBaKJM9yUeL03dcV7qVrzcGGV_DdK1UrcUFDKSkaJgnFbasOJ5MJ0IuxyvzKeASpegRbF_xJsqWsWNkt4V2P7XN-Sm9QbI3PnAwKUqthgWw04gyC1W-PobwhrAtL7X1RaZcHCqae4mgSkKi2CMAuWsceXMW_EWDa0MlI-XxRwEX8lnxKgamceAq0WLtaQz2Q3ZyDSRzk5yxa8BIgrNu662OxexSJ25M7vsDxL0HCCjV4H_OHO3WlqSBLkr6nyMhx8tJLd-21TwzjRRYO_vFhy2QXlrabpujEi26zWccnmGKnr-kz91KkmUmNgLNuAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3gTmDX4p-uhR3rpVQTp1QNS5YpUQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2606237
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400
content-length: 54564
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LewM%2FqmtQ8pM5wTvPi9YipbYy4I7xulQ3CWL29EF4TXUPe4iCqDInX%2B%2BSnODf3CyYhILKsRIv85IW7NbIVHTYwTkO7DI0Hr3rJs%2BsiR6Tc6ycUBGZApbatMZf80cSAiIBBRY8gSQkvcGiHwn"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8094f2632fed364d-FRA
expires: Wed, 20 Sep 2023 21:33:24 GMT

GET
H2 200 0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
assets.ad4m.at/ Frame 279F 22 KB
23 KB 112ms
92ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C15579&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=300&d=250&e=&g=4658bd69ca303d73d2299f2e79cd6f2e%2F7936394491961583521&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1695159204165&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hamsqpzc10b5hch8h90me23t0npkkyp7kwanarkbkq4m6wkasymj0wty6s7xhe12wksbt2nggxkfbjpn0p77dat8ac8svr25y7dp5vrfx2at71cdvr0wbff6pp4wt5sm9fh82qm19s7thjynkxcawmd8gky2v5mckecpjpdav5fdqthdptqe57vxj8b4mje09tdrdmx2a7cmajfey9z12gzgk01dq5dbmtynfd2dda6ce6j6fctp2gr1knxyyxkvkj24gfk2b9ry3hn29drqqm8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClQUmoxMKZejbBcy9gAff7Li4DJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAvxC_Kni7LE-4AIAqAMByAMCqgS1Ak_QeWu5L-EBq0UnNs5MeV_HrjCx65pJk7Mz0XpQgo9N53KJcKqVfWeVomdzDu8l9k-1MEMFfn_GVX19G5h5JTC9qj4e7ZmFNGOBaKJM9yUeL03dcV7qVrzcGGV_DdK1UrcUFDKSkaJgnFbasOJ5MJ0IuxyvzKeASpegRbF_xJsqWsWNkt4V2P7XN-Sm9QbI3PnAwKUqthgWw04gyC1W-PobwhrAtL7X1RaZcHCqae4mgSkKi2CMAuWsceXMW_EWDa0MlI-XxRwEX8lnxKgamceAq0WLtaQz2Q3ZyDSRzk5yxa8BIgrNu662OxexSJ25M7vsDxL0HCCjV4H_OHO3WlqSBLkr6nyMhx8tJLd-21TwzjRRYO_vFhy2QXlrabpujEi26zWccnmGKnr-kz91KkmUmNgLNuAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3gTmDX4p-uhR3rpVQTp1QNS5YpUQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f73dbf0c52edb570d0ad16efccefa6a5f8d053719c2cc827cd69148fede6aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 432251
cf-polished: qual=85, origFmt=jpeg, origSize=60344
alt-svc: h3=":443"; ma=86400
content-length: 22974
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Mar 2023 22:26:34 GMT
server: cloudflare
etag: "06609266defcd14ec685b2464aeced2e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oV40cCsD%2F1kc7ROpIRqFDnsfAUXi4wOQ9j2hObhras3v0cbXJCi8Baq%2Bx4SJY21NcW0cP8pjLuDCAvJFoCMQgwZYUJ5SFacysAttHaVGvTVPaJVSeXrhoDKJQQHJQfrGmJPHxqJjvXhBkRl7"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8094f2632ff2364d-FRA
expires: Wed, 20 Sep 2023 21:33:24 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 279F
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CI7B35HQt4EDFZ-R_Qcd7cgCIg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023091923332588983589163X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=202309...

49 B
1 KB

169ms
54ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023091923332588983589163X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023091923332588983589163X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C15579&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=300&d=250&e=&g=4658bd69ca303d73d2299f2e79cd6f2e%2F7936394491961583521&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1695159204165&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hamsqpzc10b5hch8h90me23t0npkkyp7kwanarkbkq4m6wkasymj0wty6s7xhe12wksbt2nggxkfbjpn0p77dat8ac8svr25y7dp5vrfx2at71cdvr0wbff6pp4wt5sm9fh82qm19s7thjynkxcawmd8gky2v5mckecpjpdav5fdqthdptqe57vxj8b4mje09tdrdmx2a7cmajfey9z12gzgk01dq5dbmtynfd2dda6ce6j6fctp2gr1knxyyxkvkj24gfk2b9ry3hn29drqqm8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClQUmoxMKZejbBcy9gAff7Li4DJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAvxC_Kni7LE-4AIAqAMByAMCqgS1Ak_QeWu5L-EBq0UnNs5MeV_HrjCx65pJk7Mz0XpQgo9N53KJcKqVfWeVomdzDu8l9k-1MEMFfn_GVX19G5h5JTC9qj4e7ZmFNGOBaKJM9yUeL03dcV7qVrzcGGV_DdK1UrcUFDKSkaJgnFbasOJ5MJ0IuxyvzKeASpegRbF_xJsqWsWNkt4V2P7XN-Sm9QbI3PnAwKUqthgWw04gyC1W-PobwhrAtL7X1RaZcHCqae4mgSkKi2CMAuWsceXMW_EWDa0MlI-XxRwEX8lnxKgamceAq0WLtaQz2Q3ZyDSRzk5yxa8BIgrNu662OxexSJ25M7vsDxL0HCCjV4H_OHO3WlqSBLkr6nyMhx8tJLd-21TwzjRRYO_vFhy2QXlrabpujEi26zWccnmGKnr-kz91KkmUmNgLNuAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3gTmDX4p-uhR3rpVQTp1QNS5YpUQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Tue, 19 Sep 2023 21:33:25 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023091923332588983589163X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023091923332588983589163X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218
date: Tue, 19 Sep 2023 21:33:25 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 279F 10 KB
10 KB 69ms
49ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C15579&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=300&d=250&e=&g=4658bd69ca303d73d2299f2e79cd6f2e%2F7936394491961583521&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1695159204165&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hamsqpzc10b5hch8h90me23t0npkkyp7kwanarkbkq4m6wkasymj0wty6s7xhe12wksbt2nggxkfbjpn0p77dat8ac8svr25y7dp5vrfx2at71cdvr0wbff6pp4wt5sm9fh82qm19s7thjynkxcawmd8gky2v5mckecpjpdav5fdqthdptqe57vxj8b4mje09tdrdmx2a7cmajfey9z12gzgk01dq5dbmtynfd2dda6ce6j6fctp2gr1knxyyxkvkj24gfk2b9ry3hn29drqqm8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClQUmoxMKZejbBcy9gAff7Li4DJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAvxC_Kni7LE-4AIAqAMByAMCqgS1Ak_QeWu5L-EBq0UnNs5MeV_HrjCx65pJk7Mz0XpQgo9N53KJcKqVfWeVomdzDu8l9k-1MEMFfn_GVX19G5h5JTC9qj4e7ZmFNGOBaKJM9yUeL03dcV7qVrzcGGV_DdK1UrcUFDKSkaJgnFbasOJ5MJ0IuxyvzKeASpegRbF_xJsqWsWNkt4V2P7XN-Sm9QbI3PnAwKUqthgWw04gyC1W-PobwhrAtL7X1RaZcHCqae4mgSkKi2CMAuWsceXMW_EWDa0MlI-XxRwEX8lnxKgamceAq0WLtaQz2Q3ZyDSRzk5yxa8BIgrNu662OxexSJ25M7vsDxL0HCCjV4H_OHO3WlqSBLkr6nyMhx8tJLd-21TwzjRRYO_vFhy2QXlrabpujEi26zWccnmGKnr-kz91KkmUmNgLNuAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3gTmDX4p-uhR3rpVQTp1QNS5YpUQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 784951
cf-polished: qual=85, origFmt=jpeg, origSize=58124
alt-svc: h3=":443"; ma=86400
content-length: 9782
cf-bgj: imgq:85,h2pri
last-modified: Fri, 08 Jul 2022 10:19:52 GMT
server: cloudflare
etag: "b4342e277c43aad9c5020a04564bfd1e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EiT38zQ6qm4AzyGBq0yBUhZCxVvJxZF3A2EIV%2FGIYdYbJHRZEcTYYEkbkPRHY95kk5E%2BtdUu1FbOc1kPf6uehUtRhjcXT3SrMnoWhg47p%2B%2FaZe4Z30X%2BGYyhaVllRrMVugwmAKGJbhgHK0hO"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8094f2632ff0364d-FRA
expires: Wed, 20 Sep 2023 21:33:24 GMT

GET
H2 200 60E988674A375A0D248F79BE73B17558F6DE13BA7BD626BA3ECE3CE45F1E8D4E2A797E05335FDF754A97E81953DCE8924DA57CE77B35FA4F8DC239219DA96769
assets.ad4m.at/ Frame 279F 62 KB
62 KB 68ms
50ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/60E988674A375A0D248F79BE73B17558F6DE13BA7BD626BA3ECE3CE45F1E8D4E2A797E05335FDF754A97E81953DCE8924DA57CE77B35FA4F8DC239219DA96769
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C15579&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2Cbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2C3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3&c=300&d=250&e=&g=4658bd69ca303d73d2299f2e79cd6f2e%2F7936394491961583521&i=29981%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1695159204165&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hamsqpzc10b5hch8h90me23t0npkkyp7kwanarkbkq4m6wkasymj0wty6s7xhe12wksbt2nggxkfbjpn0p77dat8ac8svr25y7dp5vrfx2at71cdvr0wbff6pp4wt5sm9fh82qm19s7thjynkxcawmd8gky2v5mckecpjpdav5fdqthdptqe57vxj8b4mje09tdrdmx2a7cmajfey9z12gzgk01dq5dbmtynfd2dda6ce6j6fctp2gr1knxyyxkvkj24gfk2b9ry3hn29drqqm8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DClQUmoxMKZejbBcy9gAff7Li4DJDhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAvxC_Kni7LE-4AIAqAMByAMCqgS1Ak_QeWu5L-EBq0UnNs5MeV_HrjCx65pJk7Mz0XpQgo9N53KJcKqVfWeVomdzDu8l9k-1MEMFfn_GVX19G5h5JTC9qj4e7ZmFNGOBaKJM9yUeL03dcV7qVrzcGGV_DdK1UrcUFDKSkaJgnFbasOJ5MJ0IuxyvzKeASpegRbF_xJsqWsWNkt4V2P7XN-Sm9QbI3PnAwKUqthgWw04gyC1W-PobwhrAtL7X1RaZcHCqae4mgSkKi2CMAuWsceXMW_EWDa0MlI-XxRwEX8lnxKgamceAq0WLtaQz2Q3ZyDSRzk5yxa8BIgrNu662OxexSJ25M7vsDxL0HCCjV4H_OHO3WlqSBLkr6nyMhx8tJLd-21TwzjRRYO_vFhy2QXlrabpujEi26zWccnmGKnr-kz91KkmUmNgLNuAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3gTmDX4p-uhR3rpVQTp1QNS5YpUQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d3f315f9c2ca9ab147e1c1ab30c5791e09115bc12b4e06cf821796ab12d33db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1924039
cf-polished: qual=85, origFmt=jpeg, origSize=147073
alt-svc: h3=":443"; ma=86400
content-length: 63400
cf-bgj: imgq:85,h2pri
last-modified: Wed, 26 Apr 2023 15:04:55 GMT
server: cloudflare
etag: "e44a44957fe69adf713d422ccd04196f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OsRELk0Mu%2B9GTR32UR%2BFpgDDI1K0ISNNBSCjmxSd%2FmrKFN%2BI%2FuvAAAd1a77q37ign8e7MHyk8m5l05SjkrECeRGduBLz30Zt9XaoJqcYawAEES0ttaQj6KcaU0cY1tBOMtZKQ7Gr6Xt8%2Beld"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8094f2632feb364d-FRA
expires: Wed, 20 Sep 2023 21:33:24 GMT

GET
H/1.1 200
OK 2aed39855b5f46b7d90f959867be60f8
pv.medialead.de/trck/epv/ Frame 279F 0
466 B 453ms
310ms Image
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQPoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Tue, 19 Sep 2023 21:33:24 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Host: pv.medialead.de
X-IPLB-Request-ID: 50FF076C:A1FA_91EFC182:01BB_650A13A4_15A9F4C0:B82B
X-IPLB-Instance: 40028
Vary: Origin
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Request-ID
Access-Control-Allow-Credentials: true
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame 999E 115 KB
14 KB 53ms
52ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C197862%2C175059&b=3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CkkDa5f3fdjzGh4HwHetBtXYGdsZSjTmmAa91Ye&f=WPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CzGDuRfYfqe1wCpHBHMtJCPV4BtVSwTQQ8fGm3k&c=120&d=600&e=&g=92771391067931a9aa325ff2a34a5352%2F12837300214234493813&i=21596%2C71725%2C65915&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1695159204169&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjpk72tvd1016c37ac44309vtp6j9pnb74cafbdf36jytqgjz6zz9cxhfa67b0ryfvay71d6y0beh6n6wp3eyprtkj3wvgy8nhrvm94xjdqt6wftx78gys8d3pb1b10f84gt08s6z2ynhv3zesz8d4dvgsc5vpz4y5fanxe2hzkq4d92m6re1xyhmzzck4h96za2hd7yhmp4k82em75bkxsg2af5rbk4qgfc4f3hwyqgzcabzhz558w66zpb7xc53ay579dv6jksc8zvtmf95jw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCD8N6oxMKZeCQE-Oi2OMPiZCusAKQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLQPwr2qOuxPqgDAcgDAqoEzQFP0Pwqc3bGeJBTeE58gb091-L4lM09MZi8UHtsbtanzuM-JlwHQgneLuF4Y0glS6-VPij5Zav66PL2SyreldPxK40ufV4vo9fMeZSx8PYIe87XaWODPdg6Tye4VdQYkPmg0gfuJD9L8ryFhqRj_W47sTJIyAXKHGmF1Cx7mwWE1MC9smgTmDSwIFl_4OUnP5cao-MvTyxwG-fCDCrkFoCneVOE9Rh93dof5SVg6SGQPqgrdwcnLLyiQQnQm5YXRB7XkFqXvctJlMNpARD0gAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2AkqO9FcVbaAXJSj0y1GrkzyxtGw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=14019%2C197862%2C175059&b=3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CkkDa5f3fdjzGh4HwHetBtXYGdsZSjTmmAa91Ye&f=WPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CzGDuRfYfqe1wCpHBHMtJCPV4BtVSwTQQ8fGm3k&c=120&d=600&e=&g=92771391067931a9aa325ff2a34a5352%2F12837300214234493813&i=21596%2C71725%2C65915&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1695159204169&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjpk72tvd1016c37ac44309vtp6j9pnb74cafbdf36jytqgjz6zz9cxhfa67b0ryfvay71d6y0beh6n6wp3eyprtkj3wvgy8nhrvm94xjdqt6wftx78gys8d3pb1b10f84gt08s6z2ynhv3zesz8d4dvgsc5vpz4y5fanxe2hzkq4d92m6re1xyhmzzck4h96za2hd7yhmp4k82em75bkxsg2af5rbk4qgfc4f3hwyqgzcabzhz558w66zpb7xc53ay579dv6jksc8zvtmf95jw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCD8N6oxMKZeCQE-Oi2OMPiZCusAKQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLQPwr2qOuxPqgDAcgDAqoEzQFP0Pwqc3bGeJBTeE58gb091-L4lM09MZi8UHtsbtanzuM-JlwHQgneLuF4Y0glS6-VPij5Zav66PL2SyreldPxK40ufV4vo9fMeZSx8PYIe87XaWODPdg6Tye4VdQYkPmg0gfuJD9L8ryFhqRj_W47sTJIyAXKHGmF1Cx7mwWE1MC9smgTmDSwIFl_4OUnP5cao-MvTyxwG-fCDCrkFoCneVOE9Rh93dof5SVg6SGQPqgrdwcnLLyiQQnQm5YXRB7XkFqXvctJlMNpARD0gAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2AkqO9FcVbaAXJSj0y1GrkzyxtGw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1694166205
age: 992611
cf-polished: origSize=118430
x-guploader-uploadid: ADPycdvRNDSrLsq4rFUBrYyffZGk57AlA6TL7aGiXTaN2eXe7Da_6kEdpo2XHnuDhOFVbuKqZ3BrvbcSkuQiB84ETmeFsA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 08 Sep 2023 09:43:56 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
x-goog-generation: 1694166236174866
content-type: text/css
x-goog-hash: crc32c=4fid0Q==, md5=SGUHzM6axYfRHA7z8yoQmg==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KIKFFHE82WenDEKZjAFtKMwKN6ozAA6bZDakGsj94AVop5qggbxQ9xEHK0zFITv8zOPsuBAmdk0rNRDOfSnNleBeIFbT6GIOWIib9pegBdCluuHaRAsB%2BFCF5GDP5sDKy010QryCBkI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 118430
cf-ray: 8094f26318ba37f5-FRA
expires: Tue, 19 Sep 2023 22:33:24 GMT

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 999E 44 KB
44 KB 98ms
89ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C197862%2C175059&b=3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CkkDa5f3fdjzGh4HwHetBtXYGdsZSjTmmAa91Ye&f=WPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CzGDuRfYfqe1wCpHBHMtJCPV4BtVSwTQQ8fGm3k&c=120&d=600&e=&g=92771391067931a9aa325ff2a34a5352%2F12837300214234493813&i=21596%2C71725%2C65915&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1695159204169&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjpk72tvd1016c37ac44309vtp6j9pnb74cafbdf36jytqgjz6zz9cxhfa67b0ryfvay71d6y0beh6n6wp3eyprtkj3wvgy8nhrvm94xjdqt6wftx78gys8d3pb1b10f84gt08s6z2ynhv3zesz8d4dvgsc5vpz4y5fanxe2hzkq4d92m6re1xyhmzzck4h96za2hd7yhmp4k82em75bkxsg2af5rbk4qgfc4f3hwyqgzcabzhz558w66zpb7xc53ay579dv6jksc8zvtmf95jw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCD8N6oxMKZeCQE-Oi2OMPiZCusAKQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLQPwr2qOuxPqgDAcgDAqoEzQFP0Pwqc3bGeJBTeE58gb091-L4lM09MZi8UHtsbtanzuM-JlwHQgneLuF4Y0glS6-VPij5Zav66PL2SyreldPxK40ufV4vo9fMeZSx8PYIe87XaWODPdg6Tye4VdQYkPmg0gfuJD9L8ryFhqRj_W47sTJIyAXKHGmF1Cx7mwWE1MC9smgTmDSwIFl_4OUnP5cao-MvTyxwG-fCDCrkFoCneVOE9Rh93dof5SVg6SGQPqgrdwcnLLyiQQnQm5YXRB7XkFqXvctJlMNpARD0gAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2AkqO9FcVbaAXJSj0y1GrkzyxtGw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167096
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:85,h2pri
last-modified: Tue, 17 Jan 2023 14:45:52 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hvAnLb46NE5nPk%2BcxgKsLf5ZMf470Ka7eGR5wMWrkFig1uX%2B7Fj3UhgYtDwccuesXJUFqxyF9%2BiWBuTMaeo3XVaj9scxCFs%2FoAxGGB%2FNq37uGo34PR701NHDqdUgUkXrscbVjO9rFkV7KzwX"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8094f2632ff5364d-FRA
expires: Wed, 20 Sep 2023 21:33:24 GMT

GET
H2 200 809A17869665BC2442C85C79071F874D279E10AD5A86AE0D4E9E4675B3B2990B582EB8C5DC232E59854D169A2BAE7D6FD3BFE1D9A66864681803B10449FB6A8A
assets.ad4m.at/ Frame 999E 699 KB
701 KB 94ms
91ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/809A17869665BC2442C85C79071F874D279E10AD5A86AE0D4E9E4675B3B2990B582EB8C5DC232E59854D169A2BAE7D6FD3BFE1D9A66864681803B10449FB6A8A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C197862%2C175059&b=3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CkkDa5f3fdjzGh4HwHetBtXYGdsZSjTmmAa91Ye&f=WPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CzGDuRfYfqe1wCpHBHMtJCPV4BtVSwTQQ8fGm3k&c=120&d=600&e=&g=92771391067931a9aa325ff2a34a5352%2F12837300214234493813&i=21596%2C71725%2C65915&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1695159204169&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjpk72tvd1016c37ac44309vtp6j9pnb74cafbdf36jytqgjz6zz9cxhfa67b0ryfvay71d6y0beh6n6wp3eyprtkj3wvgy8nhrvm94xjdqt6wftx78gys8d3pb1b10f84gt08s6z2ynhv3zesz8d4dvgsc5vpz4y5fanxe2hzkq4d92m6re1xyhmzzck4h96za2hd7yhmp4k82em75bkxsg2af5rbk4qgfc4f3hwyqgzcabzhz558w66zpb7xc53ay579dv6jksc8zvtmf95jw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCD8N6oxMKZeCQE-Oi2OMPiZCusAKQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLQPwr2qOuxPqgDAcgDAqoEzQFP0Pwqc3bGeJBTeE58gb091-L4lM09MZi8UHtsbtanzuM-JlwHQgneLuF4Y0glS6-VPij5Zav66PL2SyreldPxK40ufV4vo9fMeZSx8PYIe87XaWODPdg6Tye4VdQYkPmg0gfuJD9L8ryFhqRj_W47sTJIyAXKHGmF1Cx7mwWE1MC9smgTmDSwIFl_4OUnP5cao-MvTyxwG-fCDCrkFoCneVOE9Rh93dof5SVg6SGQPqgrdwcnLLyiQQnQm5YXRB7XkFqXvctJlMNpARD0gAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2AkqO9FcVbaAXJSj0y1GrkzyxtGw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4b8cd0d6d8c57ef39e1bb5cff8557261b3b2f640656680a72e421471032d841

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2089719
cf-polished: origFmt=png, origSize=1123807
alt-svc: h3=":443"; ma=86400
content-length: 716228
cf-bgj: imgq:85,h2pri
last-modified: Wed, 26 Jul 2023 14:19:55 GMT
server: cloudflare
etag: "5f84457cb2289c51e589af098eed3611"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rmCmTNvVjuyrk4YyCtuvKARboNeZJ9XjMFw0LFaC3bTL1Lv6ZjAG8Tgo9FJ374aEg7JKHI9jZy1nLfnhVDJaw3OS0AYUwytyI23gw2MyvhM%2F0fVx2AY5gHecA8XEKXWmS4vjSmJQSyw3DL25"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8094f2632ff7364d-FRA
expires: Wed, 20 Sep 2023 21:33:24 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame 999E
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1695159204_29b41e11-5734-11ee-898e-223287d3f473&insert=AW&&gdpr=0&gdpr_consent=

0
494 B

166ms
52ms

Image
text/html

2606:4700::6810:c0cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1695159204_29b41e11-5734-11ee-898e-223287d3f473&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C197862%2C175059&b=3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CkkDa5f3fdjzGh4HwHetBtXYGdsZSjTmmAa91Ye&f=WPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CzGDuRfYfqe1wCpHBHMtJCPV4BtVSwTQQ8fGm3k&c=120&d=600&e=&g=92771391067931a9aa325ff2a34a5352%2F12837300214234493813&i=21596%2C71725%2C65915&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1695159204169&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjpk72tvd1016c37ac44309vtp6j9pnb74cafbdf36jytqgjz6zz9cxhfa67b0ryfvay71d6y0beh6n6wp3eyprtkj3wvgy8nhrvm94xjdqt6wftx78gys8d3pb1b10f84gt08s6z2ynhv3zesz8d4dvgsc5vpz4y5fanxe2hzkq4d92m6re1xyhmzzck4h96za2hd7yhmp4k82em75bkxsg2af5rbk4qgfc4f3hwyqgzcabzhz558w66zpb7xc53ay579dv6jksc8zvtmf95jw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCD8N6oxMKZeCQE-Oi2OMPiZCusAKQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLQPwr2qOuxPqgDAcgDAqoEzQFP0Pwqc3bGeJBTeE58gb091-L4lM09MZi8UHtsbtanzuM-JlwHQgneLuF4Y0glS6-VPij5Zav66PL2SyreldPxK40ufV4vo9fMeZSx8PYIe87XaWODPdg6Tye4VdQYkPmg0gfuJD9L8ryFhqRj_W47sTJIyAXKHGmF1Cx7mwWE1MC9smgTmDSwIFl_4OUnP5cao-MvTyxwG-fCDCrkFoCneVOE9Rh93dof5SVg6SGQPqgrdwcnLLyiQQnQm5YXRB7XkFqXvctJlMNpARD0gAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2AkqO9FcVbaAXJSj0y1GrkzyxtGw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6810:c0cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:24 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
cf-ray: 8094f2652829929f-FRA
content-length: 0
expires: -1

Redirect headers

Date: Tue, 19 Sep 2023 21:33:24 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1695159204_29b41e11-5734-11ee-898e-223287d3f473&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
assets.ad4m.at/logo/ Frame 999E 32 KB
33 KB 95ms
92ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C197862%2C175059&b=3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CkkDa5f3fdjzGh4HwHetBtXYGdsZSjTmmAa91Ye&f=WPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CzGDuRfYfqe1wCpHBHMtJCPV4BtVSwTQQ8fGm3k&c=120&d=600&e=&g=92771391067931a9aa325ff2a34a5352%2F12837300214234493813&i=21596%2C71725%2C65915&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1695159204169&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjpk72tvd1016c37ac44309vtp6j9pnb74cafbdf36jytqgjz6zz9cxhfa67b0ryfvay71d6y0beh6n6wp3eyprtkj3wvgy8nhrvm94xjdqt6wftx78gys8d3pb1b10f84gt08s6z2ynhv3zesz8d4dvgsc5vpz4y5fanxe2hzkq4d92m6re1xyhmzzck4h96za2hd7yhmp4k82em75bkxsg2af5rbk4qgfc4f3hwyqgzcabzhz558w66zpb7xc53ay579dv6jksc8zvtmf95jw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCD8N6oxMKZeCQE-Oi2OMPiZCusAKQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLQPwr2qOuxPqgDAcgDAqoEzQFP0Pwqc3bGeJBTeE58gb091-L4lM09MZi8UHtsbtanzuM-JlwHQgneLuF4Y0glS6-VPij5Zav66PL2SyreldPxK40ufV4vo9fMeZSx8PYIe87XaWODPdg6Tye4VdQYkPmg0gfuJD9L8ryFhqRj_W47sTJIyAXKHGmF1Cx7mwWE1MC9smgTmDSwIFl_4OUnP5cao-MvTyxwG-fCDCrkFoCneVOE9Rh93dof5SVg6SGQPqgrdwcnLLyiQQnQm5YXRB7XkFqXvctJlMNpARD0gAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2AkqO9FcVbaAXJSj0y1GrkzyxtGw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ac477d8785a4c9ef373969dd3f047e310bfb60d77bc518593795177bd131227

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1047955
cf-polished: origFmt=png, origSize=60352
alt-svc: h3=":443"; ma=86400
content-length: 32982
cf-bgj: imgq:85,h2pri
last-modified: Fri, 28 Jul 2023 11:40:29 GMT
server: cloudflare
etag: "0c5d451d92738dcd96474c734dc5b7c8"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=076fcg7OUCjeVjmujJpl8QEKPlEkksNdO0quWeNXIa4fXyxs8lG8qwI63mX2GUeRbkS8x1jIo2sIXElKeb8iMq2N5n4gUiBhCScXOp%2FRbXZ4yDgvozlMcTB%2Bhgp8OJ08bKBcTjPAUULaGBjM"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8094f2632ff8364d-FRA
expires: Wed, 20 Sep 2023 21:33:24 GMT

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 999E 91 KB
91 KB 94ms
91ms Image
image/png 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C197862%2C175059&b=3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CkkDa5f3fdjzGh4HwHetBtXYGdsZSjTmmAa91Ye&f=WPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CzGDuRfYfqe1wCpHBHMtJCPV4BtVSwTQQ8fGm3k&c=120&d=600&e=&g=92771391067931a9aa325ff2a34a5352%2F12837300214234493813&i=21596%2C71725%2C65915&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1695159204169&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjpk72tvd1016c37ac44309vtp6j9pnb74cafbdf36jytqgjz6zz9cxhfa67b0ryfvay71d6y0beh6n6wp3eyprtkj3wvgy8nhrvm94xjdqt6wftx78gys8d3pb1b10f84gt08s6z2ynhv3zesz8d4dvgsc5vpz4y5fanxe2hzkq4d92m6re1xyhmzzck4h96za2hd7yhmp4k82em75bkxsg2af5rbk4qgfc4f3hwyqgzcabzhz558w66zpb7xc53ay579dv6jksc8zvtmf95jw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCD8N6oxMKZeCQE-Oi2OMPiZCusAKQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLQPwr2qOuxPqgDAcgDAqoEzQFP0Pwqc3bGeJBTeE58gb091-L4lM09MZi8UHtsbtanzuM-JlwHQgneLuF4Y0glS6-VPij5Zav66PL2SyreldPxK40ufV4vo9fMeZSx8PYIe87XaWODPdg6Tye4VdQYkPmg0gfuJD9L8ryFhqRj_W47sTJIyAXKHGmF1Cx7mwWE1MC9smgTmDSwIFl_4OUnP5cao-MvTyxwG-fCDCrkFoCneVOE9Rh93dof5SVg6SGQPqgrdwcnLLyiQQnQm5YXRB7XkFqXvctJlMNpARD0gAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2AkqO9FcVbaAXJSj0y1GrkzyxtGw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2512172
cf-polished: origSize=105738, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 92686
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZMjI6jBdOD1nbEbho2TpX7xpuFjGUarnY2%2F%2Bl5CDU4PPmo9aqlfOQ0D7eNCTX7hUH64AmLOWxsbJ6t94R49TrDu%2BjsE0V15qrV6FFkt5TvHzUmxzagnKZUFiF36OlF4J%2BaAUGLmHHvsD10uR"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8094f2632ff9364d-FRA
expires: Wed, 20 Sep 2023 21:33:24 GMT

GET
H2 200 807FC0314300FD3D7EA2A3865EB887A86EFDAC77BDFCACB7C49E7904A10BC6EE8F804F370DD32A67945E13F906FCB6989AB80F264BEC5568EF9AABD964B68990
assets.ad4m.at/logo/ Frame 999E 6 KB
6 KB 97ms
94ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/807FC0314300FD3D7EA2A3865EB887A86EFDAC77BDFCACB7C49E7904A10BC6EE8F804F370DD32A67945E13F906FCB6989AB80F264BEC5568EF9AABD964B68990
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C197862%2C175059&b=3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CkkDa5f3fdjzGh4HwHetBtXYGdsZSjTmmAa91Ye&f=WPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CzGDuRfYfqe1wCpHBHMtJCPV4BtVSwTQQ8fGm3k&c=120&d=600&e=&g=92771391067931a9aa325ff2a34a5352%2F12837300214234493813&i=21596%2C71725%2C65915&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1695159204169&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjpk72tvd1016c37ac44309vtp6j9pnb74cafbdf36jytqgjz6zz9cxhfa67b0ryfvay71d6y0beh6n6wp3eyprtkj3wvgy8nhrvm94xjdqt6wftx78gys8d3pb1b10f84gt08s6z2ynhv3zesz8d4dvgsc5vpz4y5fanxe2hzkq4d92m6re1xyhmzzck4h96za2hd7yhmp4k82em75bkxsg2af5rbk4qgfc4f3hwyqgzcabzhz558w66zpb7xc53ay579dv6jksc8zvtmf95jw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCD8N6oxMKZeCQE-Oi2OMPiZCusAKQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLQPwr2qOuxPqgDAcgDAqoEzQFP0Pwqc3bGeJBTeE58gb091-L4lM09MZi8UHtsbtanzuM-JlwHQgneLuF4Y0glS6-VPij5Zav66PL2SyreldPxK40ufV4vo9fMeZSx8PYIe87XaWODPdg6Tye4VdQYkPmg0gfuJD9L8ryFhqRj_W47sTJIyAXKHGmF1Cx7mwWE1MC9smgTmDSwIFl_4OUnP5cao-MvTyxwG-fCDCrkFoCneVOE9Rh93dof5SVg6SGQPqgrdwcnLLyiQQnQm5YXRB7XkFqXvctJlMNpARD0gAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2AkqO9FcVbaAXJSj0y1GrkzyxtGw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8aedce5ce280bf3c1e99fa9b36cb226e62cd39cf77c1f0c5660a6cab7bdece3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2280003
cf-polished: origFmt=png, origSize=11357
alt-svc: h3=":443"; ma=86400
content-length: 5848
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Jun 2023 08:41:46 GMT
server: cloudflare
etag: "ccfbd2e3feb27487a1f6d1f6b03866aa"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RkGyhz6z6sHVYpspI%2B77j3obcg3r65%2FkSB2sO6j7bzOmAd%2B5PE7WYLVMBoFC3mXmHYAW7Sv7PBQkdGgQlC9jQ4cKSAguARecNATYDPJ0VWKkujDSa8EEm9GKMR9XrhHzU4uc4%2BjNXmGuCCqA"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8094f2636851364d-FRA
expires: Wed, 20 Sep 2023 21:33:24 GMT

GET
H2 200 2D65771C4E99642761C25D51AEBBCFD65B43B5413EF19697CC1FB2CD4144CA8006EDEBD7BBE3473EC0E77D5B95CFC345D27520E24E58F21FCA62F0BF53BC962B
assets.ad4m.at/ Frame 999E 183 KB
184 KB 133ms
131ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/2D65771C4E99642761C25D51AEBBCFD65B43B5413EF19697CC1FB2CD4144CA8006EDEBD7BBE3473EC0E77D5B95CFC345D27520E24E58F21FCA62F0BF53BC962B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C197862%2C175059&b=3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CkkDa5f3fdjzGh4HwHetBtXYGdsZSjTmmAa91Ye&f=WPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CzGDuRfYfqe1wCpHBHMtJCPV4BtVSwTQQ8fGm3k&c=120&d=600&e=&g=92771391067931a9aa325ff2a34a5352%2F12837300214234493813&i=21596%2C71725%2C65915&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1695159204169&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjpk72tvd1016c37ac44309vtp6j9pnb74cafbdf36jytqgjz6zz9cxhfa67b0ryfvay71d6y0beh6n6wp3eyprtkj3wvgy8nhrvm94xjdqt6wftx78gys8d3pb1b10f84gt08s6z2ynhv3zesz8d4dvgsc5vpz4y5fanxe2hzkq4d92m6re1xyhmzzck4h96za2hd7yhmp4k82em75bkxsg2af5rbk4qgfc4f3hwyqgzcabzhz558w66zpb7xc53ay579dv6jksc8zvtmf95jw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCD8N6oxMKZeCQE-Oi2OMPiZCusAKQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLQPwr2qOuxPqgDAcgDAqoEzQFP0Pwqc3bGeJBTeE58gb091-L4lM09MZi8UHtsbtanzuM-JlwHQgneLuF4Y0glS6-VPij5Zav66PL2SyreldPxK40ufV4vo9fMeZSx8PYIe87XaWODPdg6Tye4VdQYkPmg0gfuJD9L8ryFhqRj_W47sTJIyAXKHGmF1Cx7mwWE1MC9smgTmDSwIFl_4OUnP5cao-MvTyxwG-fCDCrkFoCneVOE9Rh93dof5SVg6SGQPqgrdwcnLLyiQQnQm5YXRB7XkFqXvctJlMNpARD0gAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2AkqO9FcVbaAXJSj0y1GrkzyxtGw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64f88a75df6eeef2e778f967a36f861c2005c64fb8b567a17a8f98878e351255

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 279259
cf-polished: origFmt=png, origSize=289744
alt-svc: h3=":443"; ma=86400
content-length: 187558
cf-bgj: imgq:85,h2pri
last-modified: Fri, 23 Jun 2023 11:11:49 GMT
server: cloudflare
etag: "17decb4f4cab809ec8159433a7f13627"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3qfnUPeLYpptiwPuGqckH9CeZ9aTvQu9mEaoBtakvhpyrDx3V3LN7EyLddBKLu7HE073tMwPcupAxjDoiKg9IkJoM%2F2wTnGzdpaS7kn3l2IfoHQTS5pphOcZjRwMhUnV1KNJJDV4sOflw0EV"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8094f2636853364d-FRA
expires: Wed, 20 Sep 2023 21:33:24 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame AD50 17 KB
6 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 21:33:24 GMT

GET
H2 429 link.html
track.webgains.com/ Frame 999E 0
0 183ms
60ms Script
text/html 13.43.142.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jtnjtcgndb821k3rvag193b4fvg86fg0ptdc8xganccqjbr81gyc7rw0551hx41k0xt6j06acj624m4zkjq9td2b8ymrb89m7v9seawze64td07kbgm2kjda3r3dh22bb1yzxarnfzg390qsqmb8zkfakmdz2t8vcmtvgh3gtndh3htgmxa91k83esv1rnz1dnabny9m0fshqjk9yt6tkq5zw13hdgsb0q90xfgm8ez4hazw0n15scexhrbd2j73trb8%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hjpk72tvd1016c37ac44309vtp6j9pnb74cafbdf36jytqgjz6zz9cxhfa67b0ryfvay71d6y0beh6n6wp3eyprtkj3wvgy8nhrvm94xjdqt6wftx78gys8d3pb1b10f84gt08s6z2ynhv3zesz8d4dvgsc5vpz4y5fanxe2hzkq4d92m6re1xyhmzzck4h96za2hd7yhmp4k82em75bkxsg2af5rbk4qgfc4f3hwyqgzcabzhz558w66zpb7xc53ay579dv6jksc8zvtmf95jw%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCD8N6oxMKZeCQE-Oi2OMPiZCusAKQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLQPwr2qOuxPqgDAcgDAqoEzQFP0Pwqc3bGeJBTeE58gb091-L4lM09MZi8UHtsbtanzuM-JlwHQgneLuF4Y0glS6-VPij5Zav66PL2SyreldPxK40ufV4vo9fMeZSx8PYIe87XaWODPdg6Tye4VdQYkPmg0gfuJD9L8ryFhqRj_W47sTJIyAXKHGmF1Cx7mwWE1MC9smgTmDSwIFl_4OUnP5cao-MvTyxwG-fCDCrkFoCneVOE9Rh93dof5SVg6SGQPqgrdwcnLLyiQQnQm5YXRB7XkFqXvctJlMNpARD0gAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2AkqO9FcVbaAXJSj0y1GrkzyxtGw%252526client%25253Dca-pub-5884294479391638%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C197862%2C175059&b=3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CkkDa5f3fdjzGh4HwHetBtXYGdsZSjTmmAa91Ye&f=WPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CzGDuRfYfqe1wCpHBHMtJCPV4BtVSwTQQ8fGm3k&c=120&d=600&e=&g=92771391067931a9aa325ff2a34a5352%2F12837300214234493813&i=21596%2C71725%2C65915&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1695159204169&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjpk72tvd1016c37ac44309vtp6j9pnb74cafbdf36jytqgjz6zz9cxhfa67b0ryfvay71d6y0beh6n6wp3eyprtkj3wvgy8nhrvm94xjdqt6wftx78gys8d3pb1b10f84gt08s6z2ynhv3zesz8d4dvgsc5vpz4y5fanxe2hzkq4d92m6re1xyhmzzck4h96za2hd7yhmp4k82em75bkxsg2af5rbk4qgfc4f3hwyqgzcabzhz558w66zpb7xc53ay579dv6jksc8zvtmf95jw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCD8N6oxMKZeCQE-Oi2OMPiZCusAKQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLQPwr2qOuxPqgDAcgDAqoEzQFP0Pwqc3bGeJBTeE58gb091-L4lM09MZi8UHtsbtanzuM-JlwHQgneLuF4Y0glS6-VPij5Zav66PL2SyreldPxK40ufV4vo9fMeZSx8PYIe87XaWODPdg6Tye4VdQYkPmg0gfuJD9L8ryFhqRj_W47sTJIyAXKHGmF1Cx7mwWE1MC9smgTmDSwIFl_4OUnP5cao-MvTyxwG-fCDCrkFoCneVOE9Rh93dof5SVg6SGQPqgrdwcnLLyiQQnQm5YXRB7XkFqXvctJlMNpARD0gAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2AkqO9FcVbaAXJSj0y1GrkzyxtGw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.43.142.172 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-43-142-172.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:24 GMT
server: awselb/2.0
content-length: 45
content-type: text/html

GET
H2 429 link.html
track.webgains.com/ Frame 999E 0
0 173ms
60ms Script
text/html 13.43.142.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3756941&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gqzf99f8r5pbn0p9jab2d37v3sn33hb8bh9sscmxm4p0pac3b3v91he9n83754annea9jsg9wtpex335m4vffvbzea0m0q5aydd8jgx1sh8kjzbek7fgsss0fbb3x9j9g3aen86kwj3hxnhkm6payaqgwhca1vgva3ftnpxp1ea3bj5sgxbcdn06p1tr21q8ee5n5ackz0v8d79g85esw22xabhkwaa92g7q0p95g3hxs2pntr3dkmg1zrbcaek2q6pg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hjpk72tvd1016c37ac44309vtp6j9pnb74cafbdf36jytqgjz6zz9cxhfa67b0ryfvay71d6y0beh6n6wp3eyprtkj3wvgy8nhrvm94xjdqt6wftx78gys8d3pb1b10f84gt08s6z2ynhv3zesz8d4dvgsc5vpz4y5fanxe2hzkq4d92m6re1xyhmzzck4h96za2hd7yhmp4k82em75bkxsg2af5rbk4qgfc4f3hwyqgzcabzhz558w66zpb7xc53ay579dv6jksc8zvtmf95jw%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCD8N6oxMKZeCQE-Oi2OMPiZCusAKQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLQPwr2qOuxPqgDAcgDAqoEzQFP0Pwqc3bGeJBTeE58gb091-L4lM09MZi8UHtsbtanzuM-JlwHQgneLuF4Y0glS6-VPij5Zav66PL2SyreldPxK40ufV4vo9fMeZSx8PYIe87XaWODPdg6Tye4VdQYkPmg0gfuJD9L8ryFhqRj_W47sTJIyAXKHGmF1Cx7mwWE1MC9smgTmDSwIFl_4OUnP5cao-MvTyxwG-fCDCrkFoCneVOE9Rh93dof5SVg6SGQPqgrdwcnLLyiQQnQm5YXRB7XkFqXvctJlMNpARD0gAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2AkqO9FcVbaAXJSj0y1GrkzyxtGw%252526client%25253Dca-pub-5884294479391638%252526adurl%25253D&clickref=oneidzGDuRfYfqe1wCpHBHMtJCPV4BtVSwTQQ8fGm3koneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneidkkDa5f3fdjzGh4HwHetBtXYGdsZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C197862%2C175059&b=3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2CkkDa5f3fdjzGh4HwHetBtXYGdsZSjTmmAa91Ye&f=WPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CzGDuRfYfqe1wCpHBHMtJCPV4BtVSwTQQ8fGm3k&c=120&d=600&e=&g=92771391067931a9aa325ff2a34a5352%2F12837300214234493813&i=21596%2C71725%2C65915&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1695159204169&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjpk72tvd1016c37ac44309vtp6j9pnb74cafbdf36jytqgjz6zz9cxhfa67b0ryfvay71d6y0beh6n6wp3eyprtkj3wvgy8nhrvm94xjdqt6wftx78gys8d3pb1b10f84gt08s6z2ynhv3zesz8d4dvgsc5vpz4y5fanxe2hzkq4d92m6re1xyhmzzck4h96za2hd7yhmp4k82em75bkxsg2af5rbk4qgfc4f3hwyqgzcabzhz558w66zpb7xc53ay579dv6jksc8zvtmf95jw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCD8N6oxMKZeCQE-Oi2OMPiZCusAKQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLQPwr2qOuxPqgDAcgDAqoEzQFP0Pwqc3bGeJBTeE58gb091-L4lM09MZi8UHtsbtanzuM-JlwHQgneLuF4Y0glS6-VPij5Zav66PL2SyreldPxK40ufV4vo9fMeZSx8PYIe87XaWODPdg6Tye4VdQYkPmg0gfuJD9L8ryFhqRj_W47sTJIyAXKHGmF1Cx7mwWE1MC9smgTmDSwIFl_4OUnP5cao-MvTyxwG-fCDCrkFoCneVOE9Rh93dof5SVg6SGQPqgrdwcnLLyiQQnQm5YXRB7XkFqXvctJlMNpARD0gAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2AkqO9FcVbaAXJSj0y1GrkzyxtGw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.43.142.172 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-43-142-172.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:24 GMT
server: awselb/2.0
content-length: 45
content-type: text/html

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EFE8 13 KB
5 KB 44ms
42ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 14474
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 17:32:10 GMT
expires: Wed, 18 Sep 2024 17:32:10 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F912 829 B
559 B 57ms
56ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fde6d2272be12b091ca3a3e1cdef971d584c1f88f06ec3e9e65e99c96518ea9e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-65Q2vutm4e1kSAwni45j3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-65Q2vutm4e1kSAwni45j3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 21:33:24 GMT
expires: Tue, 19 Sep 2023 21:33:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js Show response
pagead2.googlesyndication.com/bg/ Frame EFE8 37 KB
14 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 12:37:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32134
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14739
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Sep 2024 12:37:50 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6DF3 0
0 82ms
82ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309140101&jk=278733757820323&bg=!-Pul-7TNAAbP3fMH7907ADQBe5WfOEqsatpSgjF1v549Ci06s1Hl1IQeEPysXL0C-TUoFN_rX2MC-3qK4-A2NO4c0muoAgAAAUVSAAAADWgBBwoAga_gGFQndnLbK23gSCA5fZW9KjNdDmcm7C0nVnBJ3uGyUnX09nJ31nkigydf6M253Zk-zJRhKu8n1qxc8FfIkvhHI6BMBqkYKPgAG-65Jy66KzoQse6NJxKRqg-UAqzRPaB5gd6nrcY6cj7l4d8WNs-4yhCF-skhtrao_ljqS0qHJZkC__PSRUGQaM9RGIXt2Fis7HO08E97WfvMXq6Qz4GznyeO5kQIR79hulSR-_CvCHit1Jrsf8bW-SRm3jUoWrJh2v22VCO_QRHChQx5QMVRV6BbmFFlyiYfYpPNV7WrcHMITrVcXEy_5ExzIKFQVAqWD2iCwgeJ8sWBrtOWRHcK1Y4kOqJe54r3dW2Y-4kR9lOJi1YB_e2dmnu3Z6WIJwS67bhYrxeweOw0uUfJE_3jWUP7C4o-_okZtzZs1FJReNp7QPpNimFUd_9Cnk3mF7WgF6MDb76gvNRo6rv_6c-ntt0_vLzOMqWqLHQ5wzzMOQO3STu3dRxeR607eiCJA9i6xzAn-gez4rYootf7_lICrY7V7CtgleLu0yH3fgJpt1TiGML_j8jOVzUcITX8ZLE8PAmllEdiUd7AoDVyCIUH-MEMuuzDdzUKe255B23BeY-xaLmoLXOFk9vx2W-qk0LWFgzXhgbnNju5Hg-ct8Zp9IxnZ7ghRSZvXgqbX2ec3gy-5Ty3HEQOPL_YzduxphG66Hit1ksOVX0syi27fCtYARSsPT0xO5zA9oCyXDp0i4xvjgrrE_4yoFB7qNNFT4ffBB4fqQnprRI4-gl1yxm724bfn8mKBdkEcNKHYls-nDbH3gxvtWZjI8YTwauLhkU2dPX7VRAGK_sSmGFjZNp93oMhHwvkvSHDTXCG-mRwy5FPYZHrSlEa_S-akVwyXeLVBM3tKlD9uuEOEjlJe0TUz_urHS1eHh7_PNpdtnS-uz_aFj8ivIZsrgQYTWII2VOFqPWqv9Km8qkyOxeqyBdvrRI48UmDo_Mg_1L07dVX-h6tJNH1i8kKtahW0BGzZdXmW5o4it0TV02y1VDe-ViBjAr4ityTy8ihAxUsg8VDe26riQlkBN2u0VDmd52p64zl4cCYWtfDMNtnNSYyVVUkBW2SApsTqiQgFFImT5Am45Xa8-j3sFnMXpkBOMoDsm7wgNFjF0sYFYz2v7uLrcLTb6fN7tUgU-VffrM_FS_V06B-
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F912 0
0 78ms
78ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230918&jk=4384785029985644&rc=
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E5E1 0
0 81ms
80ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309140101&jk=3145686858935280&bg=!xcalxonNAAbP3fMH7907ADQBe5WfOKS0OAONoOrWmkHTH2rHntZAy9MZiCSdQzwMXJnDBNmO9iNN_FGDNgDfeaTYVAixAgAAAZ9SAAAACGgBB5kC-DuM9RuGOKToE3J24QEHV_AwjkiKNyzsact5tgfO52u27jfsvCnLkTAeOARr4iRyhozmUWZtDkXsTcx-KesXtkvqr1VwoS0zBfsWRfipPcL1w1nF0L0iEfYe3QA2tPFh_gV697-KBF3ynbSv_bSSuERQFNTqr2wbvu3Ige-_nEXQvYxZvoMZqOdlZiRpu8zdXajlHcqdQX3WqP8SPMt4FozcDtiaqBOSR1CfgNgRflA277a6KCH8PECSazrLG7dku1fEvui8vLvS-DFuZ-qCH5UCjRKdSXiTj_oy510CTzZZjG9NXytRI457XC7ClSyWY0Hos602mXtAsNCZAp4vMYy55Xmz7vCmaj826_L-2QYsTj1DTQS881iUq9UAQvAYjtkICDz3fYQ36MQ-EBv6RH6pv7OaiKuJGvJpaNmz4i8g9qJpfVkvbZBrX1JSgeW9xKEUhzHs-mTD8TRi77vkb0MokFVrwr6KwZ6ITAluBhZL7-rBJ-ELm9TAVBLaN_UtJovPvS7Jn0nUC-7O_Pyax8n1RAO91C0DGLUjJK8TROCESxcuR1fVAwyDH3KT9_tQykYb0Mk0nhvH6aU5YV6PUezQaGnI6RkTPONmNC83gRPl91GXw-7CAPwtEB_Onve6SXcTZIOHCXJX2jKp2-VteyMcl7mQUVvXVqvjyO4toqWi7r984ieRsHX8EBDbYAKsS1HkHaT5De44z94de3gooMj84C-qRavfvCLmbZWEYWUOydkumCWzZnPWxxPaqe7AdBU1RS_heknYmQ9BXlgngxuRsoSC9y_57Wv87HqftACuv-7jt0tX7iYGs6G1EnP1-YMo6fMrB7yg83J7AtH0GdBz2GNBERpDQ0RTO_M8UjjlHIzL_cu64GGfl-vs4I0OacGfOD5K6QZZtRY_aVi36kGYP1Ygc4WCnuh1mxIIUFvyM1fohdCjMozJMXwmhaB2qFYnCiS0nfD4KLl7GPZ09O_Idpw-sEnDMxAh1rZ3XbXiXiRNE865rJk
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 619A 0
0 80ms
80ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309180101&jk=3892060698215008&bg=!eHulezTNAAbP3fMH7907ADQBe5WfOFizDhB3IXJ3zBgmzHmLukRj__xBoNholvPcuyQQAQxb3HWUfPd1nFij14nZzMeeAgAAATZSAAAACmgBB5kDBFnmIZ2PgVzbvAw0SpfVBhUhruuYIhIhJtPLDCa49Am1NwNLATawYm1acXidXjlsVwjOLkE7tTYen3UL_Hx22DPP1jdUmtfj4Nxqlt_vxceCbO9idVpsVThlu-fK14VE8n4dJy-2YC4QLy9QKqO3bc34Nv7rNtrYQ-5m61OED28iXoAOAMkkbm1H0cmF1vomGNInjioYIoMsXYTE7nURaXt9KVjq1hMOOD0ntK8yd7jw1AhF8KUWjw5qWnFPUdulp7Tf2rO0rTwkCksXS2HqhKKmvxd0pa-iLn7f0PM9KX2xXN1VyQGYSbYGrQ3H4OyWc1h8bNj5krqdSS4JgPOMM2tR95pyGtn9q9Pl_LrgIDtlabZh0c5FbtkP1XmJ_twFqAomC26-25q4Fs08hiqTR87U8FnkF4oVEU-O0BfxNo7zF2c_A_Elvl8A6n_zZegwQsLsoZ7CatUW4ydKyuAO4Z9oyX5wd3j9-UDMf3hyizFYRo0HjUSdXI0IPKvBZZ-1uqhX-QE8uAvRK5Ajw49qVRHPqpMOe_TJNqhaxS6avHkKDNg5JJRDXsiwiWOaCq_kKWvVHHbZ6muV5y5mKcstYVeYgyRWgYSArwMfWbCSPEt1I9h-SIE7liydNW9gGDiHYDl75_uRLiTyhuoOqKs2gnwm1JXTMFDnKwzR6bl58CSfMfbIGtigwy8krO6CA0avtpZsiYqNi3eo3BAOEsmW63SAEdL8ho5w7eRr37ptwSpwZd2TR-K6xPx0byq07S9uVZ4AC2xJm0RwZqH5Mr1d4syk1ZRZBsShWEP8gJo35rQxJ2_-zkow9ogHm0B8FNVTJpJjp_PfsgBuBS1MQWYz0K5MCGU9CuM4gbyTNRy0LFpYwnsAgiHwIEmQKoYGZAwOwuI94Xvq4DxBCOYuhTVKLw6MEuTCIUQCDl7SxE4VGgczGrm8HqJx7UpAY3Flt3TKSua4hiyIy2ro2w-JUGdCa6xEju25pPd30OKhbZ4v9PLZuIp6Fw12dXXOwtbo-VtnwZsyY0M
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EFE8 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?lu5k7A
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AC79 0
0 78ms
78ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssweowii37boTIzKuDt50chjptsM95DCGjWxrbJOtidE3Juvvta8iTsWqW6K96JV-UnPyGLnSDqBdj1d9UCaxR0e_DZ_YoNeY4CBGvG9VYrG0oUN3jEgfkcULLq9SjALeTMsCD_5JpVHmOugBmfNCeyf0V25CwV-biPdeD2iWr21RFUGGbCAvGcd5OANpvAz-GfAamRfRJdp4kHs-dLUR5CFg5eNv6WW1BVIZXdJ_KaCbtb3gGG9dDAV_nCAwyezSZ_CTPKdtvKkAlyaFV8ijskKHjOUB9bUj8n_M3OFrTS8HoOlCG4p_-yFn7c20PFUFlBQj3RzZxE8HxxnYT6Y1FI3k89mMJBT-ZcMxOb_l2i2jE&sai=AMfl-YTTCThpxENbmFgvpEU9gLG0pF1o0-mcZPbxtCkT7XtouNnr8cjn0KGAETVi5qS3alJy6E-QlA3qqc1yCY8&sig=Cg0ArKJSzLIsbULaAg1XEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Sep 2023 21:33:24 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame AC79 16 KB
12 KB 108ms
107ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230918&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b77fc0221eda19f95ea91fa488add620d78fc68ffd19353a4780c7f9c26b812a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12094
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame AC79 17 KB
6 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 21:33:24 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3D26 13 KB
5 KB 51ms
46ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 14474
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 17:32:10 GMT
expires: Wed, 18 Sep 2024 17:32:10 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 247A 829 B
558 B 55ms
52ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5d84e8643f3e1401443aa5fb165c4634bb413a8b3959414bb88b88addee9dc16

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-h6PCtLsR8LVf5WZtgOg95g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 536
content-security-policy: script-src 'report-sample' 'nonce-h6PCtLsR8LVf5WZtgOg95g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 19 Sep 2023 21:33:24 GMT
expires: Tue, 19 Sep 2023 21:33:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 247A 0
0 76ms
75ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230918&jk=3278015393583231&rc=
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H3 200 D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js Show response
pagead2.googlesyndication.com/bg/ Frame 3D26 37 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 12:37:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14739
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Sep 2024 12:37:50 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3D26 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?eDTmzQ
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 21:33:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AD50 0
0 76ms
76ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230918&jk=4384785029985644&bg=!nJ-ln9DNAAbP3fMH7907ADQBe5WfOLKXszrNmSqBt6YmzPF_OrZMY72duSkGjj2ULn_OY8Gs4X4GqgziDrhXA9x5qyHjAgAAAFxSAAAACGgBB5kDRSDRobicK0IawndrpvTg2TG5HEGxVRUZBlgCVTJQUcs3TKvXXrhan7dZDkUqbH9uRSB-GWfkPc1sW_F21U_Ci-oTDbHnlzZv_WatJbEQGUpFARB0G9t7MlIyI3ThPgtxNsB_OTCrNyutj-yfZ8q6ZKPza4AN04Ecv6wNCVMfPWhFAAE6GCn0kUJZ5uuUK7lChSicbexjhCVm06HC44Xx4Bv3KvrGtbixAe1wuUK_gHSHkLw96QQP0GH6l-xXzWNidzN9idwwweqRe3n1QaoViIt9ngK3QqAd395882dUoIYRQn7jZ2Vtd5yMNbuIDxNbQEUhXf7qyb5uIxWMVVPs-F_8BCmISXzerbEBa1DEm7xy8LBwe34Ftdn-wkcH0caMtAKrCxSA95-5O8gXp_-UPqyhKjnSLT43BDzWHNzBkWNESaGN4Wk7wH9xejUb6nvnqP85GM-vjrc_9fhMU2l0TZzjb2HCaz3ZgNWCkZrgpGtKtKHjvbz_YJ_U3aG9sKnZmGjBdr9KZ-felkCYm2NSH_XzYNhi2GL-DRlUIVtQXn1-4EuQnalU8InSVuUnhWQSJtQaEgTfIZV0ygAmK2tttBgAUeQPHqaccqjSHLy7156lh2rusM7tHcg6uCVIz8bqDikVex1BZeQqKVXihF8EHMzyhUAxqjUd3jZd_eDbSluumXgoVoPCh80lVyNjbBsmKsKR2TYoHK4CmRMAP4EWaqxXa-Z9XV-CTVKzEV0-jfyxfQFibsBUYte-QWBKhqvmDu0cKSEDXbgBzqr05ZGKtL7LNfuzN8JxaMaC74xXqarOKw5lsqdGjqE3oQwWXELA92qU2kTRNuw5qZXbA83MYrXSlWuEoiBpXD5BZ1mvWZbAlpbjU-RQmzAEIHGfyHPlGQPGUFCDZn45w9E2vX2RXS8jNul2INtU14msBLagF0OCuanoYd1hRX72XyuACCFSpQG1ynZfs18cAwR7N-iUrvIYltxcA3vaNE07c5V5RPqbrTRz-pe4qpIffGxvBR8ZTCEyIuT-YhMfGOd58VMqklnPUNUAHMf7_aPCtq7D_SIc61YiA_Ap2Q0xGlWV2sImX38YXjGtzNNYPmsRVDyktX9GQVmfiA
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AC79 0
0 77ms
76ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230918&jk=3278015393583231&bg=!BAelB0jNAAbP3fMH7907ADQBe5WfOAHfkLRajtVXtK5vpGT7jCli6d9j9w-p4guLdSsT6NFb9DtNeF3ln0s2UG2aN-w_AgAAAHNSAAAAFWgBB5kDD1ZRjMIgxxsUNGMtpcCqo1G-jZ47pm_NcOtof03kW7e6HreHytY0Px7yQST08kp7pzdu21JEsXiddOyXptcNTtLBs8yvIb8uJlbOQXImX_4_pkpwe-BMD5UqfZ5PXez1frvVKo2uqzrE-oFeRcAC0n-_JrImfutOTcmCikorW8U9awNdmpuJmRmd2OGONNhtFkgAUDt8oHme0f8CrdqJmlW432UQ2Ms3BQ-10QjCGttlkXjphDs0LRYhv7SJELZktTp2k_D12NO6A3VJ2ovqDmkwfNcMYZcpxMcBqxmHc6yjTQS90vqvZsU8GXbvKtD22cVckLiE7Y_T_8ETtgSf34KxA8T7R3yXUe0FdbyHlQZXEv02p2-lAkKkbi4a1EBzMlOhP77TJ3dgqjDpxU3CSmZjT_eSYASWCmmBmSyQ57l67D9cjt_zWuv3rjEdp9TEJmqgbbYtMBeVCjuXlwBWZaAD44yLE-n7k-2utp333PbhkGOIldqyto9cpQeoqAlKrD4ez-Bfp0pO9I6qhF9Kk-J1uRm7neB8TDAHkC5jP4jjjINg8OMOMngf9khEnDPtL9QEn4DbRGIeEAA5nn4gVQ1XW1xXZMd-vQRryWepmDA7iP15QAfQ_1_fQRSDxDSkIW6NaYlRc4NNOYz9c8pmuOhUHAB5dOiCUlNMB-x-UWYnd-CohfOVHtSrAotGcGDNaKv4NJIyw1CQQqFeOZlfJkr8-5lSsoxMtBorEcOp71AK8OEVbndidun_ZuCcUwSM0Y2IzEL095Wx5f8cGXzq3-DrEDHgpB4Gj4ITQ9e8kWQpNK9Fm3Goh2VYCvyQx5k2kXeECt740ioE5EzFAqlYh5dc8UG2NuIJzDYm9h9vbNumGd6suaEW2HxFs1nMO9HOV5JEOyIkH1p_IFhDD8pWGwCIDR3UHyj-ksNqtRvCFqsOF896sMoTlK7yYmqu6LJcFVP6NDjd_i2kJUOj7LlRmEIp_D4AHFs30HHxRVsUkwvFHpZ-dhC6SVHQSt6yy8K7faj1XJRweB2OdggO461y-w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.statcounter.com/	1970-01-21 00:28:39	Name: is_unique Value: sc12916097.1695159197.0
.statcounter.com/	1970-01-21 00:28:39	Name: is_visitor_unique Value: 1695159197782972787
.xgcartoon.com/	1970-01-20 23:38:15	Name: _ga Value: amp-_bombsFQEQFAVTzKYFcvRA
.doubleclick.net/	1970-01-21 00:14:15	Name: IDE Value: AHWqTUkqHq3rwAAgoJRYFUKY9ySgdaMj10CGrf-GfGHy96-YuU3MfBwN52zbCnZzEtQ
.googleadservices.com/	1970-01-20 17:02:15	Name: ar_debug Value: 1
.hspvst.com/	1969-12-31 23:59:59	Name: VI2677 Value: %7B%22time%22%3A1695159201%2C%22utid%22%3A%22029f7b7fc15d954e85afa2aa64085638%22%2C%22t%22%3A%22P%22%2C%22s%22%3A%22%22%7D
.hspvst.com/	1969-12-31 23:59:59	Name: VIP2677 Value: 1
.pubmatic.com/	1970-01-20 14:54:05	Name: KTPCACOOKIE Value: YES
.ctnsnet.com/	1970-01-20 23:38:15	Name: gid_CAESEG3f_SlQc-ISN5KchSbkfiI Value: 1
.csync.loopme.me/	1970-01-20 17:03:41	Name: viewer_token Value: cc858898-0cc0-4044-800e-e62f2a836e98
.adfarm1.adition.com/	1970-01-20 17:02:15	Name: UserID1 Value: 7280653338412513430
.pubmatic.com/	1970-01-20 23:38:15	Name: KADUSERCOOKIE Value: 3B1A10DE-CB13-457A-B69D-63F1DA4B2E7A
.ctnsnet.com/	1970-01-20 23:38:15	Name: cid Value: d7a0e413e7584056af4734587add1354
.w55c.net/	1970-01-21 00:22:53	Name: wfivefivec Value: rPYcYGzi1QIIlt5
.adform.net/	1970-01-20 15:35:51	Name: C Value: 1
.quantserve.com/	1970-01-20 17:02:15	Name: d Value: EE8BCQH-KYEA
.quantserve.com/	1970-01-21 00:22:53	Name: mc Value: 650a13a3-d4405-d1b1a-d9808
.simpli.fi/	1970-01-20 23:39:41	Name: suid Value: 69ABA07BFEA041508961D73AF1047730
.adform.net/	1970-01-20 16:19:03	Name: uid Value: 8195017428527611588
.yahoo.com/	1970-01-20 23:38:36	Name: A3 Value: d=AQABBKQTCmUCECGJaLLiqGuqe6tp78Sq3oYFEgEBAQFlC2UTZQAAAAAA_eMAAA&S=AQAAAvZtA1MNVJ18ci3eYQ2mwlM
.casalemedia.com/	1970-01-20 23:38:15	Name: CMID Value: ZQoTpHMSLsPyb5hkf5sFpwAA
.casalemedia.com/	1970-01-20 17:02:15	Name: CMPS Value: 3303
.casalemedia.com/	1970-01-20 17:02:15	Name: CMPRO Value: 3303
.awin1.com/	1970-01-20 14:55:32	Name: awpv20044 Value: 412871\|1695159204\|29b57da0-5734-11ee-898e-223287d3f473
.awin1.com/	1970-01-20 14:56:58	Name: awpv11354 Value: 412871\|1695159204\|29b41e11-5734-11ee-898e-223287d3f473
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377129:2470185
.doubleclick.net/	1970-01-20 19:11:51	Name: APC Value: AfxxVi6zj1fDLFH-6vXxFAcFH11Yvwm6stBF96UlPqdmxvwkn7GOcQ
www.conrad.de/	1970-01-20 14:56:58	Name: HTLP_timestamp Value: 1695159204679
www.conrad.de/	1970-01-20 14:56:58	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 14:52:41	Name: __cf_bm Value: S3AA7rRhvj87VLiAtsqYPBSm0Dz_CvdvhZYlSR_4XP0-1695159204-0-AVsM1P3+XIjJiI4wt79wUW4MCQMO4eTLWMNEGq8dgxZSpRDbfmrQlcwDvCWlN5o65JmN1Q2xr/YIWe9EA0PJbOY=
.o2online.de/	1970-01-20 15:02:44	Name: nscT485 Value: v01MTQyMTExMjExMTExMTExMTEwMTQyNjIwMDAwMDAwMDYxNjk1MTU5MjA1dmxlYTFkZTIwMjMwOTE5MjMzMzI1ODg5ODM1ODkxNjNYMTE3NzAzVjEyMjYxMzI3MDJNU21tX1NVQklEVEVTVF92aWV3MTE3NzAz
.o2online.de/	1970-01-20 15:02:44	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 15:02:44	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023091923332588983589163X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&affiliateId=v01MTQyMTExMjExMTExMTExMTEwMTQyNjIwMDAwMDAwMDYxNjk1MTU5MjA1dmxlYTFkZTIwMjMwOTE5MjMzMzI1ODg5ODM1ODkxNjNYMTE3NzAzVjEyMjYxMzI3MDJNU

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network	error	URL: https://track.webgains.com/link.html?wglinkid=3756941&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gqzf99f8r5pbn0p9jab2d37v3sn33hb8bh9sscmxm4p0pac3b3v91he9n83754annea9jsg9wtpex335m4vffvbzea0m0q5aydd8jgx1sh8kjzbek7fgsss0fbb3x9j9g3aen86kwj3hxnhkm6payaqgwhca1vgva3ftnpxp1ea3bj5sgxbcdn06p1tr21q8ee5n5ackz0v8d79g85esw22xabhkwaa92g7q0p95g3hxs2pntr3dkmg1zrbcaek2q6pg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hjpk72tvd1016c37ac44309vtp6j9pnb74cafbdf36jytqgjz6zz9cxhfa67b0ryfvay71d6y0beh6n6wp3eyprtkj3wvgy8nhrvm94xjdqt6wftx78gys8d3pb1b10f84gt08s6z2ynhv3zesz8d4dvgsc5vpz4y5fanxe2hzkq4d92m6re1xyhmzzck4h96za2hd7yhmp4k82em75bkxsg2af5rbk4qgfc4f3hwyqgzcabzhz558w66zpb7xc53ay579dv6jksc8zvtmf95jw%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCD8N6oxMKZeCQE-Oi2OMPiZCusAKQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLQPwr2qOuxPqgDAcgDAqoEzQFP0Pwqc3bGeJBTeE58gb091-L4lM09MZi8UHtsbtanzuM-JlwHQgneLuF4Y0glS6-VPij5Zav66PL2SyreldPxK40ufV4vo9fMeZSx8PYIe87XaWODPdg6Tye4VdQYkPmg0gfuJD9L8ryFhqRj_W47sTJIyAXKHGmF1Cx7mwWE1MC9smgTmDSwIFl_4OUnP5cao-MvTyxwG-fCDCrkFoCneVOE9Rh93dof5SVg6SGQPqgrdwcnLLyiQQnQm5YXRB7XkFqXvctJlMNpARD0gAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2AkqO9FcVbaAXJSj0y1GrkzyxtGw%252526client%25253Dca-pub-5884294479391638%252526adurl%25253D&clickref=oneidzGDuRfYfqe1wCpHBHMtJCPV4BtVSwTQQ8fGm3koneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneidkkDa5f3fdjzGh4HwHetBtXYGdsZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jtnjtcgndb821k3rvag193b4fvg86fg0ptdc8xganccqjbr81gyc7rw0551hx41k0xt6j06acj624m4zkjq9td2b8ymrb89m7v9seawze64td07kbgm2kjda3r3dh22bb1yzxarnfzg390qsqmb8zkfakmdz2t8vcmtvgh3gtndh3htgmxa91k83esv1rnz1dnabny9m0fshqjk9yt6tkq5zw13hdgsb0q90xfgm8ez4hazw0n15scexhrbd2j73trb8%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hjpk72tvd1016c37ac44309vtp6j9pnb74cafbdf36jytqgjz6zz9cxhfa67b0ryfvay71d6y0beh6n6wp3eyprtkj3wvgy8nhrvm94xjdqt6wftx78gys8d3pb1b10f84gt08s6z2ynhv3zesz8d4dvgsc5vpz4y5fanxe2hzkq4d92m6re1xyhmzzck4h96za2hd7yhmp4k82em75bkxsg2af5rbk4qgfc4f3hwyqgzcabzhz558w66zpb7xc53ay579dv6jksc8zvtmf95jw%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCD8N6oxMKZeCQE-Oi2OMPiZCusAKQ4YGEXLaoworwAsCNtwEQASAAYJXCpoKwB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLQPwr2qOuxPqgDAcgDAqoEzQFP0Pwqc3bGeJBTeE58gb091-L4lM09MZi8UHtsbtanzuM-JlwHQgneLuF4Y0glS6-VPij5Zav66PL2SyreldPxK40ufV4vo9fMeZSx8PYIe87XaWODPdg6Tye4VdQYkPmg0gfuJD9L8ryFhqRj_W47sTJIyAXKHGmF1Cx7mwWE1MC9smgTmDSwIFl_4OUnP5cao-MvTyxwG-fCDCrkFoCneVOE9Rh93dof5SVg6SGQPqgrdwcnLLyiQQnQm5YXRB7XkFqXvctJlMNpARD0gAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2AkqO9FcVbaAXJSj0y1GrkzyxtGw%252526client%25253Dca-pub-5884294479391638%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER Message: Failed to load resource: the server responded with a status of 429 ()
javascript	warning	URL: https://www.xgcartoon.com/detail/guoguochengzhangriji4kguoyu-wangzhaobing Message: The resource https://e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

497323b4dc8e0be5cc7b8e74d050e538.safeframe.googlesyndication.com
81ff71d4f10caf323bdfbc00bbde7983.safeframe.googlesyndication.com
ad.doubleclick.net
ad4m.at
ads.w55c.net
as.ad4m.at
assets.ad4m.at
bf0db743febac9aa2dae0a8f7552790a.safeframe.googlesyndication.com
c.statcounter.com
c1.adform.net
cdn.ampproject.org
cm.g.doubleclick.net
cms.quantserve.com
csync.loopme.me
cti.w55c.net
dsp.adfarm1.adition.com
e800a9103851491c825c4e6a005c5dbb.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
i.w55c.net
image6.pubmatic.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.o2online.de
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
pv.medialead.de
region1.google-analytics.com
rtb.openx.net
s.ad.smaato.net
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static-a.xgcartoon.com
static-de.ad4mat.net
t.hspvst.com
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
www.awin1.com
www.conrad.de
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
www.xgcartoon.com
x.bidswitch.net
104.18.27.193
104.20.219.77
13.43.142.172
142.250.185.98
145.239.193.130
154.58.197.185
167.233.13.224
169.150.222.217
172.217.23.102
18.197.176.130
198.47.127.19
2001:4860:4802:32::36
216.58.206.34
23.56.205.163
2600:1901:0:76b9::
2600:9000:211e:8600:1b:5138:8a40:93a1
2600:9000:2251:8200:3:4706:a6c0:93a1
2600:9000:2491:f400:1b:f040:3600:93a1
2606:4700:10::6816:2f93
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2606:4700::6810:c0cb
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:800::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2001
2a00:1450:4001:812::2001
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2004
2a05:d018:d29:3605:cdf9:6ebb:c08d:dd
3.33.220.150
35.157.117.145
35.186.193.173
35.186.253.211
35.204.158.49
35.214.187.157
37.157.6.233
51.89.9.254
84.200.5.215
85.114.159.93
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
07df410a176c32b013d26ce0b4db400e46aebd9b2018752192543475a2a3e277
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
0fd71256053f3bb91eca8b987eff43c3bbba168fb2c09ba8fcee04f7d5431a83
11be2e3900ce3217df5fc10ba44e69a0200baffb343fc242ebd923e0cfb8d2df
15075ae3b79fc0c8e783744266ebd423b2d9c08f6517ae837b6db78bbab74994
1539eb2245e86f37b969d1c9aafb1ff0472a41f04c05419f04f8c31de088c9e5
154dc086233f311722b1aadd4dc4e9d4a7a912ab2a679141b9cd59df50a04f92
15d0b16ddf2081e93f76e34160de1a1fb86c59646b6121e2bad441860420f03f
1bde658df6e7fc967fdfa663ef601083be84e4dfb80de29e5423d8d618bf790e
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
2754d47be946d2394bce4008332826d0491b510a2a624ae6609d042b143732d1
2a04f4f0b028721b0253262000436b7ba7ec607ce03c9b1643b647fca48af4f8
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30e1e2c12586170ea07b265c5ee4d7e1677d2a3ea8cb82517919991cf0359213
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31e8df25e1cae2d82c9d61e7020d99e9d0afe919a0d9139d505c46d34b43f476
3609e2bfaf2b1695c7082465faf8400897aacbbb0a3bc10bb14d0adfe09a9fc2
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4095ef60dc2a51dadc1d2f407052a07ba2358e86c5b748a784328e2e6376722c
41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37
4159352737d936fb6a37ebbb9c792554d8f1ead757bdc43bc59ec354c3de9440
4306bf64175691d6c1a4183484f10588493cdd1ea3230f5bdc76c4426d6fcd10
43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28
4525acb8a165c9a85324df303093eb859b331e05785f0b6d917134eea59159e7
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47033d2ead9c33914d4f69347560b72578a35178fcd0edc1b11b1fac372bb233
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
520fd704b94c711b19d5c44660660a755d191c4400fd493bde84da71344e30e1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
593dcf703b3dd6a15b5130c1c82bc85076d4fa5aadccad68e62ef4a44a8f87ab
5ac477d8785a4c9ef373969dd3f047e310bfb60d77bc518593795177bd131227
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5d84e8643f3e1401443aa5fb165c4634bb413a8b3959414bb88b88addee9dc16
5db3be4cd1e8fbbbdd9c9b101dc2c70794fd2684d60db42d2cedd8e61d2dc636
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
5f73dbf0c52edb570d0ad16efccefa6a5f8d053719c2cc827cd69148fede6aa4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620ffdaa666bbf15e58038ef061ba78acbf5729c714fa3e991c025089009c23c
64f88a75df6eeef2e778f967a36f861c2005c64fb8b567a17a8f98878e351255
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6913fc807ae2a9adc032eba5049753e0ad2cecc858f1e23e32cdc0c00fb6e92e
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6d82fb2f5bcec9f5fdf6cb0002d1eca7b46122e1920e0acc73dfa3a383be04aa
6fa28ca93018a81200db86568ea62af15f291a113f136c04468fe17258727c06
6fcdba554ac3bf63bca7163b61cb6ecdb33888daac00393a0603320788762d5f
7e07060d456ef3bd806091f35cc369f1dc239ca4fa2e1c43a1cc1107a1e5ea05
7e8daf2a992c1665964e5e6a11a6ab31b376102dff62058576ca996b6793d3d2
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b
8c5275956fa1bf68a0418dddb092a5881af6b6be10f6dca54dfacda6ba41992a
8d524ce5d2397ffe8ef2f9771a41cc80b3e9ba474fe88ffa38382901da891af7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad
8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339
9236c342bce6028e8b1b5ca7f7a359175dd77779095b57617b5566e30d58b979
94d24d38cbc44ff8e2821d5172b11409ce6c6c0485fd3a3c2ea56c679a6aaa61
96debb48b959e7206300a08ea3c9d7d159367b988c234f65c84129b660e47ba1
987949d39bdd7f9f9ea5b3912c856531bb93a2bfa06bb52daea8287078086aaf
9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
9a2c94a2249fc39e6b610f4dcad6dcd8e0ddab399007f146abdd21f6b25022de
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d3f315f9c2ca9ab147e1c1ab30c5791e09115bc12b4e06cf821796ab12d33db
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a164e0223db575926d77e703cb06a636acd3fc75ccd163b916aee331e1b82d10
a21796fbb56623050e3fc640b86422620318554846fdbc3aebd046cf05c6baf0
a3f8b45c06abfc7f1d1e424a087d1f5d5d9b80a7bc0104d68e4f0737f30a5ff8
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1
a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e
a5417cb51e6a752000bcdba03fdeaa32b2f24d0c7b98ad07e89031c51017ed74
a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff
a8aedce5ce280bf3c1e99fa9b36cb226e62cd39cf77c1f0c5660a6cab7bdece3
a8eaa961ae8ab1f71eb4c9804664f4d62cd51e123e71f9a91b870a09f95acc41
aac14e5e84bdd11591e1c0f01324bb1ca5991e26524438e299eb2d28cea422e6
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ad6d935aff08e961d9ca2f7ab8200530622c16a5f117cb45715095999cdbf27d
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b1bafaed2f9b66419f30f8eff520f615bb78e643805bce94712e8df3ed5514b2
b518dfddbe5e4efd902999777989736f263dc72fbba8e7c7a6f0b13769c2f7c2
b77fc0221eda19f95ea91fa488add620d78fc68ffd19353a4780c7f9c26b812a
b7d6a5d91b552c6e2bea5a3cc86e97e1384de7b29c7ed4c3473da6be0e919d4a
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5
bfda8b8e1ad756bc3a910d0c4dd6a9f0438090edeafb0b247935949d34a008bc
c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a
cc5a7b6c79ac84d96302a6de2c67b34f6bce248199721c44edb4d69ea0d91a4e
cd89e3f99017ac265e91962d66dc94a4f46861cef60101397676727d3f697143
d24822b2b52ecc6c409876ef17e44560c2519fd4b4fd953ad40588c2d50bf828
d27b5a578595629fe5a964ad42fabd168a400d8b892b60f939fac8139cb5f759
d4b74d0620cd8a435315afa905e809f8075e2d5fb6b8d24081083cc315721c75
d9f08e0e42d6f997f85664e63335c38150a82d4aed7ba2cecd17ad1e2c70061b
dbb4712db1f4a180095df35bd472e3f012e57cc18c61b588e3dbd699ee01fa14
de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421
dfc6cfc4606af0660bf69fc1b6a6721d1f14f0ef2e3027e7e704515d7d88a620
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b8cd0d6d8c57ef39e1bb5cff8557261b3b2f640656680a72e421471032d841
e5b67149257bc5b172463989ab9e0f33a2229adc07012eb7a7c90468505bd6d1
e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb
ed0cd648035cda53f1d4016e18afdcea868ca6760a14e1c3ea646c8c6882e168
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5243918c5de6b1d345562e0aeb648cb096a12f12903be9d70af67e1a53a7b68
f757339b082b621a2f55bbac92a8d6c93cbd30d688db58bd86d16ba4fb7e26db
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
fde6d2272be12b091ca3a3e1cdef971d584c1f88f06ec3e9e65e99c96518ea9e
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

www.xgcartoon.com Open in urlscan Pro 169.150.222.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

215 Requests

93 %HTTPS

50 %IPv6

36 Domains

51 Subdomains

37 IPs

10 Countries

4220 kBTransfer

9049 kBSize

33 Cookies

1 Outgoing links

Redirected requests

215 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.xgcartoon.com Open in urlscan Pro
169.150.222.217 Public Scan

Screenshot
Live screenshot

Full Image

215
Requests

93 %
HTTPS

50 %
IPv6

36
Domains

51
Subdomains

37
IPs

10
Countries

4220 kB
Transfer

9049 kB
Size

33
Cookies

215 HTTP transactions
14 data transactions