www.xgcartoon.com Open in urlscan Pro
169.150.222.217 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Submission: On December 22 via api (December 22nd 2023, 11:01:33 am UTC) from US — Scanned from DE

Summary HTTP 261 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 31 IPs in 10 countries across 37 domains to perform 261 HTTP transactions. The main IP is 169.150.222.217, located in Hong Kong, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.xgcartoon.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on September 24th 2023. Valid for: a year.

This is the only time www.xgcartoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	169.150.222.217 169.150.222.217	60068 (CDN77 ^_^) (CDN77 ^_^)
12	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	104.20.95.138 104.20.95.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:20:... 2606:4700:20::ac43:47bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
51	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
36	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
48	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:fa8:8806... 2a02:fa8:8806:13::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
3	18.197.41.124 18.197.41.124	16509 (AMAZON-02) (AMAZON-02)
5 5	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
5 26	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	35.227.252.103 35.227.252.103	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	217.182.178.228 217.182.178.228	() ()
5	2600:1901:0:7... 2600:1901:0:76b9::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	52.58.114.78 52.58.114.78	16509 (AMAZON-02) (AMAZON-02)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 7	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
2	54.229.5.240 54.229.5.240	16509 (AMAZON-02) (AMAZON-02)
3 3	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 4	2.19.104.4 2.19.104.4	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2606:4700:20:... 2606:4700:20::681a:61b	() ()
2 2	213.155.156.165 213.155.156.165	() ()
1	2600:9000:25e... 2600:9000:25e8:3400:1b:5138:8a40:93a1	() ()
3 3	46.228.174.117 46.228.174.117	() ()
2 2	104.18.36.155 104.18.36.155	() ()
10	2606:4700:20:... 2606:4700:20::681a:ad1	() ()
2	91.121.248.44 91.121.248.44	() ()
1 3	104.102.45.165 104.102.45.165	() ()
1	2606:4700::68... 2606:4700::6813:afbe	() ()
3	3.9.151.155 3.9.151.155	() ()
261	31

5 169.150.222.217 (Hong Kong, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-222-217.datapacket.com

www.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.95.138 (None, )

ASN13335 (CLOUDFLARENET, US)

c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::ac43:47bf (United States)

ASN13335 (CLOUDFLARENET, US)

static-a.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.197.41.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-41-124.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.4.28 (Denmark) 5 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 172.217.23.98 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.182.178.228 (None, )

ASN- ()

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1901:0:76b9:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.58.114.78 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-114-78.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 51.89.9.252 (London, United Kingdom) 4 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.5.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-5-240.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.85 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.74.118 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.19.104.4 (Düsseldorf, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-104-4.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:61b (None, )

ASN- ()

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.165 (None, ) 2 redirects

ASN- ()

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25e8:3400:1b:5138:8a40:93a1 (None, )

ASN- ()

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (None, ) 3 redirects

ASN- ()

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 2 redirects

ASN- ()

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:20::681a:ad1 (None, )

ASN- ()

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.121.248.44 (None, )

ASN- ()

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.102.45.165 (None, ) 1 redirects

ASN- ()

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:afbe (None, )

ASN- ()

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.9.151.155 (None, )

ASN- ()

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
78	googlesyndication.com 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148 pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	1 MB
58	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 25796 ad4m.at — Cisco Umbrella Rank: 11359 assets.ad4m.at	484 KB
52	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	159 KB
12	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 428	251 KB
10	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	643 KB
10	xgcartoon.com www.xgcartoon.com static-a.xgcartoon.com	503 KB
8	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 145563 static-de.ad4mat.net	2 KB
7	onetag-sys.com 4 redirects onetag-sys.com — Cisco Umbrella Rank: 714	2 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2	3 KB
5	adform.net 5 redirects c1.adform.net — Cisco Umbrella Rank: 560	3 KB
4	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1299	898 B
3	webgains.com track.webgains.com	2 KB
3	awin1.com 1 redirects www.awin1.com	2 KB
3	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 478	3 KB
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 818	3 KB
3	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	436 B
2	medialead.de pv.medialead.de	653 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	1 KB
2	1rx.io 2 redirects sync.1rx.io	2 KB
2	de17a.com 2 redirects d5p.de17a.com	647 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 339	1 KB
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 780	1 KB
2	360yield.com match.360yield.com — Cisco Umbrella Rank: 1765	397 B
2	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550	725 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	297 B
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2627	207 B
1	conrad.de www.conrad.de	495 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	573 B
1	smaato.net s.ad.smaato.net	236 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5555	550 B
1	smartadserver.com ssbsync.smartadserver.com	45 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 695	236 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	256 B
1	statcounter.com c.statcounter.com — Cisco Umbrella Rank: 10182	468 B
0	webgains.team Failed cdn.track.production.webgains.team Failed
0	webgains.io Failed analytics.webgains.io Failed
0	congstar.de Failed banner.congstar.de Failed
261	37

	Domain	Requested by
36	pagead2.googlesyndication.com	204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
36	tpc.googlesyndication.com	204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
26	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
20	ad4m.at	as.ad4m.at ad4m.at
20	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
18	assets.ad4m.at	as.ad4m.at
15	securepubads.g.doubleclick.net	cdn.ampproject.org 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com www.googletagservices.com
12	cdn.ampproject.org	www.xgcartoon.com cdn.ampproject.org
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
10	www.googletagservices.com	204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com googleads.g.doubleclick.net
7	onetag-sys.com	4 redirects googleads.g.doubleclick.net
6	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
6	204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com	cdn.ampproject.org
5	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
5	c1.adform.net	5 redirects
5	static-a.xgcartoon.com	www.xgcartoon.com
5	www.xgcartoon.com	www.xgcartoon.com cdn.ampproject.org
4	sync.teads.tv	2 redirects googleads.g.doubleclick.net
3	track.webgains.com	as.ad4m.at
3	www.awin1.com	1 redirects as.ad4m.at
3	static-de.ad4mat.net	as.ad4m.at
3	secure.adnxs.com	3 redirects
3	pm.w55c.net	3 redirects
3	x.bidswitch.net	googleads.g.doubleclick.net
2	pv.medialead.de	as.ad4m.at
2	ssum-sec.casalemedia.com	2 redirects
2	sync.1rx.io	2 redirects
2	d5p.de17a.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	um.simpli.fi	2 redirects
2	match.360yield.com	googleads.g.doubleclick.net
2	dis.criteo.com	googleads.g.doubleclick.net
2	match.adsrvr.org	googleads.g.doubleclick.net
2	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	www.conrad.de	as.ad4m.at
1	sync.targeting.unrulymedia.com	1 redirects
1	s.ad.smaato.net	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	ssbsync.smartadserver.com	googleads.g.doubleclick.net
1	rtb.openx.net	googleads.g.doubleclick.net
1	region1.google-analytics.com	cdn.ampproject.org
1	c.statcounter.com	www.xgcartoon.com
0	cdn.track.production.webgains.team Failed	as.ad4m.at
0	analytics.webgains.io Failed	track.webgains.com
0	banner.congstar.de Failed	as.ad4m.at
261	45

This site contains links to these domains. Also see Links.

Domain
cn.xgcartoon.com

Subject Issuer	Validity	Valid
*.xgcartoon.com AlphaSSL CA - SHA256 - G4	`2023-09-24` - `2024-10-25`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-05` - `2025-01-03`	a year	crt.sh
xgcartoon.com GTS CA 1P5	`2023-11-16` - `2024-02-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-11-21` - `2024-02-19`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
ad4mat.net GTS CA 1P5	`2023-11-18` - `2024-02-16`	3 months	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
pv.medialead.de R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh

This page contains 44 frames:

Primary Page: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Frame ID: E4B06E41042EACCAF1119C466ECD15B4
Requests: 38 HTTP requests in this frame

Frame: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: C1D696CA5DE356154BD07AFF2D9C1286
Requests: 11 HTTP requests in this frame

Frame: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: A043D66DAE5F9342F0376E93565061C2
Requests: 10 HTTP requests in this frame

Frame: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 313888EBE3E6CE87C2A684DE2AE516EE
Requests: 11 HTTP requests in this frame

Frame: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: F791BA66E2AE3EA2CA0B0F7A5C7F5991
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_inhead_fy2021.html?hello=world
Frame ID: 0FA02900134A0CC8FCD5007E22855B77
Requests: 1 HTTP requests in this frame

Frame: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: E8EF8CFB7017363ED33CE442C197DA7C
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1280467831&adf=3173046732&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888920&bpp=178&bdt=150&idt=3222&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=1137090130&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079979%2C44795921%2C44809004%2C95320884&oid=2&pvsid=4053400509795091&tmod=1632843462&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ktek2ykiwrgc&fsb=1&dtd=3231
Frame ID: 36F10B03482580AF239DDAE96DB6970A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=482000826&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888951&bpp=216&bdt=166&idt=3212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=3970707060804890&tmod=349667132&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iblt9knfzq7t&fsb=1&dtd=3219
Frame ID: 55180CBFB794FA88AEB32BAE7576C811
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889044&bpp=2941&bdt=115&idt=3202&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3422866323&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079759%2C42532523%2C44795921%2C95320884&oid=2&pvsid=510619576081689&tmod=930227628&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ocue0moz9rkc&fsb=1&dtd=3204
Frame ID: 079FD3E0A2E8C678CB73B078D7C00820
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889134&bpp=2967&bdt=88&idt=3265&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C31079979%2C44809531%2C95320869%2C95320884&oid=2&pvsid=1570296872092261&tmod=982348649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ojcf858v2p6&fsb=1&dtd=3272
Frame ID: 13BF7753894A929D929E396A9B566548
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242892081&bpp=131&bdt=92&idt=332&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1137205606&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531706%2C95320884&oid=2&pvsid=2231393102354728&tmod=1615939969&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ciatwd3whlet&fsb=1&dtd=337
Frame ID: 7DBE5D9A369010116B0D5C07B01FB8B0
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hyrtxbjtezax0agkm65gpxaydgp7z5bm5r0dbsbvzw7jpkk71hre35yerz6tghgw275m26qzk3a2a4vf0gb9nsq46hs364dzd27bsj6965esr3w1jt04h08ab4hwmdgyyg2924rgz0yhhg5s6nz7xymvwvmptbrh7av1k69gc9fd5w1wys6cvzsk115x10smj3knp0sry42wzp24q9crr4kmc8k2ctqq1tjsspg720523zhscer2cqjtjqcytx65eenksgsryhj1w94xz0s9cy9vma0sbehar5a8exv7cb73mq9fpkfk1jvg63htwpdybrj31hhz4b1r08w7arzgwgpdjv1ptym7ntmsb4erxpp0p69ywavxz7arcds8txeakd3jb0snwnqpkcrwfhpg1xsap1c5rbzdqzgerx7j56kfj7wf60sycjkczj7b1m09m13nk5s&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCagb0jGyFZdm8DMSn9u8P9v6bsAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0BxRWrgw_MqYX9BGT2-o6yEZpeftb8751Zup5jUCqeLvwxusBrZlEk5LxdcX8Qr2LSN1mxVY4EBr9LWE7kCeGvMrvSqygzW3W8JU0wKWNTPbUNv_OpF7jo6gzDfi647ZTN2Y9wFbuxBn-0iprfEJ4JWgD3gFplj9QPQEmGvzvNh7C0bK7z2QlCPEqxLrcXnmncekBeWVmxfO6c4oD9eP_TagmTSTO2bU3U1C-TgiCoRuk8owVKPWg3EsAoKuox1j-asZ0i8L16n7DTsNyD6ABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYnIy5nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1OM4sUSYYTQ2D54aP0AKfuApn0Pg%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: 4527D64471C992EFA96E4414FD474B75
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 66E36A1D8AEDEEDDC885F0FF446E6D56
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/error_handler.js
Frame ID: 25B9C17F256ADB145F5C2493BD606D39
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jpn3p0px50wjyek0mgx94504erwhbn8jxppejjryqf7wzq53evtp6ajbe3exkh3wg20dt0pve17prnx2ttt8yvc13h42wmj2cwc1stms6k1ybnq08wg3gyes1bhqksdxc25gw5pmxda92zms50abkjh8ng1dgm54vygpkvqh0prv9h2yn4sw8gvfm79z22dkzt1nnazjt7tw9pt57w39msbvkarmwyxg89tdzehx22am05h2ks27h9xp5wjj6h9e3mdhz9wyg5wqjvzkxq06ewyz5vebhawcn6r9ax0epf2a0kx4a7kjq1j841xn2zh9mcsy1dvc3fpmqh2ve6rtqjn1zqmb19f6ss3szmcs6j8pknkaykv96xse3tqt6df898a7dksnq686cfhehpea8nh1ywgpy1ep1xyr8y9r1ag13h34f24cfax4x7fjdbz2fkfps60&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz158jGyFZZ20C4S99u8PtKOYoAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0IQNZADTwm0SdaKP45aHfDXOps8PlSRTHBi0TnKiX8uZOupqyLMABMgddSc0wwnkI-qNoXEEGHh2PgIj2hCiRS93av71pId0pyTE6ux5dk6R0f7siuMMJUyuDtkXSWYAEAGRUn45tBcUXppWEwUve4_dKzX9h9ajg4K2kHVlFP-p2xK_fTqxEFXBsxUdUoUoJbhj8Fzg128SM77iu6vaGxXqEUpr6RUozeBUD-UBeNrjVWeGgrqpuroWKuVlCsOsLfUeB1dvyKaIn_e2NumABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYzZC4nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2id-X13hiHACaKYAL5s4ftSpou9w%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: C7184F04AA7F0C047B918877486726BA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C52ED6A21C1CA36E9E58F913F1F48236
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kyed8k67exvqz66enq0ateb4ngactzsqtxkjj0p7y5zy0t4642bge25e75636knbksdhkngzm219hdj48h40k8k58k4agbpe9xn87j454k5avds7tpwnacg4ypnfn1cywq3eshtwjtdhhgzg45byvpfj3gp5zk1nvytzkft17m7hagcrakpxggdc8dvs7nfrrgmmr2915hk3k8kdda0z7q8v321s3vjh6vh6sdqqyn6vnrd2ph9a7yee285dcpw8p7mx06bz99wrpn5wqdp2vspdpqttw7kqyqzf3amsnrstt1623nps3npmbvgmqas0z9zqzcc2m32cyqgcg01z9va7ez7h9nktth4vcf65g3fvsexch7cwb00jxq8sg4w02d8eh8204esyfd2t41pd7agkb8bc6t6x892ztmvz5ednsf4tt7xjv7xsrzd4ywhjbtrz0mz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: C500AA85BC89FF2A3AF5A0295C846EB2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 92EDA351C4FA58411E503DEBB4879186
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/error_handler.js
Frame ID: 42875EEE2BDF7AA9DC68CB2856F23C4D
Requests: 6 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 50F682E20E81B76E31BA252A2DEA9608
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1g75fdxqbvphc982ghfse6v3n1rfe4yj6dqy8se0nwj72v4vy32jajr89v10858n13a4qvfywdfv72p1a2qccnec3nqsm6js0vg576q17zn0tp8sq5mmnz1wh0c2z1gtwvdkvbegvz3s7qb5mjbxbrhjt3yjzdd6eknsg4w7szrf9mfh9gahbsjfzq8t4erabzt1cnym2kthhf93ax0cwp7a1yzmajtz2g8tqx8hx345vmkp7bzqckg0wf19tawmckb6d1ac6fp8ah18myfmsa618m02q31q3fqvascarrqjk8zvqk9120mg6axhjr482741bbkfwwkfaeksd3tkm8vyc9kwgjmm5veaanesdtqgwmp0er2z8tbkzxg38cbmph37zqetxr7gsdx27ntg383ptgqb7zntaxq1113nqvmkrkjdw7qkb3vbwbtk1wbr8cs2gth7v8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: A75CA10C5E5F13FEC7A5C4F979ABF713
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 330A82FCC56DBB3D8780FF5A15D51F79
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: BF7D7A87A331876EBB713D4F4A63FECF
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jz04agx21t9ams746q5g4pjncjm7kvrmvgcs99w3fd1kgb7n2kd4e04m3t7gprnhsd43102ahp1r8p476wj8vas1n0v61s30s4k66pxdzf8vf32dwq9tt3v1wmfnhdq3v7reetcs5vwsyy0c3kjr1wafxyvrdfx42hkvn089znjp5411t35m1zj4v4dmdh2cng9cnbgmnde6xdn2pw5cx118fgf06crq3a1n4arsxzm95kkv0yx2cmw18t8f613y5r8f7rb95ks81q2aw2g32qn4p4tre55wbcknzs0mcvb2tn280yqrtz18cns51qmmc3waad2ny11dgcvh0be7n7d79nhedy7awk8fgzv7rya0gmxdzd0gnespc4zey2rhpbws5d43jq2fxv2yd6cw5b701ckwe76f20n981gazd5j5cky5xf9rkv71va9e6364700vj3&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-lwejGyFZfPvGuKe7_UPzNCDiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0Pa18-Gn5sKix6c_kPnCh-TZdD5h9YMlIv5mPqA18d5yzX2osEflVvrzg5R4kxNTo1uBZD-zKluzx0EoT0jdYq2sMPUo1du29zzeYA7iRoGCXjEY8MxKL-ol_qiNHx4Y644lbmZ41gLF_KsN1XgI30u9ShSUm0ipLW35u7XnVIUE0xIlbz6HE81P4JLfXv8YXS7-38as4WRKGdPEQWh1ifHP2Ubx2dJHT--sJcPN5ctYhMZLvRLP-1W81RPdB7oYkIT7fRhC38RbP4A-tNwTgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN3Ax5zyooMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_16pC8lVHUJk3gPGqrBYOqDnfSAbg%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: C4283CE73B069478F106474B33AE44CC
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4AE4920B0EC6C76C5141D0501885205B
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: A4C6204FA4B6AB96286A926C4A11C11C
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 655569762EAF32F1263AE5DE60E5C640
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 8561C605EADD27AA25F7686099D94E8E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B5694B80AC9B99EDAF005F7F9BAEDB10
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B5DD32EC51F4614D8B15B445962ABB3E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6085B02FF7D9BD866C8CA4FD99A15AA2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8C25C11732666DC9B46B230B532EF0EA
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15573&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=50&e=&g=19cccbff6ba55a50bb543fea0fdda0f7%2F15810034432410532909&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893147&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gxkax8vs8wwrz466bvm1cenqphnepcc09pphpvx93akwkbny9ajgbpacyx1qr2cted4766g5k56dsap8zyx2yrsy4nzdaf533mab14h3d43wjp6w854eyg551dm1egv7yep92jbb53aqveymhbkzcsp3agwdekx5dapn8cve6zcecpsmdcsqypk6dk615d2yam9jmcer08a7pbsxd2n0mcgbszevsss0prxa11025g7m19ba366beh580fwk66stagr746bfrfg4fd7z5dtjwv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCagb0jGyFZdm8DMSn9u8P9v6bsAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0BxRWrgw_MqYX9BGT2-o6yEZpeftb8751Zup5jUCqeLvwxusBrZlEk5LxdcX8Qr2LSN1mxVY4EBr9LWE7kCeGvMrvSqygzW3W8JU0wKWNTPbUNv_OpF7jo6gzDfi647ZTN2Y9wFbuxBn-0iprfEJ4JWgD3gFplj9QPQEmGvzvNh7C0bK7z2QlCPEqxLrcXnmncekBeWVmxfO6c4oD9eP_TagmTSTO2bU3U1C-TgiCoRuk8owVKPWg3EsAoKuox1j-asZ0i8L16n7DTsNyD6ABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYnIy5nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1OM4sUSYYTQ2D54aP0AKfuApn0Pg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: AA4CCC12CD80AA3778F13CCFB83D5869
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15573&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=50&e=&g=3ebec5b4d9a3d8de1a44d57c95ae6be1%2F8852330303997521108&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893270&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfrmkfj9ke73stsawqsjg0j29qh1tk4gjybgpvvjcqvt04eczkvtenyj0kwd0jmxzb42j9caqyf55ed104xh4je3baq7b30dmv1qmqt57yjzbh0cc18aaac0vhwrm4zzzvm91pdmxfj7ayjhc79hh2fn5wsvgak8cvszr8qbx33hz337q24zwewx77j8tv8mmagv5q510s2wdw747d6w7qp9q3xs2g8es8mya0yb6pehpsg740s8f1mzfcm8beenmc9t8zfz4k4sbn084b9eekm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz158jGyFZZ20C4S99u8PtKOYoAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0IQNZADTwm0SdaKP45aHfDXOps8PlSRTHBi0TnKiX8uZOupqyLMABMgddSc0wwnkI-qNoXEEGHh2PgIj2hCiRS93av71pId0pyTE6ux5dk6R0f7siuMMJUyuDtkXSWYAEAGRUn45tBcUXppWEwUve4_dKzX9h9ajg4K2kHVlFP-p2xK_fTqxEFXBsxUdUoUoJbhj8Fzg128SM77iu6vaGxXqEUpr6RUozeBUD-UBeNrjVWeGgrqpuroWKuVlCsOsLfUeB1dvyKaIn_e2NumABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYzZC4nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2id-X13hiHACaKYAL5s4ftSpou9w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: 93BA80156082BF10F55DAF6F224DFCB9
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C22451%2C43766&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M%2C791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x%2CEDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP&c=120&d=600&e=&g=321ec706a9e9084c47b143badf7f4031%2F15314562129382337961&i=29981%2C25174%2C24891&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893293&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm22q4b9444aejr3r6k9w1n2dvzxe0b3qnmwenxnk96q6kyadxr1vaapm438v4556zjm9437abmem008nc834ewqnqjcsmb070bh8ev7ap1e6q5s2vrhf4nyvbjtd0vj0etyx2a0p7qgysx4n6aeaj1jmnkjh44nwgdc2e9f9pjwnzjh7se4y15wc8bybw22npf60v0bewxjv540b98drpvzvj5hxwe4y0cc6mtnx58km4p4c1d9a8shsks4gxsht2gca8g08qbf5rh0r5sqwwb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: 57938D9F428E7DDE70EF690584A26CAC
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=19769%2C197862%2C537178&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=0b6692431a0ccc8a3d007ad5020f0715%2F12881294171857800507&i=21630%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893182&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpcdsd441js1y7svjvzf0ya59emx4d97d82wfg1fncwqyhjya4dj4kkcerpemycstmvk4s65w0jjx2qaradsny5jvxvnmwh1r5hk83dcnj6crz87z98z2vzx66btzy1xx1mvh4hk5j3e31errx6bnsa53345qc4jsymbpb1xpfyqdvfyhbp898fkppxmtb9ckky5k1xc62gbfhakxaf3pxys19x0g567sqk5yfswpywhmbgrx59dea6vggcyahsvbjvw98rn781zzscfrft5907%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: 6EB7E7A55A2CFE5B9F04D14926AEAAA9
Requests: 13 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=183975&b=Z28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=50&e=&g=121c3689836262a14e893a5705835435%2F5587413522742643148&i=20597&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893301&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jzexnyx97018mp6hcfpggvcjhebj7r1t7h62fs0ts94mmtj548jk27brb9qkhwvj1qgnvyrnj3qw1p0edgar0ja435z66qjn8brm6z7m6bawm3qpxhfbf5hw5wk6tv9a0m10ctj525nj077ngg7j4frfqynq8aqtgtxh0hfk0zc9txcj0cj0cwz5dpz2rd32101vmeq2g0tkvtwvpq3tcytncjdst5xm808pet4vysz1whhxn5azs5reabkqjtjj148ysyktghz75qs3348zd3e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-lwejGyFZfPvGuKe7_UPzNCDiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0Pa18-Gn5sKix6c_kPnCh-TZdD5h9YMlIv5mPqA18d5yzX2osEflVvrzg5R4kxNTo1uBZD-zKluzx0EoT0jdYq2sMPUo1du29zzeYA7iRoGCXjEY8MxKL-ol_qiNHx4Y644lbmZ41gLF_KsN1XgI30u9ShSUm0ipLW35u7XnVIUE0xIlbz6HE81P4JLfXv8YXS7-38as4WRKGdPEQWh1ifHP2Ubx2dJHT--sJcPN5ctYhMZLvRLP-1W81RPdB7oYkIT7fRhC38RbP4A-tNwTgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN3Ax5zyooMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_16pC8lVHUJk3gPGqrBYOqDnfSAbg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: B5557B24FEDBCC1554B865C54C9BFC78
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 257C0B4E275F9AAE828FAAE726090B56
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7C6B8E7B73951D4E9E4FAAF8B5C3927E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3F787696072FBB5359B6D7813E92E7D9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B9686F345B335239868CC2FAB07FEA04
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 47A9D680DC3D98510472863EE93CD68F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CCB0520730017F5B9365D5E030DF8B12
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🍸光之美少女第12季（Go！PRINCESS光之美少女！）【日語】免費高清卡通動漫在線看 - 西瓜卡通

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js
tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

261
Requests

90 %
HTTPS

41 %
IPv6

37
Domains

45
Subdomains

31
IPs

10
Countries

3334 kB
Transfer

9062 kB
Size

13
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://cn.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Title: 简

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDzowZC0slH0Xl1g0Hdn01c&google_cver=1&google_push=AXcoOmTo4RNJx0TVeSOh-A3Pz5hpCkLROEWa54TqM112Rj5dkUGSqgoLY1bkDaX-ie_Uc9mrD7xhVoJdUmYejUZBLoXTZM3kYuRo4w HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDzowZC0slH0Xl1g0Hdn01c&google_cver=1&google_push=AXcoOmTo4RNJx0TVeSOh-A3Pz5hpCkLROEWa54TqM112Rj5dkUGSqgoLY1bkDaX-ie_Uc9mrD7xhVoJdUmYejUZBLoXTZM3kYuRo4w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY2NDIzNDUzOTk1NzEwODcyNQ&google_push=AXcoOmTo4RNJx0TVeSOh-A3Pz5hpCkLROEWa54TqM112Rj5dkUGSqgoLY1bkDaX-ie_Uc9mrD7xhVoJdUmYejUZBLoXTZM3kYuRo4w

Request Chain 109

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENOWA24WNW45n776_qQQ9C0&google_cver=1&google_push=AXcoOmRVBn4SP6__r_7GGxRyi2gtO97Mbtr0_4Ury0YlgsMXDLRDLnc-tzSfLTaTqW8rnjwBKilhmUQLaDFVQJb0ryv5HTHMfrtxBA HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENOWA24WNW45n776_qQQ9C0&google_cver=1&google_push=AXcoOmRVBn4SP6__r_7GGxRyi2gtO97Mbtr0_4Ury0YlgsMXDLRDLnc-tzSfLTaTqW8rnjwBKilhmUQLaDFVQJb0ryv5HTHMfrtxBA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dFl3dDJ4U00xUmdEaHk1&google_gid=CAESENOWA24WNW45n776_qQQ9C0&google_cver=1&google_push=AXcoOmRVBn4SP6__r_7GGxRyi2gtO97Mbtr0_4Ury0YlgsMXDLRDLnc-tzSfLTaTqW8rnjwBKilhmUQLaDFVQJb0ryv5HTHMfrtxBA

Request Chain 111

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDzowZC0slH0Xl1g0Hdn01c&google_cver=1&google_push=AXcoOmSctEjxixTX3s4UnWdPSh7c7MhM5RrrlEoOJpmUIo47JUw6bkWnrE4m5p6PbftPUPNjFAXo8TWgmVNrYZU0101rWAFVokUL HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDzowZC0slH0Xl1g0Hdn01c&google_cver=1&google_push=AXcoOmSctEjxixTX3s4UnWdPSh7c7MhM5RrrlEoOJpmUIo47JUw6bkWnrE4m5p6PbftPUPNjFAXo8TWgmVNrYZU0101rWAFVokUL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE1MjA5OTc4NTIyMzAzMTkyMQ&google_push=AXcoOmSctEjxixTX3s4UnWdPSh7c7MhM5RrrlEoOJpmUIo47JUw6bkWnrE4m5p6PbftPUPNjFAXo8TWgmVNrYZU0101rWAFVokUL

Request Chain 112

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGjB83VX9zOJkylftHhzN50&google_cver=1&google_push=AXcoOmTbIHis3f5iRo1Rtye1QO3Fy9NYoW_bF72t1J3MU5ha7mT8FuD3pwEnvKQK0bsdpanxgj-LMkyUPhzHsVwq4tVmIsIEh7MRgQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTbIHis3f5iRo1Rtye1QO3Fy9NYoW_bF72t1J3MU5ha7mT8FuD3pwEnvKQK0bsdpanxgj-LMkyUPhzHsVwq4tVmIsIEh7MRgQ

Request Chain 114

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEGjB83VX9zOJkylftHhzN50&google_cver=1&google_push=AXcoOmQVIWzthtTkxA8c8HBcNjr-hZn41gAUeVkDWPNs7uaV2XGDK4B1oLvCyKdIWJDmGnFbhAxk05AJoEMNzinrMssyl6_m-4i3XuY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQVIWzthtTkxA8c8HBcNjr-hZn41gAUeVkDWPNs7uaV2XGDK4B1oLvCyKdIWJDmGnFbhAxk05AJoEMNzinrMssyl6_m-4i3XuY HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 115

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEHy36zJnR_DAkjxjrYqmApg&google_cver=1&google_push=AXcoOmQ5n31CY4nsMiI7gxbEHWPRs4oTypQ_V59lwwIreKHX_71FepCwHQHYVm5WWbFiOLfBpEh6XC0bw67JdodB6qcsPDlHmNSoSSM HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEHy36zJnR_DAkjxjrYqmApg%26google_cver%3D1%26google_push%3DAXcoOmQ5n31CY4nsMiI7gxbEHWPRs4oTypQ_V59lwwIreKHX_71FepCwHQHYVm5WWbFiOLfBpEh6XC0bw67JdodB6qcsPDlHmNSoSSM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODk1MTMwMTA1MzgzMzQ2ODQ3MQ%3D%3D&google_gid=CAESEHy36zJnR_DAkjxjrYqmApg&google_cver=1&google_push=AXcoOmQ5n31CY4nsMiI7gxbEHWPRs4oTypQ_V59lwwIreKHX_71FepCwHQHYVm5WWbFiOLfBpEh6XC0bw67JdodB6qcsPDlHmNSoSSM

Request Chain 127

https://um.simpli.fi/gp_match?google_gid=CAESEKmSpIvl-YexYsFoLlkhQE0&google_cver=1&google_push=AXcoOmRwEdqCWl_cMOToOQSbkruWq1mkUU3ZftmOZ9b-dsVsgwRmrq9T9cdRix-oQ1Id3Vnk8MuG2pVwAwpZz0Z34S5HKXRmacZc5g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=92094092DF0A4340841270F42541A162&google_push=AXcoOmRwEdqCWl_cMOToOQSbkruWq1mkUU3ZftmOZ9b-dsVsgwRmrq9T9cdRix-oQ1Id3Vnk8MuG2pVwAwpZz0Z34S5HKXRmacZc5g

Request Chain 129

https://ads.travelaudience.com/google_pixel?google_gid=CAESEF3whesNpTaY2nAdBWPVuq0&google_cver=1&google_push=AXcoOmTiL3bqPBsge0_BcoGhfbdDmpqaNV7tcCzchgn_eadnjgFWGomNObr_ybiQ1GUvm-PEs4RoQVR55T-yFPD3n43O3sMjQZzJYA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=eUdPJzhESZUasSGxOfHOtQ&google_push=AXcoOmTiL3bqPBsge0_BcoGhfbdDmpqaNV7tcCzchgn_eadnjgFWGomNObr_ybiQ1GUvm-PEs4RoQVR55T-yFPD3n43O3sMjQZzJYA

Request Chain 130

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHGPse3mVBIJjZz8IhpC3To&google_cver=1&google_push=AXcoOmR_DBDEvQ-_Q2qWk57lGsWrtJeEUhu1jFqrVC9r-lriXSVBxOur-h74dzn8XiHTureDCXW3O9rWDGPE-yfzekBlcSCtS4uzhA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFHSVVCNkstTi1KSTZD&google_push=AXcoOmR_DBDEvQ-_Q2qWk57lGsWrtJeEUhu1jFqrVC9r-lriXSVBxOur-h74dzn8XiHTureDCXW3O9rWDGPE-yfzekBlcSCtS4uzhA

Request Chain 132

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEGjB83VX9zOJkylftHhzN50&google_cver=1&google_push=AXcoOmTj9pg-JJZ8kXaVdpdCf5KgZ9cUH5CkUbkyluDhYHgeyTH7ZjnhmD1yTl69fUQ5X6hP5oVVgeT3_bMNU-P9JtG8dp-iJO67BA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTj9pg-JJZ8kXaVdpdCf5KgZ9cUH5CkUbkyluDhYHgeyTH7ZjnhmD1yTl69fUQ5X6hP5oVVgeT3_bMNU-P9JtG8dp-iJO67BA HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 133

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECemMGPmCgcqx9igCXHewZM&google_cver=1&google_push=AXcoOmTG1z9fmphCuxvEr7JBETxo6h9NOclQpwae6jEcQyyUuKNY9_z32pJH7ivjGNq0JAgINybP3xQdFVsvR_bYWg1iL7az6ALQHIY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmTG1z9fmphCuxvEr7JBETxo6h9NOclQpwae6jEcQyyUuKNY9_z32pJH7ivjGNq0JAgINybP3xQdFVsvR_bYWg1iL7az6ALQHIY HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 161

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENOWA24WNW45n776_qQQ9C0&google_cver=1&google_push=AXcoOmQBhgBTYefk3KopEw5FkhHmsYzBPftBBAVVw-wCZLmrPoEJgnHQBtXYFS5hRTNULK-pdAZaV_-QFzzUft0cKIKAX4VtlxCH HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dFl3dDJ4U00xUmdEaHk1&google_gid=CAESENOWA24WNW45n776_qQQ9C0&google_cver=1&google_push=AXcoOmQBhgBTYefk3KopEw5FkhHmsYzBPftBBAVVw-wCZLmrPoEJgnHQBtXYFS5hRTNULK-pdAZaV_-QFzzUft0cKIKAX4VtlxCH

Request Chain 162

https://d5p.de17a.com/cookies/google?google_gid=CAESEL1LUNv8Asv3W_BguzJpGjg&google_cver=1&google_push=AXcoOmTNXWZ3DQmPeeH4560SL09GeMIBKGaLSDEwHdx_FAlWiuySsd8mm2yIAKm_FGEVv1yiXc9ecAvw_VIM-hqLryCo-iPXqehx HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEL1LUNv8Asv3W_BguzJpGjg&google_cver=1&google_push=AXcoOmTNXWZ3DQmPeeH4560SL09GeMIBKGaLSDEwHdx_FAlWiuySsd8mm2yIAKm_FGEVv1yiXc9ecAvw_VIM-hqLryCo-iPXqehx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTNXWZ3DQmPeeH4560SL09GeMIBKGaLSDEwHdx_FAlWiuySsd8mm2yIAKm_FGEVv1yiXc9ecAvw_VIM-hqLryCo-iPXqehx

Request Chain 163

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDzowZC0slH0Xl1g0Hdn01c&google_cver=1&google_push=AXcoOmQ4jAz9hHXapgdM9_-9llrZlM7gzBvtvXzxJPKmIFroJ8OVdryauQCyzj6w-cjYOnRP6C6blKXQSRBje3IClYsGqip7yVCn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY2NDIzNDUzOTk1NzEwODcyNQ&google_push=AXcoOmQ4jAz9hHXapgdM9_-9llrZlM7gzBvtvXzxJPKmIFroJ8OVdryauQCyzj6w-cjYOnRP6C6blKXQSRBje3IClYsGqip7yVCn

Request Chain 165

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESECmWUtjcDRrWtRnouhs5HeQ&google_cver=1&google_push=AXcoOmRNhMqqXYMMclnIZBtirKgkbTblI8Cc9FXdZxz4Wcf4Gos2eVfxrt4XiXNQVPbO-XAcVYYXodKWiaeqkP7F-2LUVrdwPbI HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRNhMqqXYMMclnIZBtirKgkbTblI8Cc9FXdZxz4Wcf4Gos2eVfxrt4XiXNQVPbO-XAcVYYXodKWiaeqkP7F-2LUVrdwPbI&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1703242893219 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-1e27c462-4877-430c-a868-93eb3e6f316e-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRNhMqqXYMMclnIZBtirKgkbTblI8Cc9FXdZxz4Wcf4Gos2eVfxrt4XiXNQVPbO-XAcVYYXodKWiaeqkP7F-2LUVrdwPbI%26google_hm%3DAx4nxGJId0MMqGiT6z5vMW4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRNhMqqXYMMclnIZBtirKgkbTblI8Cc9FXdZxz4Wcf4Gos2eVfxrt4XiXNQVPbO-XAcVYYXodKWiaeqkP7F-2LUVrdwPbI&google_hm=Ax4nxGJId0MMqGiT6z5vMW4

Request Chain 166

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECemMGPmCgcqx9igCXHewZM&google_cver=1&google_push=AXcoOmTOoJkt-JlUa27kBpikmwLt7awp87fsgh28HTE48eKTHJjib9sK6H0im81v_jNRyNQrZ3fc-tMUV24bf67TisnDMN3S-l0Xbg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmTOoJkt-JlUa27kBpikmwLt7awp87fsgh28HTE48eKTHJjib9sK6H0im81v_jNRyNQrZ3fc-tMUV24bf67TisnDMN3S-l0Xbg HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 170

https://um.simpli.fi/gp_match?google_gid=CAESEKmSpIvl-YexYsFoLlkhQE0&google_cver=1&google_push=AXcoOmSgRVTv0rI6pUJTIZWbi5VrWm_OH4CNJOS8r5XdtJhUcEe3YxDAzGQYSkwy_Vp_9VfyFTA5s7J52i70HiJCyfqaKMTcSVig HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=92094092DF0A4340841270F42541A162&google_push=AXcoOmSgRVTv0rI6pUJTIZWbi5VrWm_OH4CNJOS8r5XdtJhUcEe3YxDAzGQYSkwy_Vp_9VfyFTA5s7J52i70HiJCyfqaKMTcSVig

Request Chain 172

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHGPse3mVBIJjZz8IhpC3To&google_cver=1&google_push=AXcoOmT2xEj12KW8NAj4bi78artyaKuHwdpFcF7EiPK-xcbJiVRkDDrpHjlOWIKoGQvEI5vTE0bIY2MZkLcsMYEDKXXU5Z8G6Lo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFHSVVCOE8tMTMtSzA3Sw==&google_push=AXcoOmT2xEj12KW8NAj4bi78artyaKuHwdpFcF7EiPK-xcbJiVRkDDrpHjlOWIKoGQvEI5vTE0bIY2MZkLcsMYEDKXXU5Z8G6Lo

Request Chain 173

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOhiMUubKFKX2a_EPnTAuDU&google_cver=1&google_push=AXcoOmRM38dVldt7SdXZ-TVbLOzqH3JjwnSOI-egYKK6pW86dv5_JjD7DsbRLhpw7MH3k5bjnlAWs-Rkt3UB3J42Qm2IeU0-6Y2B HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOhiMUubKFKX2a_EPnTAuDU&google_push=AXcoOmRM38dVldt7SdXZ-TVbLOzqH3JjwnSOI-egYKK6pW86dv5_JjD7DsbRLhpw7MH3k5bjnlAWs-Rkt3UB3J42Qm2IeU0-6Y2B&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOhiMUubKFKX2a_EPnTAuDU&google_hm=ZYVsjfZiGd6ghCryqwmsHwAAFKoAAAAB&google_nid=index&google_push=AXcoOmRM38dVldt7SdXZ-TVbLOzqH3JjwnSOI-egYKK6pW86dv5_JjD7DsbRLhpw7MH3k5bjnlAWs-Rkt3UB3J42Qm2IeU0-6Y2B

Request Chain 174

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEGjB83VX9zOJkylftHhzN50&google_cver=1&google_push=AXcoOmSi1kVz64WPryjs4GSKl6XvzzY5ra6xkoMAOEhwcNrfXIh7ERk4fjWXE6arZT74PZ3CdZkKcLmesiq5n91dEnwGNLwxkOoyrg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSi1kVz64WPryjs4GSKl6XvzzY5ra6xkoMAOEhwcNrfXIh7ERk4fjWXE6arZT74PZ3CdZkKcLmesiq5n91dEnwGNLwxkOoyrg HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 175

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEHy36zJnR_DAkjxjrYqmApg&google_cver=1&google_push=AXcoOmTBD2ELzsoj6ek979Hy4QP_C6qfOgndxCYVQAsARbjlIQfY9WjxDudttW_LW2GH-DiZMSfDeEtg2lfOxysNUCMbVv7e1qfXzw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODk1MTMwMTA1MzgzMzQ2ODQ3MQ%3D%3D&google_gid=CAESEHy36zJnR_DAkjxjrYqmApg&google_cver=1&google_push=AXcoOmTBD2ELzsoj6ek979Hy4QP_C6qfOgndxCYVQAsARbjlIQfY9WjxDudttW_LW2GH-DiZMSfDeEtg2lfOxysNUCMbVv7e1qfXzw

Request Chain 242

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CJDqi53yooMDFc-T_QcddFUF7w;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1703242893_77f2d161-a0b9-11ee-a9f2-22382f104756

Request Chain 256

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneiddk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPWoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1703242893_77e20880-a0b9-11ee-86a2-223889379c61&insert=AW&&gdpr=0&gdpr_consent=

261 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan Show response
www.xgcartoon.com/detail/ 97 KB
20 KB 1119ms
552ms Document
text/html 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6131dc1f5f4917d39d60cc5a0acdf6cc86983144801036d6a6dfde7e265a1b00

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=60
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 22 Dec 2023 11:01:27 GMT
etag: "185c0-2Hx2wRUQtLI9BfquBbcMEeI0Sgs"
expires: Fri, 22 Dec 2023 11:02:27 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 215ms
91ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0435079f9a4a1280a9ccfbb593d29768c3f96b4cd7b0c6ee2134f820b5f65cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 22 Dec 2023 11:01:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73141
x-xss-protection: 0
server: sffe
etag: "20620290c9309704"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Dec 2023 11:01:27 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/v0/ 82 KB
24 KB 172ms
49ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb22b6f1eaa16879c8550599bc09f556bba897ecd3826a49db742558c1e0751a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 22 Dec 2023 11:01:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23125
x-xss-protection: 0
server: sffe
etag: "03885caa855825de"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Dec 2023 11:01:27 GMT

GET
H2 200 amp-autocomplete-0.1.js Show response
cdn.ampproject.org/v0/ 29 KB
9 KB 241ms
130ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

878a2cd75957206fa5958be9c549e0b8f9adf16b6ae5aa305b1405649f2d84a5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 22 Dec 2023 11:01:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9459
x-xss-protection: 0
server: sffe
etag: "8a483731af74fd28"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Dec 2023 11:01:27 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/v0/ 50 KB
15 KB 246ms
136ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-form-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e40d97b983b5756bf934b6b97d8d3fbb7cd719406bf82fee6e8a2c1acced376d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 22 Dec 2023 11:01:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14979
x-xss-protection: 0
server: sffe
etag: "5c37322451a9f07d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Dec 2023 11:01:27 GMT

GET
H2 200 amp-mustache-0.2.js Show response
cdn.ampproject.org/v0/ 45 KB
15 KB 233ms
123ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-mustache-0.2.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83af0c09a4f51158ec41f22995415aad509db6ef38d91c7feda2503acf5c49f6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 22 Dec 2023 11:01:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15383
x-xss-protection: 0
server: sffe
etag: "10ecb1b2e6eeaabe"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Dec 2023 11:01:27 GMT

GET
H2 200 amp-social-share-0.1.js Show response
cdn.ampproject.org/v0/ 14 KB
5 KB 197ms
87ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-social-share-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfc3120b346b740f323485e3711448804353c1c5c213ec822a6ff76e0c7b8ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 22 Dec 2023 11:01:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4740
x-xss-protection: 0
server: sffe
etag: "e23d2a0d990fab56"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Dec 2023 11:01:27 GMT

GET
H2 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/v0/ 40 KB
10 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dca1a0dc1f2b52f18cf46789de016d2937b1829b3f2db9a19aa78f31a9694e5a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 22 Dec 2023 11:01:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10344
x-xss-protection: 0
server: sffe
etag: "710c75735c511774"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Dec 2023 11:01:27 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
32 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10a9496c968fb01e420759b953e1c683c7620261d4d04ae9a290d42dd63d4455

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 22 Dec 2023 11:01:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32187
x-xss-protection: 0
server: sffe
etag: "f62e83b3b94bc414"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Dec 2023 11:01:27 GMT

GET
H2 200 /
c.statcounter.com/12916097/0/c55d9f9f/1/ 49 B
468 B 261ms
169ms Image
image/gif 104.20.95.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.statcounter.com/12916097/0/c55d9f9f/1/
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
cf-ray: 8397ddf09bc67188-FRA
content-length: 49
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 logo.png
www.xgcartoon.com/img/ 13 KB
13 KB 288ms
288ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/logo.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:27 GMT
last-modified: Sun, 28 Aug 2022 14:10:33 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"3473-182e4ca3706"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 13427
expires: Fri, 22 Dec 2023 11:04:27 GMT

GET
H2 200 guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan.jpg
static-a.xgcartoon.com/cover/ 169 KB
170 KB 154ms
50ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan.jpg?w=230&h=280&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de6f3845be49878afb5314dd5297e48423a4e952b0ad7fc367627de0338d49d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:28 GMT
cf-cache-status: HIT
last-modified: Tue, 12 Sep 2023 01:35:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 29224
etag: "86FC2EE28560ED1682496CF88EE9E17C"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4yz4dzq726K6DFek4PDKuYNpK9BW9C6QR6ecPZljRWy50JYo%2B%2FipPiEyPQftyKrMAp%2BP6Pb3DoA4W7gbgNstvPVXy%2FlqgqNy4JETm%2B%2B%2BTug3%2FKksU%2BldR4ReYegopgeTvhvr4Avynfg5ETQYYFyQR%2FkRrEo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8397ddf2df369b49-FRA
content-length: 173219
expires: Sun, 24 Dec 2023 12:02:29 GMT

GET
H2 200 play.png
www.xgcartoon.com/img/ 470 B
667 B 288ms
288ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/play.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:28 GMT
last-modified: Wed, 17 Aug 2022 11:09:20 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"1d6-182ab7e5700"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 470
expires: Fri, 22 Dec 2023 11:04:28 GMT

GET
H2 200 star.png
www.xgcartoon.com/img/ 424 B
621 B 286ms
286ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/star.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:28 GMT
last-modified: Wed, 17 Aug 2022 11:09:12 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"1a8-182ab7e37c0"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 424
expires: Fri, 22 Dec 2023 11:04:28 GMT

GET
H2 200 guangzhimeishaonvjuchangbanhejiriyu-dongtangquan.jpg
static-a.xgcartoon.com/cover/ 91 KB
92 KB 193ms
89ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/guangzhimeishaonvjuchangbanhejiriyu-dongtangquan.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8013407130f3d1c34679b5d4a3ca7d56ce95e0a656d501bf0920e8bd8732b6a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:28 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Sep 2023 00:30:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 43086
etag: "940062558EBFE44CF53ED01AE9AC1FEA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jC%2B6E2BA8rsI3khNd6My4IY3DlSh80OWQvtFAPrVn6OSMVk7cizQTgIGojGoXiQtmR4BVlW%2FJ%2BPlNb9D1C%2FhP79kFZbgO0nHQR0NtB8B%2BENxp%2BpGQ%2FPmbKu7nuCjaKMsyOchvXUAAYcnGC%2BKk3jKdSpc0U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8397ddf2df3b9b49-FRA
content-length: 93564
expires: Sat, 23 Dec 2023 05:39:09 GMT

GET
H2 200 youxiwang_di5ji_arc-vyouxiwanghuguang-wuriyu-gaoqiaohexi.jpg
static-a.xgcartoon.com/cover/ 25 KB
26 KB 152ms
48ms Image
image/jpeg 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/youxiwang_di5ji_arc-vyouxiwanghuguang-wuriyu-gaoqiaohexi.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b8fd957271a7089ccbf728bf63e93fd5de3d78b076ad856a91bed46b09d5abf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29226
content-length: 25636
cf-bgj: h2pri
last-modified: Tue, 03 Jan 2023 09:34:10 GMT
server: cloudflare
etag: "9D5579EF044E32A5D2AD4C4FAE6EEBDD"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMDXz4Oq1E67A5o0CShHildgSTxNtN5f%2BZFpok48bb6sGICjxnJj5RavRgrddxM5X4pXXl61hwNcQ3DIVo8ZRIukHU7YmlrV2BA941l%2FpWe%2BKJX5%2FDFZqCE7PObkzXcj5YtOqnE%2BskOrDrSXiNOVlQHQMDc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8397ddf2df379b49-FRA
expires: Sat, 23 Dec 2023 14:05:50 GMT

GET
H2 200 guangzhimeishaonv_shishangtianxinkirakiraguangzhimeishaonv_a_la_modekirakirapretty_cure_a_la_moderiyu-tianzhongren.jpg
static-a.xgcartoon.com/cover/ 95 KB
96 KB 193ms
89ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/guangzhimeishaonv_shishangtianxinkirakiraguangzhimeishaonv_a_la_modekirakirapretty_cure_a_la_moderiyu-tianzhongren.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95f9669f86fe28fac80e3a754575893953ce4880b37490c44fb603257ccfd95b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:28 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 00:54:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 29225
etag: "44B8FC9869B28AC50168C1C25FE7400B"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EKkNYjWLv%2BHAwwW6btQz45Tj9OAYE1UDO%2BrKDMPqJq9mYJcr5pEuOMAxLIP3BFYEdB5h1wrjAaHjbD5kaFsBjB72gejqBUDC8SaHgI76KeD%2BeArqQeFvxrmoSmL21vinEJTCvV7AHOwZcJYyN5YPM7SHB6w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8397ddf2df399b49-FRA
content-length: 97771
expires: Sat, 23 Dec 2023 07:30:27 GMT

GET
H2 200 xitongbiwozuohuanghou_dongtaimanhua-liuyuexuegongzuoshi.jpg
static-a.xgcartoon.com/cover/ 83 KB
83 KB 193ms
89ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/xitongbiwozuohuanghou_dongtaimanhua-liuyuexuegongzuoshi.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac79466527bbddc1f62ebc9439506bf48c8c6f19cfbb8e2bb71541c45e0e032d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:28 GMT
cf-cache-status: HIT
last-modified: Thu, 15 Dec 2022 12:57:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 29225
etag: "E81F01E9640F73669094983EFA490030"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shZ6Nal%2BikGWeCHibvNxsVN6oOPBnCqf%2BveGGkMZeyM8qp%2BTXSdKsr6eXBNufyvhiSH8byDpA2JUXUiqtHrEH7SposJe%2B%2BYy4S0i6wNcBRvPQht5oeSDiRn6hmbZ2xT9%2BIkzb3%2Fq6BY8arPWS8kElnDBCsQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8397ddf2df3c9b49-FRA
content-length: 84563
expires: Fri, 22 Dec 2023 08:48:36 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012312012346000/v0/ 8 KB
3 KB 120ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312012346000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e2aa31ea0b4c14103915ba7d906536f68d021c22d3038b36c145bc2e6a2cc1d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Dec 2023 17:16:01 GMT
age: 236727
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2975
x-xss-protection: 0
server: sffe
etag: "a9f93cfafa19b094"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Dec 2024 17:16:01 GMT

GET
DATA 200
OK truncated
/ 393 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 953 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 792 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 440 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 394 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 308 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 227 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 154 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 amp-ad-network-doubleclick-impl-0.1.js Show response
cdn.ampproject.org/rtv/012312012346000/v0/ 237 KB
62 KB 105ms
43ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312012346000/v0/amp-ad-network-doubleclick-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d50653c6b567749e8af96b01371c0830a1ab0731ac3e13230bc12913e00c4f52

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Dec 2023 17:16:24 GMT
age: 236704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63654
x-xss-protection: 0
server: sffe
etag: "7d5e78ba8c7d5e5d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Dec 2024 17:16:24 GMT

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012312012346000/v0/ 12 KB
4 KB 118ms
58ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312012346000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c54442f21c2cbd18f8e6e2508129e77dab00b67022621679202cfe3b9baa4e9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 18 Dec 2023 06:27:05 GMT
age: 362063
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3942
x-xss-protection: 0
server: sffe
etag: "4694a1430564add5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 17 Dec 2024 06:27:05 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
14 KB 655ms
547ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_header&adk=1412529771&sz=728x90%7C728x90&output=html&impl=ifr&ifi=1&msz=1200x-1&psz=1200x-1&fws=4&adf=2815854195&nhd=0&adx=436&ady=120&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=7005904&ga_cid=amp-XbxgKKOQKxwjR7osDQVOig&ga_hid=5904&dt=1703242888208&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan&bdt=542&dtd=9&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d3334cb8e61a3c61e708b657e644941f8f70d86f10d9b8d9f2a8308b39b6701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:28 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13696
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CKzozpryooMDFT8sVQgdjCkD-Q
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 107027455233
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Fri, 22 Dec 2023 11:01:28 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
14 KB 869ms
762ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_vrec_1&adk=3018598273&sz=320x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=2&fluid=height&msz=232x-1&psz=232x-1&fws=4&adf=1409058554&nhd=0&adx=350&ady=819&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=7005904&ga_cid=amp-XbxgKKOQKxwjR7osDQVOig&ga_hid=5904&dt=1703242888208&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan&bdt=542&dtd=10&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acec4320ad0885b9cbfe0e0c48f053349f07b44ca764cacf2b5940bbdd0b90c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:29 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 120x600
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13680
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: COuFz5ryooMDFRP_EQgdT40LXg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138351399062
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Fri, 22 Dec 2023 11:01:29 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
14 KB 771ms
664ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_hrec_1&adk=948107268&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=3&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=2674978360&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=7005904&ga_cid=amp-XbxgKKOQKxwjR7osDQVOig&ga_hid=5904&dt=1703242888208&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan&bdt=542&dtd=10&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c016b97948d1832765d77dccc9eec9db6da68e15bd39e904ba2ad86c7d11c20c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:28 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
google-mediationgroup-id: -2
x-creativesize: 300x100
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13706
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CLnRzpryooMDFYwyVQgdysgFcA
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138353942502
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Fri, 22 Dec 2023 11:01:28 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
14 KB 499ms
392ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_vrec_1&adk=132656383&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=4&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=1627611741&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=7005904&ga_cid=amp-XbxgKKOQKxwjR7osDQVOig&ga_hid=5904&dt=1703242888208&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan&bdt=542&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f1ea0482ac03225cda20a2b6ac7672db9066ca26dd0ac9c2e2be6e27ed2544c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:28 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 300x50
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13709
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CIPLzpryooMDFSUwVQgdRZEItA
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138353942361
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Fri, 22 Dec 2023 11:01:28 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
14 KB 318ms
212ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_hrec_1&adk=156774037&sz=320x50%7C728x90%7C468x60&output=html&impl=ifr&ifi=5&fluid=height&msz=892x-1&psz=892x-1&fws=4&adf=1662822972&nhd=0&adx=954&ady=1033&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=7005904&ga_cid=amp-XbxgKKOQKxwjR7osDQVOig&ga_hid=5904&dt=1703242888208&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan&bdt=542&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3374f10dfed2ff562a68ac020cd5f30365b4d23d56dcf688698bd16b9121eaf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:28 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 468x60
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13691
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CO_XzpryooMDFXgAVQgdBzYKYg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138353942298
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Fri, 22 Dec 2023 11:01:28 GMT

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012312012346000/v0/analytics-vendors/ 2 KB
886 B 40ms
39ms Fetch
application/json 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312012346000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 21 Dec 2023 16:06:47 GMT
age: 68081
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 856
x-xss-protection: 0
server: sffe
etag: "e666ca0e175b1b23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 20 Dec 2024 16:06:47 GMT

GET
H2 200 ga4.json Show response
www.xgcartoon.com/js/ 4 KB
2 KB 288ms
288ms Fetch
application/json 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xgcartoon.com/js/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
AMP-Same-Origin: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:28 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 10:49:40 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"11d8-187c255423d"
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
cache-control: max-age=180
accept-ranges: bytes
expires: Fri, 22 Dec 2023 11:04:28 GMT

GET
H2 200 container.html
204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ 0
0 202ms
75ms Other
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 133ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8WE8LSVZQB&ds=AMP&_p=5904&cid=amp-XbxgKKOQKxwjR7osDQVOig&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan&dr=&dt=%F0%9F%8D%B8%E5%85%89%E4%B9%8B%E7%BE%8E%E5%B0%91%E5%A5%B3%20%E7%AC%AC12%E5%AD%A3%EF%BC%88Go%EF%BC%81PRINCESS%E5%85%89%E4%B9%8B%E7%BE%8E%E5%B0%91%E5%A5%B3%EF%BC%81%EF%BC%89%E3%80%90%E6%97%A5%E8%AA%9E%E3%80%91%20%E5%85%8D%E8%B2%BB%E9%AB%98%E6%B8%85%E5%8D%A1%E9%80%9A%E5%8B%95%E6%BC%AB%E5%9C%A8%E7%B7%9A%E7%9C%8B%20-%20%E8%A5%BF%E7%93%9C%E5%8D%A1%E9%80%9A&_fv=1&_ss=1&__dbg=1&en=page_view&sid=1703242889&sct=1&seg=1&_et=0&gcs=
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xgcartoon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 11:01:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.xgcartoon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C1D6 6 KB
3 KB 77ms
77ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 11:01:28 GMT
expires: Sat, 21 Dec 2024 11:01:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A043 6 KB
3 KB 41ms
41ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 11:01:28 GMT
expires: Sat, 21 Dec 2024 11:01:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C1D6 24 KB
7 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 10:17:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2624
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 21 Dec 2024 10:17:44 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame C1D6 25 KB
10 KB 99ms
99ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94aea748a7ee24920e714e2e7f90b23d48298e7a79ae1c666308e020ab157a3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10281
x-xss-protection: 0
server: cafe
etag: 4475361942733572661
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 11:01:28 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C1D6 203 KB
64 KB 219ms
127ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 11:01:28 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A043 24 KB
6 KB 124ms
42ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 10:17:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2624
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 21 Dec 2024 10:17:44 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame A043 25 KB
10 KB 152ms
152ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4644c8170155f76f5c8812e6de5625011b0dab3ea1dccc9ea1df6ead950243c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10277
x-xss-protection: 0
server: cafe
etag: 7950335512591570027
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 11:01:28 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A043 203 KB
65 KB 142ms
56ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 11:01:28 GMT

GET
H2 200 container.html Show response
204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3138 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 11:01:28 GMT
expires: Sat, 21 Dec 2024 11:01:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame C1D6 0
438 B 81ms
80ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkfS9m6RtY48_CPot_qXR4AiDto_bf_zCdNmr3p0DAx-VwToYIUfg2XVmS71kKbdx6NNo8Zw8euH3HX_AFMhzMFbgk-SSn8_CQTNsuxg9q2KrZnsas02eNFk9TeNfEm1BvCiWGjFoZWzSNEZovZE8VdJPstF-uUHvuk0vDEtj7S4qe4Ba2gphaq7EcVw1_SB_ObvDUBgn_reFTNmZHRadO-kQ12miyb04GC77rAtvquKwEhCAPOvl5F3VYRlmWLwNZY3U_JjDX6kruo7m_a_bGRnOUZOiM3qETX3MKivkiBOGSvwqgTrVhfdkSEKiiI7UmABYXjlPO1b67hbJER3jwg6r2RIANfVXW6H0q5uWphvzThbZHU2nR9rKFxpOgf_3X7mD8FIZi5oMkoTQVUw&sai=AMfl-YS5ioulVk0isRUELJPnHZX3glNfSsAGFE3BR2Q2aCDmfV8Lj_K3MqwXYUhmoQwfIo8mWwFD99k8npjj2R8&sig=Cg0ArKJSzMbGhHXEZoftEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 22 Dec 2023 11:01:28 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C1D6 145 KB
50 KB 119ms
119ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25032c8c8a338369d566c3325a7395222ce48fa86a4f78ddc0b75c739b175927

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51247
x-xss-protection: 0
server: cafe
etag: 7098985119399978114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 11:01:28 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame A043 0
292 B 76ms
76ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvF0LtW66vQ5KGQINiCQCO7uy_Ogc0YPAgG306xhoykCQGrscMXzhLjXF1R9q8MtAYwm3GPjnejl1vJ4sy14t5TySnjuqMlY4TFydvJdbJANuecrl22Do0Rrj8k8K6806cIiOY-bi77IzmjX2qldeUrtRfsPdcT5MxNNHf9llqcrWFPpkJbs4j1_Xo6qrbNOJRkkVPGVsA009jDkEg2SeLkYYpRkMWProLSr_7b8Tp-hAFQDSmnhhZIeNeSl7Po2edUPWE6rgUM70eyJb45Et8wPpWIs8cMWR2X8cYXODC2aRU5wdodzQ9WGBksQXIFwnp7_O4i6PoEy8aMuU7Hz6k9CLMxbiWwYAXUWqtV63kWA78DxhniHBTmyXEQ4ZrpoIxavmazTKoP9_5aoERs&sai=AMfl-YT6Ttqq8rK4CpxgMqNH9BGxpN3tbFrACkUEqBCGG4DxjkNJSF_TLHtmXPS_bQhsDlqXoVCu3aKVDfWbGHk&sig=Cg0ArKJSzEDuPMFm2b3nEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 22 Dec 2023 11:01:28 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3138 24 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 10:17:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2624
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 21 Dec 2024 10:17:44 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 3138 25 KB
10 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4644c8170155f76f5c8812e6de5625011b0dab3ea1dccc9ea1df6ead950243c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10277
x-xss-protection: 0
server: cafe
etag: 7950335512591570027
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 11:01:28 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3138 203 KB
64 KB 106ms
105ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 11:01:28 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A043 145 KB
50 KB 142ms
142ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf7e7f92b22ca9527fe6cfea0ca1578a6422262631baed0f863136a8d18a12d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51250
x-xss-protection: 0
server: cafe
etag: 7996861451762423474
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 11:01:29 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3138 0
314 B 96ms
95ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsutujnnkmTkIL7q-EM5IPzARD63GPLrh3UcGSzU1z_DWoZec55ug6iztHW9dYeWQ_LZt5tRIz892HgU4a_mFVWBWhezVJe7BQ1atCJ5IF4HVnhkBAPLMKbLg-aa44zY8oMQ_wHAm3NsYHvcKK4HX-U9aXkXkobAV_e3qjv3dMN_duig2vOzaPAKoTQ4QBmpMaXk2zcq7qC4h0doEYvMIvj-ivKhxDhN_bxKV338aowQcQ3ShIMV8JzAs2MC0TlQCmK2qbxJ3KmGJ0t8OW-vkCCDzbX5lWfpBUGPxPvBiStYyX2lSeWG10ZLYib_rHY8A6QpBKajgJ4eewNfspOCLXMf2HlkfjYiHOaTt01PJgQnzK9buNUGun9idVbOJ2mC8JT1SO3xXkHjGIQ5QzTZQA&sai=AMfl-YTxwCnwdzYkq8dCCu5CKGSlGfN67jUZ5Iz3CXSw2kJ9VkNKZfYR05WIHX7wtXbAt1jY1GKZwfH6eiWV2I4&sig=Cg0ArKJSzOuoG0hYK5wkEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 22 Dec 2023 11:01:29 GMT

GET
H3 200 container.html Show response
204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F791 6 KB
3 KB 42ms
40ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 11:01:28 GMT
expires: Sat, 21 Dec 2024 11:01:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3138 145 KB
50 KB 94ms
93ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f5ae660a918eba08ad016ea2851d5f712d6f0d8bbddd7c64191e39796c65efa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51247
x-xss-protection: 0
server: cafe
etag: 11810279139941555738
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 11:01:29 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F791 24 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 10:17:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2625
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 21 Dec 2024 10:17:44 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame F791 25 KB
10 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c93dd298a227decbcbc5fcc458c787f081db10425e322950458c08e0656384d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10277
x-xss-protection: 0
server: cafe
etag: 8188157995017847591
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 11:01:29 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F791 203 KB
64 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 11:01:29 GMT

GET
DATA 200
OK truncated
/ Frame C1D6 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8871a6898febb707d23932c32a71b4b21eabdb61a08888195f7e408001ee9f5e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame C1D6 399 KB
135 KB 2880ms
2880ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00ec1365c05b2843c4e57ff0b5006e9501b19c4138d7d1286a7d42ab133b0d03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137955
x-xss-protection: 0
server: cafe
etag: 8860941966186872456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 11:01:29 GMT

GET
H2 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 0FA0 9 KB
4 KB 2857ms
39ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_inhead_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05e08c808879f06b105eb9a706db9efc115a1ad6a3bdd536d8cac7868012ef4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 23693
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4124
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 04:26:39 GMT
etag: 17470903016016266172
expires: Fri, 05 Jan 2024 04:26:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3138 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0cbb4a1e80cdad6d5c96c1353aff383e743af61e8d5b157e3379694684b66ade

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E8EF 6 KB
3 KB 2776ms
2775ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 11:01:28 GMT
expires: Sat, 21 Dec 2024 11:01:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F791 0
26 B 2862ms
2862ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUVVtq3VPDbsIpCdOcKPDo5qUZjFPgAKqqThtRa261AFKGQFyy8wwfbMoctoLIC6BTAbuxfc7gJUsCygBjDZhWqM38MySfDqReobreV1mA53uaj0hZcwDH3_X4ADsaYgY41IppnKHQ1uZhYDKtC2tVig4J5dLZt8w_x35oyUv-Bd34_Zvy-RLPcRiVwRTRMVIlXqms0f012wtlxpWr25FRL1sdQCVmS4v0sNi0bObanO-JDUGVvpmVaxSN8mqG7e5f5NW2ktyX1xDk07wM4N_P3BPHdocIMgEw_y5yliJJBtL3CsG6kY9viTuHpZMWaAaomhGxF6vFtzDdlRSvtcMPF74Yi98IrP2UaGsSziMVhMOrIVkEpEBO7UYkZAG5y0qzUmZ4KIfOUoSmdKnn&sai=AMfl-YRkbaKk44IbD0oJCfdtEemPj-x0uS6MgYcT-mNOR-Lx6wHv2yO6OSHyMCWawMu9pYUmhKCs3aN0nIuDdOI&sig=Cg0ArKJSzB2gNzMnXjktEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F791 145 KB
50 KB 2843ms
2843ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61b795b4b86772a190d146eabb64cfc867f858c9311ddbbecee0a76e4ce2b57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51247
x-xss-protection: 0
server: cafe
etag: 16413138946788925854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 11:01:29 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame A043 399 KB
135 KB 2905ms
2905ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

657f06943a34735f0a25f30c9ea05c15e24c0985bbdb771e615182b03e03fa9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137959
x-xss-protection: 0
server: cafe
etag: 4616032106021055364
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 11:01:31 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame 3138 399 KB
135 KB 170ms
170ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00ec1365c05b2843c4e57ff0b5006e9501b19c4138d7d1286a7d42ab133b0d03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137955
x-xss-protection: 0
server: cafe
etag: 8860941966186872456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 11:01:32 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame E8EF 25 KB
10 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4644c8170155f76f5c8812e6de5625011b0dab3ea1dccc9ea1df6ead950243c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10277
x-xss-protection: 0
server: cafe
etag: 7950335512591570027
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 11:01:32 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E8EF 203 KB
64 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 11:01:32 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E8EF 0
26 B 95ms
94ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOPQsg10CN1fgUn78FuoGyTAbwY9jTWeMz0cZIJLNQV4SfkSGQCvwcwPl3o8imF5Uhs1sXVKACtiYb1bTfIwHddvwmy40EQdltyo5VnipOx8XhJb2lqhVlaKZnq3Vf40bmn8jUPxyvd4fpJVhDJGwvCm6Kcz0knOuBBwIZx0lKsaVlq5taRIgddTVSm01k--ILFLopNEhMPs3EeiQOoJ095xkfRWg_43iiZ4ZcDOIRSv8QW2jtBTvMHliiqlLPCS0FCP2zu3cAdyWIj5_9qyQmUpuQVwrst2Oc5eSiE79PCCTDW7BYbIJxlNvtrU8i4HC1gt91ielIFxSmO5_mmayJXslXOjPGzWiM3RDDWy13nphDfbcfLOkqlag6Lab5aXDnVzTe7Wny55Hj9YDRig&sai=AMfl-YRy0kVFrqtvJDr849F2ZKuCd05rPuhcVy7y-2-No0EIx22QKJCPp8bdzQJc5mAYkBDAWGmX2hESSRGTUNg&sig=Cg0ArKJSzFFypUlEPcvUEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E8EF 145 KB
50 KB 106ms
106ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58307ba9ff94049bd067f1f1c986f76144e3b77c87ef8776f2b3c8f523f2bf44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51247
x-xss-protection: 0
server: cafe
etag: 13535122144597701529
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 11:01:32 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame F791 399 KB
135 KB 117ms
117ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48996e74bebf44867bdf2ad3fc3a2fd7a9f7f7b9317e6a652f8e6191cfef90e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137965
x-xss-protection: 0
server: cafe
etag: 3206125949629391187
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 11:01:32 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 36F1 48 KB
17 KB 296ms
296ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1280467831&adf=3173046732&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888920&bpp=178&bdt=150&idt=3222&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=1137090130&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079979%2C44795921%2C44809004%2C95320884&oid=2&pvsid=4053400509795091&tmod=1632843462&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ktek2ykiwrgc&fsb=1&dtd=3231

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c79ac6cfee8e008a056c553c31aebea9faf21e90d1f8ca4e5fcf7367531aa868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 17233
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 11:01:32 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E8EF 221 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f5458d67488ccf7174d16072d151922758b6f084626a799a242ca5cb28d02526

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5518 39 KB
16 KB 246ms
246ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=482000826&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888951&bpp=216&bdt=166&idt=3212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=3970707060804890&tmod=349667132&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iblt9knfzq7t&fsb=1&dtd=3219

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf13e4e510802d75f0c3f6062d74bfdd1c4e2a0d6e54de7a92e1b0005c23e38b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 16278
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 11:01:32 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame E8EF 399 KB
135 KB 104ms
104ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1db88f073601d3e30002743d54a64924a0719eef98c5462c34215148781b79b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137966
x-xss-protection: 0
server: cafe
etag: 5134237550300926796
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 11:01:32 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 079F 38 KB
16 KB 331ms
331ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889044&bpp=2941&bdt=115&idt=3202&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3422866323&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079759%2C42532523%2C44795921%2C95320884&oid=2&pvsid=510619576081689&tmod=930227628&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ocue0moz9rkc&fsb=1&dtd=3204

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95db46ef48897d5028f019e9089af3e8e0b8aad3fe358fc3d1e19cfce72da8ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 16122
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 11:01:32 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 13BF 48 KB
17 KB 262ms
261ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889134&bpp=2967&bdt=88&idt=3265&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C31079979%2C44809531%2C95320869%2C95320884&oid=2&pvsid=1570296872092261&tmod=982348649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ojcf858v2p6&fsb=1&dtd=3272

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d03f4d2bc051e30a3e7200e115681be89ce1525e56ae6040c0f2ef93e4df328f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 17199
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 11:01:32 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7DBE 39 KB
16 KB 257ms
256ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242892081&bpp=131&bdt=92&idt=332&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1137205606&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531706%2C95320884&oid=2&pvsid=2231393102354728&tmod=1615939969&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ciatwd3whlet&fsb=1&dtd=337

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b44d8b78b9da842ebc8110ce6ab2389ae44f9704c9de7f5e72cf72b9b1a35388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 16376
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 11:01:32 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5518 8 KB
3 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/error_handler.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=482000826&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888951&bpp=216&bdt=166&idt=3212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=3970707060804890&tmod=349667132&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iblt9knfzq7t&fsb=1&dtd=3219

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98943ace7e40462eae22caf1645fadbf7e7d59b696cd3ed0391837e0efa41801

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 20:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3480
x-xss-protection: 0
server: cafe
etag: 1596694241577312856
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 20:51:46 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5518 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 10:17:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2627
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 10:17:45 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5518 20 KB
8 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32833
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 01:54:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5518 0
0 134ms
47ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRrY5p4Et37-udpAkL6HA3ID9doZdySaJ00y_hwWm9vFb_N6br2x56353bULVaSqrSBnD0dyTUJN4qx8u8EBuj-M1q1Fg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=482000826&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888951&bpp=216&bdt=166&idt=3212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=3970707060804890&tmod=349667132&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iblt9knfzq7t&fsb=1&dtd=3219
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5518 203 KB
64 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 11:01:32 GMT

GET
H3 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 36F1 8 KB
3 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/error_handler.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1280467831&adf=3173046732&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888920&bpp=178&bdt=150&idt=3222&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=1137090130&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079979%2C44795921%2C44809004%2C95320884&oid=2&pvsid=4053400509795091&tmod=1632843462&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ktek2ykiwrgc&fsb=1&dtd=3231

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98943ace7e40462eae22caf1645fadbf7e7d59b696cd3ed0391837e0efa41801

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 20:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3480
x-xss-protection: 0
server: cafe
etag: 1596694241577312856
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 20:51:46 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 4527 2 KB
3 KB 164ms
67ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hyrtxbjtezax0agkm65gpxaydgp7z5bm5r0dbsbvzw7jpkk71hre35yerz6tghgw275m26qzk3a2a4vf0gb9nsq46hs364dzd27bsj6965esr3w1jt04h08ab4hwmdgyyg2924rgz0yhhg5s6nz7xymvwvmptbrh7av1k69gc9fd5w1wys6cvzsk115x10smj3knp0sry42wzp24q9crr4kmc8k2ctqq1tjsspg720523zhscer2cqjtjqcytx65eenksgsryhj1w94xz0s9cy9vma0sbehar5a8exv7cb73mq9fpkfk1jvg63htwpdybrj31hhz4b1r08w7arzgwgpdjv1ptym7ntmsb4erxpp0p69ywavxz7arcds8txeakd3jb0snwnqpkcrwfhpg1xsap1c5rbzdqzgerx7j56kfj7wf60sycjkczj7b1m09m13nk5s&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCagb0jGyFZdm8DMSn9u8P9v6bsAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0BxRWrgw_MqYX9BGT2-o6yEZpeftb8751Zup5jUCqeLvwxusBrZlEk5LxdcX8Qr2LSN1mxVY4EBr9LWE7kCeGvMrvSqygzW3W8JU0wKWNTPbUNv_OpF7jo6gzDfi647ZTN2Y9wFbuxBn-0iprfEJ4JWgD3gFplj9QPQEmGvzvNh7C0bK7z2QlCPEqxLrcXnmncekBeWVmxfO6c4oD9eP_TagmTSTO2bU3U1C-TgiCoRuk8owVKPWg3EsAoKuox1j-asZ0i8L16n7DTsNyD6ABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYnIy5nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1OM4sUSYYTQ2D54aP0AKfuApn0Pg%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c6b8f3b05a27a98bb5b8ef987e24599301129f33bfccc8f67a744faac72264f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8397de0eaea99131-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 11:01:32 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 66E3 1 KB
643 B 39ms
39ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51698
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Fri, 22 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 25B9 8 KB
3 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/error_handler.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98943ace7e40462eae22caf1645fadbf7e7d59b696cd3ed0391837e0efa41801

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 20:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3480
x-xss-protection: 0
server: cafe
etag: 1596694241577312856
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 20:51:46 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 25B9 3 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 10:17:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2627
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 10:17:45 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 25B9 20 KB
8 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32833
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 01:54:19 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 25B9 203 KB
64 KB 105ms
105ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 11:01:32 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 66E3 0
104 B 256ms
128ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDNWXNF6YnE-jKEp9D4tA7Y&google_cver=1&google_push=AXcoOmT8o4avp3QQrZlqO3q6SOxINFUQDpSVToNy95OwGOzoMDpcmsuTEjiUxgplQqVaHqkfibdGQNPgz182FY8UUTcMc1R7zMzk5A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=482000826&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888951&bpp=216&bdt=166&idt=3212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=3970707060804890&tmod=349667132&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iblt9knfzq7t&fsb=1&dtd=3219
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 11:01:32 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 66E3 70 B
149 B 177ms
57ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEM1ZEHeCyYX_q6gfgaZadmY&google_cver=1&google_push=AXcoOmQaOjZLjE_dm1fThT-dYcYNWBL_T-GSnw5Zh9CkwWT6UAjaYZ1F1nWBgT_rdYXir6hyc-RA5RqU-xAIN51_t5NmtBUCXe0vuA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=482000826&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888951&bpp=216&bdt=166&idt=3212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=3970707060804890&tmod=349667132&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iblt9knfzq7t&fsb=1&dtd=3219
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 sync
x.bidswitch.net/ Frame 66E3 43 B
145 B 135ms
41ms Image
image/gif 18.197.41.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECYvfkuZ2NzqlKKUplezVjY&google_cver=1&google_push=AXcoOmS2Us36H3p3yEHHhYidmyHYJCkapZvFTTt3_cNgpzasdIXYcB0cl7qyJYDJ-k-SUG3h2sxyBpzsRCSHnuf-4e8ZPT33wOVDuQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=482000826&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888951&bpp=216&bdt=166&idt=3212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=3970707060804890&tmod=349667132&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iblt9knfzq7t&fsb=1&dtd=3219
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.41.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-41-124.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 66E3
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDzowZC0slH0Xl1g0Hdn01c&google_cver=1&google_push=AXcoOmTo4RNJx0TVeSOh-A3Pz5hpCkLROEWa54TqM112Rj5dkUGSqgoLY1bkDaX-ie_Uc9mrD7xhVoJd...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDzowZC0slH0Xl1g0Hdn01c&google_cver=1&google_push=AXcoOmTo4RNJx0TVeSOh-A3Pz5hpCkLROEWa54TqM112Rj5dkUGSqgoLY1bkDaX-ie_Uc9mrD7x...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY2NDIzNDUzOTk1NzEwODcyNQ&google_push=AXcoOmTo4RNJx0TVeSOh-A3Pz5hpCkLROEWa54TqM112Rj5dkUGSqgoLY1bkDaX-ie_Uc9mrD7xhVo...

170 B
232 B

53ms
50ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY2NDIzNDUzOTk1NzEwODcyNQ&google_push=AXcoOmTo4RNJx0TVeSOh-A3Pz5hpCkLROEWa54TqM112Rj5dkUGSqgoLY1bkDaX-ie_Uc9mrD7xhVoJdUmYejUZBLoXTZM3kYuRo4w

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 11:01:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 11:01:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY2NDIzNDUzOTk1NzEwODcyNQ&google_push=AXcoOmTo4RNJx0TVeSOh-A3Pz5hpCkLROEWa54TqM112Rj5dkUGSqgoLY1bkDaX-ie_Uc9mrD7xhVoJdUmYejUZBLoXTZM3kYuRo4w
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 66E3 43 B
236 B 136ms
50ms Image
image/gif 35.227.252.103
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEFp6HZkT19Jb-EL1NnD_AgA&google_cver=1&google_push=AXcoOmRJAvSFzQq9__n6y5hM_p0EDuH5pmSoJkp0lOnjts0kWyKdMQUtq5pXF9rVOIIwG9CuQhdEwmOd0-nMaD7j3gWPNchQzeK-
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=482000826&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888951&bpp=216&bdt=166&idt=3212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=3970707060804890&tmod=349667132&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iblt9knfzq7t&fsb=1&dtd=3219
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 11:01:32 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 66E3 0
45 B 721ms
50ms Image
text/plain 217.182.178.228

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGdB86LPRBbQI9lVAPzZWc8&google_cver=1&google_push=AXcoOmSDifOPrVMq3xTHohUbyjDVVgL_48dqU-EZ7T_ma7UEwgQQXoth5TiD20KJDgfJppTeS0clmbf8Wt0UAwun6fdNKz4_NRP5QA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=482000826&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888951&bpp=216&bdt=166&idt=3212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=3970707060804890&tmod=349667132&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iblt9knfzq7t&fsb=1&dtd=3219
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.228 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
content-length: 0

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 66E3 43 B
146 B 134ms
41ms Image
image/gif 18.197.41.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJ0uOcH9pILQwopB74d6Asc&google_cver=1&google_push=AXcoOmTXGj_mcOexHMRP-Q0TFqDLme_Lkh2eC1ZWZt6nZrg9pLAd2DZNCtzpoqP0A7sZFTtFhUoIgiTPDfILAUCT-w4q1kxggU9YC_k
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=482000826&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888951&bpp=216&bdt=166&idt=3212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=3970707060804890&tmod=349667132&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iblt9knfzq7t&fsb=1&dtd=3219
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.41.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-41-124.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 66E3 0
40 B 140ms
47ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I-757RlMjKE6Egl-9wPcfVFqv9JrhnzWignpT26SLj4evpm9rFR_dcl9y1KYSvK3PFFfurxw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame C718 2 KB
1 KB 78ms
69ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jpn3p0px50wjyek0mgx94504erwhbn8jxppejjryqf7wzq53evtp6ajbe3exkh3wg20dt0pve17prnx2ttt8yvc13h42wmj2cwc1stms6k1ybnq08wg3gyes1bhqksdxc25gw5pmxda92zms50abkjh8ng1dgm54vygpkvqh0prv9h2yn4sw8gvfm79z22dkzt1nnazjt7tw9pt57w39msbvkarmwyxg89tdzehx22am05h2ks27h9xp5wjj6h9e3mdhz9wyg5wqjvzkxq06ewyz5vebhawcn6r9ax0epf2a0kx4a7kjq1j841xn2zh9mcsy1dvc3fpmqh2ve6rtqjn1zqmb19f6ss3szmcs6j8pknkaykv96xse3tqt6df898a7dksnq686cfhehpea8nh1ywgpy1ep1xyr8y9r1ag13h34f24cfax4x7fjdbz2fkfps60&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz158jGyFZZ20C4S99u8PtKOYoAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0IQNZADTwm0SdaKP45aHfDXOps8PlSRTHBi0TnKiX8uZOupqyLMABMgddSc0wwnkI-qNoXEEGHh2PgIj2hCiRS93av71pId0pyTE6ux5dk6R0f7siuMMJUyuDtkXSWYAEAGRUn45tBcUXppWEwUve4_dKzX9h9ajg4K2kHVlFP-p2xK_fTqxEFXBsxUdUoUoJbhj8Fzg128SM77iu6vaGxXqEUpr6RUozeBUD-UBeNrjVWeGgrqpuroWKuVlCsOsLfUeB1dvyKaIn_e2NumABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYzZC4nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2id-X13hiHACaKYAL5s4ftSpou9w%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930e3672504293e5810a58b53c4470f2d4ffcd345a68e608de29e0eaa459897d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8397de0eaeab9131-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 11:01:32 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C52E 1 KB
643 B 39ms
39ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51698
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Fri, 22 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5518 0
19 B 83ms
83ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cd-VpjGyFZdm8DMSn9u8P9v6bsAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzAFP0BxRWrgw_MqYX9BGT2-o6yEZpeftb8751Zup5jUCqeLvwxusBrZlEk5LxdcX8Qr2LSN1mxVY4EBr9LWE7kCeGvMrvSqygzW3W8JU0wKWNTPbUNv_OpF7jo6gzDfi647ZTN2Y9wFbuxBn-0iprfEJ4JWgD3gFplj9QPQEmGvzvNh7C0bK7z2QlCPEqxLrcXnmncekBeWVmxfO6c4oD9eP_TagmTSTeWT1T5q7fnjqjcz4SYOipprCidwmLJpzI98qa1ONzAMTAnVkTfOABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYnIy5nPKigwOACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTg4NDI5NDQ3OTM5MTYzOBiZ0iE&sigh=OoLSB_3unOo&uach_m=%5BUACH%5D&cid=CAQSKQAvHhf_u_Wl-5yKLK0n3MatJBt86nOVzmWYYOG2WsU0ye8UEScbFUOlGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=482000826&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888951&bpp=216&bdt=166&idt=3212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=3970707060804890&tmod=349667132&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iblt9knfzq7t&fsb=1&dtd=3219
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 22 Dec 2023 11:01:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 5518 0
39 B 153ms
53ms Image
image/gif 2600:1901:0:76b9::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hz9fp66xwtnzy4ncwfp8k0h195gsfx4f5h06jhyeebf24j5n3e4w5rn5wp9r6n9xma0j0y2vqrwdjx6ggd7nexxv7156cnaptwfr8d4syndv3b6vj4d70yjwfqdaspy72knkvfngckjas4za4pqtbxeyy12356qxg8trk9xz0scecca6fxc2sp5fnzt98x8bhf54w7ddt0xfkqjz74xptpt40dbxbqewcym8w1xfr8z2x2n861ee2y60r2qmrhtccq7c428cgsacjen2800t4j5b7pg5068bmg7yqgw80z18y7z410t1qwqwwwpwc4k8hta74kws5y4cxt13nzj85783jj4gas8cg16khq1dc5ffqkthk0e4ep23qm5pqnjwd6pn0v7shwhz9g&b=ZYVsjAADHlkH_ZPEAAb_dqxVDsE6jh-VmYw05g&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=482000826&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888951&bpp=216&bdt=166&idt=3212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=3970707060804890&tmod=349667132&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iblt9knfzq7t&fsb=1&dtd=3219
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 11:01:32 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame 25B9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83e7677e066db996c90646e6a3c9b367f199ca7abd4b98135b412473c6e5a715

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 079F 8 KB
3 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/error_handler.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889044&bpp=2941&bdt=115&idt=3202&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3422866323&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079759%2C42532523%2C44795921%2C95320884&oid=2&pvsid=510619576081689&tmod=930227628&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ocue0moz9rkc&fsb=1&dtd=3204

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98943ace7e40462eae22caf1645fadbf7e7d59b696cd3ed0391837e0efa41801

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 20:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3480
x-xss-protection: 0
server: cafe
etag: 1596694241577312856
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 20:51:46 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 079F 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 10:17:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2627
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 10:17:45 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 079F 20 KB
8 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32833
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 01:54:19 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 079F 203 KB
64 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 11:01:32 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C52E
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENOWA24WNW45n776_qQQ9C0&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENOWA24WNW45n776_qQQ9C0&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dFl3dDJ4U00xUmdEaHk1&google_gid=CAESENOWA24WNW45n776_qQQ9C0&google_cver=1&google_push=AXcoOmRVBn4SP6__r_7GGxRyi2gtO97Mbtr0_4Ury0YlgsM...

170 B
188 B

50ms
50ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dFl3dDJ4U00xUmdEaHk1&google_gid=CAESENOWA24WNW45n776_qQQ9C0&google_cver=1&google_push=AXcoOmRVBn4SP6__r_7GGxRyi2gtO97Mbtr0_4Ury0YlgsMXDLRDLnc-tzSfLTaTqW8rnjwBKilhmUQLaDFVQJb0ryv5HTHMfrtxBA

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 11:01:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 22 Dec 2023 11:01:32 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-029f22d856dc4e10e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dFl3dDJ4U00xUmdEaHk1&google_gid=CAESENOWA24WNW45n776_qQQ9C0&google_cver=1&google_push=AXcoOmRVBn4SP6__r_7GGxRyi2gtO97Mbtr0_4Ury0YlgsMXDLRDLnc-tzSfLTaTqW8rnjwBKilhmUQLaDFVQJb0ryv5HTHMfrtxBA
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame C52E 43 B
363 B 148ms
45ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQkqPtWp0GXoXH7vhwKMDPfy96hB_xfxlFkjH4DyVDGf-Q0CXQtPM9qH__reE8SDBLQXlgbTzf9FtNp_N5dW22LPlQHmY1BqA&google_gid=CAESEHMkx1PcI7xWWJkVBJtasQA&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 11:01:32 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 335438
expires: Fri, 22 Dec 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C52E
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDzowZC0slH0Xl1g0Hdn01c&google_cver=1&google_push=AXcoOmSctEjxixTX3s4UnWdPSh7c7MhM5RrrlEoOJpmUIo47JUw6bkWnrE4m5p6PbftPUPNjFAXo8TWg...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDzowZC0slH0Xl1g0Hdn01c&google_cver=1&google_push=AXcoOmSctEjxixTX3s4UnWdPSh7c7MhM5RrrlEoOJpmUIo47JUw6bkWnrE4m5p6PbftPUPNjFAX...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE1MjA5OTc4NTIyMzAzMTkyMQ&google_push=AXcoOmSctEjxixTX3s4UnWdPSh7c7MhM5RrrlEoOJpmUIo47JUw6bkWnrE4m5p6PbftPUPNjFAXo8T...

170 B
329 B

51ms
49ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE1MjA5OTc4NTIyMzAzMTkyMQ&google_push=AXcoOmSctEjxixTX3s4UnWdPSh7c7MhM5RrrlEoOJpmUIo47JUw6bkWnrE4m5p6PbftPUPNjFAXo8TWgmVNrYZU0101rWAFVokUL

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 11:01:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 11:01:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE1MjA5OTc4NTIyMzAzMTkyMQ&google_push=AXcoOmSctEjxixTX3s4UnWdPSh7c7MhM5RrrlEoOJpmUIo47JUw6bkWnrE4m5p6PbftPUPNjFAXo8TWgmVNrYZU0101rWAFVokUL
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C52E
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGjB83VX9zOJkylftHhzN50&google_cver=1&google_push=AXcoOmTbIHis3f5iRo1Rtye1QO3Fy9NYoW_bF72t1J3MU5ha7mT8FuD3pwEnvKQK0bsdpanxgj-LMkyUPhzH...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTbIHis3f5iRo1Rtye1QO3Fy9NYoW_bF72t1J3MU5ha7mT8FuD3pwEnvKQK0bsdpanxgj-LMkyUPhzHsVwq4tVmIsIEh7MRgQ

170 B
232 B

52ms
52ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTbIHis3f5iRo1Rtye1QO3Fy9NYoW_bF72t1J3MU5ha7mT8FuD3pwEnvKQK0bsdpanxgj-LMkyUPhzHsVwq4tVmIsIEh7MRgQ

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 11:01:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTbIHis3f5iRo1Rtye1QO3Fy9NYoW_bF72t1J3MU5ha7mT8FuD3pwEnvKQK0bsdpanxgj-LMkyUPhzHsVwq4tVmIsIEh7MRgQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 ebda
match.360yield.com/match/ Frame C52E 43 B
199 B 190ms
59ms Image
image/gif 54.229.5.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESEF9EG8dk3CYte7udUyIfmDU&google_cver=1&google_push=AXcoOmSzJyB2FYk9_eRU76O53IEp0oe_HA9jRDEq_5v3eaOjf6L6QIvjxBwLlG1T16ReSUpac432QkBZxNnb9t0Z2GGaHZZTZ6o5-Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1280467831&adf=3173046732&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888920&bpp=178&bdt=150&idt=3222&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=1137090130&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079979%2C44795921%2C44809004%2C95320884&oid=2&pvsid=4053400509795091&tmod=1632843462&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ktek2ykiwrgc&fsb=1&dtd=3231
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.229.5.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-5-240.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 11:01:32 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

/
onetag-sys.com/match/ Frame C52E
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEGjB83VX9zOJkylftHhzN50&google_cver=1&google_push=AXcoOmQVIWzthtTkxA8c8HBcNjr-hZn41gAUeVkDWPNs7uaV2XGDK4B1oLvCyKdIWJDmGnFbhAxk05AJoEM...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQVIWzthtTkxA8c8HBcNjr-hZn41gAUeVkDWPNs7uaV2XGDK4B1oLvCyKdIWJDmGnFbhAxk05AJoEMNzinrMssyl6_m-4i3XuY
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

41ms
41ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 11:01:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C52E
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEHy36zJnR_DAkjxjrYqmApg&google_cver=1&google_push=AXcoOmQ5n31CY4nsM...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEHy36zJnR_DAkjxjrYqmApg%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODk1MTMwMTA1MzgzMzQ2ODQ3MQ%3D%3D&google_gid=CAESEHy36zJnR_DAkjxjrYqmApg&google_cver=1&google_push=AXcoOmQ5n31CY4nsMiI7gxbEHWPRs4oTyp...

170 B
188 B

53ms
53ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODk1MTMwMTA1MzgzMzQ2ODQ3MQ%3D%3D&google_gid=CAESEHy36zJnR_DAkjxjrYqmApg&google_cver=1&google_push=AXcoOmQ5n31CY4nsMiI7gxbEHWPRs4oTypQ_V59lwwIreKHX_71FepCwHQHYVm5WWbFiOLfBpEh6XC0bw67JdodB6qcsPDlHmNSoSSM

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 11:01:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 11:01:32 GMT
an-x-request-uuid: 2043e93a-cb7e-4882-a0af-40572ed07bd3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODk1MTMwMTA1MzgzMzQ2ODQ3MQ%3D%3D&google_gid=CAESEHy36zJnR_DAkjxjrYqmApg&google_cver=1&google_push=AXcoOmQ5n31CY4nsMiI7gxbEHWPRs4oTypQ_V59lwwIreKHX_71FepCwHQHYVm5WWbFiOLfBpEh6XC0bw67JdodB6qcsPDlHmNSoSSM
x-proxy-origin: 80.255.7.100; 80.255.7.100; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame C52E 0
139 B 55ms
47ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LLwxBRY4sEM16xSJL46TePxmhBzRJNGOb0-2Zo339MdAmCUkLViiZ0Cy1G2nI-hGoGGYBRGHc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame C500 2 KB
1 KB 72ms
71ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1kyed8k67exvqz66enq0ateb4ngactzsqtxkjj0p7y5zy0t4642bge25e75636knbksdhkngzm219hdj48h40k8k58k4agbpe9xn87j454k5avds7tpwnacg4ypnfn1cywq3eshtwjtdhhgzg45byvpfj3gp5zk1nvytzkft17m7hagcrakpxggdc8dvs7nfrrgmmr2915hk3k8kdda0z7q8v321s3vjh6vh6sdqqyn6vnrd2ph9a7yee285dcpw8p7mx06bz99wrpn5wqdp2vspdpqttw7kqyqzf3amsnrstt1623nps3npmbvgmqas0z9zqzcc2m32cyqgcg01z9va7ez7h9nktth4vcf65g3fvsexch7cwb00jxq8sg4w02d8eh8204esyfd2t41pd7agkb8bc6t6x892ztmvz5ednsf4tt7xjv7xsrzd4ywhjbtrz0mz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32889607a9ca0ff509db1a6f3610a9e2b5e63cae6850fc208bd06c000d733db6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8397de0f0f7f9131-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 11:01:32 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 92ED 1 KB
643 B 40ms
39ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51698
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Fri, 22 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 079F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b86d265a0bfafc113ce244f87cd497d3a164c87e97b9ff2bb8693217272e959

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 25B9 0
19 B 84ms
84ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C5zoGjGyFZZ20C4S99u8PtKOYoAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzAFP0IQNZADTwm0SdaKP45aHfDXOps8PlSRTHBi0TnKiX8uZOupqyLMABMgddSc0wwnkI-qNoXEEGHh2PgIj2hCiRS93av71pId0pyTE6ux5dk6R0f7siuMMJUyuDtkXSWYAEAGRUn45tBcUXppWEwUve4_dKzX9h9ajg4K2kHVlFP-p2xK_fTqxEFXBsxUdUoUoJbhj8Fzg128SM77iu6vaGxXqEUprqxcJXzetiKXJ_5J1jy4UcIO9sBccBP24igHlvw2KGXt3HXoX3z-ABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYzZC4nPKigwOACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTg4NDI5NDQ3OTM5MTYzOBiZ0iE&sigh=cs6wh8ex6-A&uach_m=%5BUACH%5D&cid=CAQSKQAvHhf_lJn2YdbQFnCruTKr56mvkpRhBV0BsFNnNQkzpY7ZuHwft_lqGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1280467831&adf=3173046732&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888920&bpp=178&bdt=150&idt=3222&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=1137090130&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079979%2C44795921%2C44809004%2C95320884&oid=2&pvsid=4053400509795091&tmod=1632843462&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ktek2ykiwrgc&fsb=1&dtd=3231
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 22 Dec 2023 11:01:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 25B9 0
103 B 66ms
50ms Image
image/gif 2600:1901:0:76b9::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kwz9zkw8pjtj22qr1z7y1d53fqp86vzjcz67f9aeqvkw15y93np4zfppkpbsxgtmrxgz3rw583m89p2rrx0sks71wvktwdvexytwd3dhh4n5hdvnwdmv7ep9m2pnntb0pzmk0qngfn1g1009qjx7d7q10rmgb4d859zjve7vtj5dty0te56rgv2akn2rs0jf58nq7amk416ftt0hqcgekznefddnae3jvsvcw1y8ga55j2j7r6c1w43e20h3n6tkf8hq743zek3ywgvj022k6g589ktpxk9rcr57txcb74spj3y56cxn1tp6ybdmbppeytwz12nhfqsnp2fsz8d7wephm5pr7xfssc0yvs1mz6tn50apb3zdrbq2ty8dvg0vt076w4yc68rkf8&b=ZYVsjAAC2h0H_Z6EAAYRtNNAvVNoIj8euXkaBg&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1280467831&adf=3173046732&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888920&bpp=178&bdt=150&idt=3222&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=1137090130&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079979%2C44795921%2C44809004%2C95320884&oid=2&pvsid=4053400509795091&tmod=1632843462&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ktek2ykiwrgc&fsb=1&dtd=3231
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 11:01:32 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 4527 115 KB
14 KB 54ms
54ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hyrtxbjtezax0agkm65gpxaydgp7z5bm5r0dbsbvzw7jpkk71hre35yerz6tghgw275m26qzk3a2a4vf0gb9nsq46hs364dzd27bsj6965esr3w1jt04h08ab4hwmdgyyg2924rgz0yhhg5s6nz7xymvwvmptbrh7av1k69gc9fd5w1wys6cvzsk115x10smj3knp0sry42wzp24q9crr4kmc8k2ctqq1tjsspg720523zhscer2cqjtjqcytx65eenksgsryhj1w94xz0s9cy9vma0sbehar5a8exv7cb73mq9fpkfk1jvg63htwpdybrj31hhz4b1r08w7arzgwgpdjv1ptym7ntmsb4erxpp0p69ywavxz7arcds8txeakd3jb0snwnqpkcrwfhpg1xsap1c5rbzdqzgerx7j56kfj7wf60sycjkczj7b1m09m13nk5s&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCagb0jGyFZdm8DMSn9u8P9v6bsAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0BxRWrgw_MqYX9BGT2-o6yEZpeftb8751Zup5jUCqeLvwxusBrZlEk5LxdcX8Qr2LSN1mxVY4EBr9LWE7kCeGvMrvSqygzW3W8JU0wKWNTPbUNv_OpF7jo6gzDfi647ZTN2Y9wFbuxBn-0iprfEJ4JWgD3gFplj9QPQEmGvzvNh7C0bK7z2QlCPEqxLrcXnmncekBeWVmxfO6c4oD9eP_TagmTSTO2bU3U1C-TgiCoRuk8owVKPWg3EsAoKuox1j-asZ0i8L16n7DTsNyD6ABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYnIy5nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1OM4sUSYYTQ2D54aP0AKfuApn0Pg%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hyrtxbjtezax0agkm65gpxaydgp7z5bm5r0dbsbvzw7jpkk71hre35yerz6tghgw275m26qzk3a2a4vf0gb9nsq46hs364dzd27bsj6965esr3w1jt04h08ab4hwmdgyyg2924rgz0yhhg5s6nz7xymvwvmptbrh7av1k69gc9fd5w1wys6cvzsk115x10smj3knp0sry42wzp24q9crr4kmc8k2ctqq1tjsspg720523zhscer2cqjtjqcytx65eenksgsryhj1w94xz0s9cy9vma0sbehar5a8exv7cb73mq9fpkfk1jvg63htwpdybrj31hhz4b1r08w7arzgwgpdjv1ptym7ntmsb4erxpp0p69ywavxz7arcds8txeakd3jb0snwnqpkcrwfhpg1xsap1c5rbzdqzgerx7j56kfj7wf60sycjkczj7b1m09m13nk5s&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCagb0jGyFZdm8DMSn9u8P9v6bsAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0BxRWrgw_MqYX9BGT2-o6yEZpeftb8751Zup5jUCqeLvwxusBrZlEk5LxdcX8Qr2LSN1mxVY4EBr9LWE7kCeGvMrvSqygzW3W8JU0wKWNTPbUNv_OpF7jo6gzDfi647ZTN2Y9wFbuxBn-0iprfEJ4JWgD3gFplj9QPQEmGvzvNh7C0bK7z2QlCPEqxLrcXnmncekBeWVmxfO6c4oD9eP_TagmTSTO2bU3U1C-TgiCoRuk8owVKPWg3EsAoKuox1j-asZ0i8L16n7DTsNyD6ABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYnIy5nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1OM4sUSYYTQ2D54aP0AKfuApn0Pg%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 541053
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2FqVwx0di8fAvAv90KFO2VkD1gKO9ofGvnDLHPpEqd%2FSkaIqVCl4snP7pG8cw1RYSA%2FIraniGyOODzu9ULH1sT3EJiea7969fAu7%2BsGYp6L4t4DQrzixRqgp%2Fg%2BMmL0I%2FDCfhWTvpYI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8397de0f3fe79131-FRA
expires: Sat, 23 Dec 2023 11:01:32 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 4527 24 KB
9 KB 77ms
61ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hyrtxbjtezax0agkm65gpxaydgp7z5bm5r0dbsbvzw7jpkk71hre35yerz6tghgw275m26qzk3a2a4vf0gb9nsq46hs364dzd27bsj6965esr3w1jt04h08ab4hwmdgyyg2924rgz0yhhg5s6nz7xymvwvmptbrh7av1k69gc9fd5w1wys6cvzsk115x10smj3knp0sry42wzp24q9crr4kmc8k2ctqq1tjsspg720523zhscer2cqjtjqcytx65eenksgsryhj1w94xz0s9cy9vma0sbehar5a8exv7cb73mq9fpkfk1jvg63htwpdybrj31hhz4b1r08w7arzgwgpdjv1ptym7ntmsb4erxpp0p69ywavxz7arcds8txeakd3jb0snwnqpkcrwfhpg1xsap1c5rbzdqzgerx7j56kfj7wf60sycjkczj7b1m09m13nk5s&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCagb0jGyFZdm8DMSn9u8P9v6bsAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0BxRWrgw_MqYX9BGT2-o6yEZpeftb8751Zup5jUCqeLvwxusBrZlEk5LxdcX8Qr2LSN1mxVY4EBr9LWE7kCeGvMrvSqygzW3W8JU0wKWNTPbUNv_OpF7jo6gzDfi647ZTN2Y9wFbuxBn-0iprfEJ4JWgD3gFplj9QPQEmGvzvNh7C0bK7z2QlCPEqxLrcXnmncekBeWVmxfO6c4oD9eP_TagmTSTO2bU3U1C-TgiCoRuk8owVKPWg3EsAoKuox1j-asZ0i8L16n7DTsNyD6ABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYnIy5nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1OM4sUSYYTQ2D54aP0AKfuApn0Pg%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 179202
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYs0QkxGg3QXP7snE3BKJAPtXwAy3%2F%2BdyHQghL0zbKS1wWVl2hOcaEGamTtyFheBeI4v11v2%2BRfI%2FltWlUF0lcWjOXw%2B10FiZI2642mQaorBC%2Fyu1ZujCbOFadbWC9mpIV2MwVI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 8397de0f580f9131-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 09:16:49 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame C718 115 KB
13 KB 55ms
54ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jpn3p0px50wjyek0mgx94504erwhbn8jxppejjryqf7wzq53evtp6ajbe3exkh3wg20dt0pve17prnx2ttt8yvc13h42wmj2cwc1stms6k1ybnq08wg3gyes1bhqksdxc25gw5pmxda92zms50abkjh8ng1dgm54vygpkvqh0prv9h2yn4sw8gvfm79z22dkzt1nnazjt7tw9pt57w39msbvkarmwyxg89tdzehx22am05h2ks27h9xp5wjj6h9e3mdhz9wyg5wqjvzkxq06ewyz5vebhawcn6r9ax0epf2a0kx4a7kjq1j841xn2zh9mcsy1dvc3fpmqh2ve6rtqjn1zqmb19f6ss3szmcs6j8pknkaykv96xse3tqt6df898a7dksnq686cfhehpea8nh1ywgpy1ep1xyr8y9r1ag13h34f24cfax4x7fjdbz2fkfps60&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz158jGyFZZ20C4S99u8PtKOYoAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0IQNZADTwm0SdaKP45aHfDXOps8PlSRTHBi0TnKiX8uZOupqyLMABMgddSc0wwnkI-qNoXEEGHh2PgIj2hCiRS93av71pId0pyTE6ux5dk6R0f7siuMMJUyuDtkXSWYAEAGRUn45tBcUXppWEwUve4_dKzX9h9ajg4K2kHVlFP-p2xK_fTqxEFXBsxUdUoUoJbhj8Fzg128SM77iu6vaGxXqEUpr6RUozeBUD-UBeNrjVWeGgrqpuroWKuVlCsOsLfUeB1dvyKaIn_e2NumABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYzZC4nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2id-X13hiHACaKYAL5s4ftSpou9w%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jpn3p0px50wjyek0mgx94504erwhbn8jxppejjryqf7wzq53evtp6ajbe3exkh3wg20dt0pve17prnx2ttt8yvc13h42wmj2cwc1stms6k1ybnq08wg3gyes1bhqksdxc25gw5pmxda92zms50abkjh8ng1dgm54vygpkvqh0prv9h2yn4sw8gvfm79z22dkzt1nnazjt7tw9pt57w39msbvkarmwyxg89tdzehx22am05h2ks27h9xp5wjj6h9e3mdhz9wyg5wqjvzkxq06ewyz5vebhawcn6r9ax0epf2a0kx4a7kjq1j841xn2zh9mcsy1dvc3fpmqh2ve6rtqjn1zqmb19f6ss3szmcs6j8pknkaykv96xse3tqt6df898a7dksnq686cfhehpea8nh1ywgpy1ep1xyr8y9r1ag13h34f24cfax4x7fjdbz2fkfps60&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz158jGyFZZ20C4S99u8PtKOYoAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0IQNZADTwm0SdaKP45aHfDXOps8PlSRTHBi0TnKiX8uZOupqyLMABMgddSc0wwnkI-qNoXEEGHh2PgIj2hCiRS93av71pId0pyTE6ux5dk6R0f7siuMMJUyuDtkXSWYAEAGRUn45tBcUXppWEwUve4_dKzX9h9ajg4K2kHVlFP-p2xK_fTqxEFXBsxUdUoUoJbhj8Fzg128SM77iu6vaGxXqEUpr6RUozeBUD-UBeNrjVWeGgrqpuroWKuVlCsOsLfUeB1dvyKaIn_e2NumABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYzZC4nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2id-X13hiHACaKYAL5s4ftSpou9w%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 541053
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4lL1KACvAg2sJt9xTc22kYwWwQIYAgvJHiiJMaYYFcQrL6tNxr2LZWb99DYk4NYm%2F8G5FnWYrB%2BdXVO5ermdXQmLsN%2BpJM7WlMbChf0pW6kpwmF96hDx75OwjKmg4hGtiX930ooN0o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8397de0f3ff09131-FRA
expires: Sat, 23 Dec 2023 11:01:32 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame C718 24 KB
10 KB 69ms
57ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jpn3p0px50wjyek0mgx94504erwhbn8jxppejjryqf7wzq53evtp6ajbe3exkh3wg20dt0pve17prnx2ttt8yvc13h42wmj2cwc1stms6k1ybnq08wg3gyes1bhqksdxc25gw5pmxda92zms50abkjh8ng1dgm54vygpkvqh0prv9h2yn4sw8gvfm79z22dkzt1nnazjt7tw9pt57w39msbvkarmwyxg89tdzehx22am05h2ks27h9xp5wjj6h9e3mdhz9wyg5wqjvzkxq06ewyz5vebhawcn6r9ax0epf2a0kx4a7kjq1j841xn2zh9mcsy1dvc3fpmqh2ve6rtqjn1zqmb19f6ss3szmcs6j8pknkaykv96xse3tqt6df898a7dksnq686cfhehpea8nh1ywgpy1ep1xyr8y9r1ag13h34f24cfax4x7fjdbz2fkfps60&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz158jGyFZZ20C4S99u8PtKOYoAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0IQNZADTwm0SdaKP45aHfDXOps8PlSRTHBi0TnKiX8uZOupqyLMABMgddSc0wwnkI-qNoXEEGHh2PgIj2hCiRS93av71pId0pyTE6ux5dk6R0f7siuMMJUyuDtkXSWYAEAGRUn45tBcUXppWEwUve4_dKzX9h9ajg4K2kHVlFP-p2xK_fTqxEFXBsxUdUoUoJbhj8Fzg128SM77iu6vaGxXqEUpr6RUozeBUD-UBeNrjVWeGgrqpuroWKuVlCsOsLfUeB1dvyKaIn_e2NumABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYzZC4nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2id-X13hiHACaKYAL5s4ftSpou9w%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 179202
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tDkz7jUyo7nU5Z6I562KrxF4nzTn3OVFO9%2BSmzRjg8qpvB0T4SHhmYdIkGSmA3P21jaby1gyBrvSSqkP5QsQgHsGG7X1EINRaJqPLvSeeYXo4RAu2343sxABFR6pP9AlE7OjkFQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 8397de0f580c9131-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 09:16:49 GMT

GET
H3 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 13BF 8 KB
3 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/error_handler.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889134&bpp=2967&bdt=88&idt=3265&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C31079979%2C44809531%2C95320869%2C95320884&oid=2&pvsid=1570296872092261&tmod=982348649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ojcf858v2p6&fsb=1&dtd=3272

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98943ace7e40462eae22caf1645fadbf7e7d59b696cd3ed0391837e0efa41801

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 20:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3480
x-xss-protection: 0
server: cafe
etag: 1596694241577312856
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 20:51:46 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 92ED
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEKmSpIvl-YexYsFoLlkhQE0&google_cver=1&google_push=AXcoOmRwEdqCWl_cMOToOQSbkruWq1mkUU3ZftmOZ9b-dsVsgwRmrq9T9cdRix-oQ1Id3Vnk8MuG2pVwAwpZz0Z34S5HKXRmacZc5g
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=92094092DF0A4340841270F42541A162&google_push=AXcoOmRwEdqCWl_cMOToOQSbkruWq1mkUU3ZftmOZ9b-dsVsgwRmrq9T9cdRix-oQ1Id3Vnk8MuG2pVwAwpZz0Z...

170 B
188 B

52ms
52ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=92094092DF0A4340841270F42541A162&google_push=AXcoOmRwEdqCWl_cMOToOQSbkruWq1mkUU3ZftmOZ9b-dsVsgwRmrq9T9cdRix-oQ1Id3Vnk8MuG2pVwAwpZz0Z34S5HKXRmacZc5g

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 11:01:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 22 Dec 2023 11:01:32 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=92094092DF0A4340841270F42541A162&google_push=AXcoOmRwEdqCWl_cMOToOQSbkruWq1mkUU3ZftmOZ9b-dsVsgwRmrq9T9cdRix-oQ1Id3Vnk8MuG2pVwAwpZz0Z34S5HKXRmacZc5g
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 21 Dec 2023 11:01:32 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 92ED 70 B
148 B 58ms
57ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEM1ZEHeCyYX_q6gfgaZadmY&google_cver=1&google_push=AXcoOmQZtPJhbNJfU2ixxhRsfSIQkD5Kuokgxu7jRpZBbpAuQmNZbjIg1VONdh_4jKfTkUOYmwUEARHgCNYc2yUBaKBOXC7xTOqp
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889044&bpp=2941&bdt=115&idt=3202&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3422866323&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079759%2C42532523%2C44795921%2C95320884&oid=2&pvsid=510619576081689&tmod=930227628&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ocue0moz9rkc&fsb=1&dtd=3204
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 92ED
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEF3whesNpTaY2nAdBWPVuq0&google_cver=1&google_push=AXcoOmTiL3bqPBsge0_BcoGhfbdDmpqaNV7tcCzchgn_eadnjgFWGomNObr_ybiQ1GUvm-PEs4RoQVR55T-yFPD3...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=eUdPJzhESZUasSGxOfHOtQ&google_push=AXcoOmTiL3bqPBsge0_BcoGhfbdDmpqaNV7tcCzchgn_eadnjgFWGomNObr_ybiQ1GUvm-PEs4RoQVR55T-yFPD3n43O3sMjQZzJYA

170 B
188 B

52ms
52ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=eUdPJzhESZUasSGxOfHOtQ&google_push=AXcoOmTiL3bqPBsge0_BcoGhfbdDmpqaNV7tcCzchgn_eadnjgFWGomNObr_ybiQ1GUvm-PEs4RoQVR55T-yFPD3n43O3sMjQZzJYA

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 11:01:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 22 Dec 2023 11:01:32 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=eUdPJzhESZUasSGxOfHOtQ&google_push=AXcoOmTiL3bqPBsge0_BcoGhfbdDmpqaNV7tcCzchgn_eadnjgFWGomNObr_ybiQ1GUvm-PEs4RoQVR55T-yFPD3n43O3sMjQZzJYA
x-host: tde-deliveryengine-production-59dc4ccdb-f7dcr
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 92ED
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHGPse3mVBIJjZz8IhpC3To&google_cver=1&google_push=AXcoOmR_DBDEvQ-_Q2qWk57lGsWrtJeEUhu1jFqrVC9r-lriXSVBxOur-h74dzn8XiHTureDCXW...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFHSVVCNkstTi1KSTZD&google_push=AXcoOmR_DBDEvQ-_Q2qWk57lGsWrtJeEUhu1jFqrVC9r-lriXSVBxOur-h74dzn8XiHTureDCXW3O9rWDGPE-yfzekBlcSCtS4uzhA

170 B
188 B

51ms
50ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFHSVVCNkstTi1KSTZD&google_push=AXcoOmR_DBDEvQ-_Q2qWk57lGsWrtJeEUhu1jFqrVC9r-lriXSVBxOur-h74dzn8XiHTureDCXW3O9rWDGPE-yfzekBlcSCtS4uzhA

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 11:01:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFHSVVCNkstTi1KSTZD&google_push=AXcoOmR_DBDEvQ-_Q2qWk57lGsWrtJeEUhu1jFqrVC9r-lriXSVBxOur-h74dzn8XiHTureDCXW3O9rWDGPE-yfzekBlcSCtS4uzhA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e8e3ec71b160ae7345e4e302cc752a77
Expires: 0

GET
H2 200 ebda
match.360yield.com/match/ Frame 92ED 43 B
198 B 123ms
60ms Image
image/gif 54.229.5.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESEF9EG8dk3CYte7udUyIfmDU&google_cver=1&google_push=AXcoOmQQr6E8KegsKf9mJ_NWJYl2P3yhBS3nKjHBFCqyblVgJ8CJY6jF1Blwgs_gqwZhbq9tnqwTsWcipwXKx2NlK2Oe-u_nWrg7
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889044&bpp=2941&bdt=115&idt=3202&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3422866323&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079759%2C42532523%2C44795921%2C95320884&oid=2&pvsid=510619576081689&tmod=930227628&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ocue0moz9rkc&fsb=1&dtd=3204
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.229.5.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-5-240.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 11:01:32 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

/
onetag-sys.com/match/ Frame 92ED
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEGjB83VX9zOJkylftHhzN50&google_cver=1&google_push=AXcoOmTj9pg-JJZ8kXaVdpdCf5KgZ9cUH5CkUbkyluDhYHgeyTH7ZjnhmD1yTl69fUQ5X6hP5oVVgeT3_bM...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTj9pg-JJZ8kXaVdpdCf5KgZ9cUH5CkUbkyluDhYHgeyTH7ZjnhmD1yTl69fUQ5X6hP5oVVgeT3_bMNU-P9JtG8dp-iJO67BA
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

40ms
40ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 11:01:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 92ED
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECemMGPmCgcq...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmTG1z9fmphCuxvEr7JBETxo6h9NOclQpwae6jEcQyyUuKNY9_z32pJH7ivjGNq0JAgINybP3xQdFVsvR_bYWg1iL7az6ALQHIY
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

67ms
67ms

Image
image/gif

2.19.104.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889044&bpp=2941&bdt=115&idt=3202&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3422866323&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079759%2C42532523%2C44795921%2C95320884&oid=2&pvsid=510619576081689&tmod=930227628&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ocue0moz9rkc&fsb=1&dtd=3204
Protocol: H2
Server: 2.19.104.4 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-104-4.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Fri, 22 Dec 2023 11:01:32 GMT
pragma: no-cache
date: Fri, 22 Dec 2023 11:01:32 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 11:01:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 92ED 0
40 B 51ms
50ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K2UC_PVNd3PrewoXOp92e86mPZil-iCLTv1uGPaJ_UMijANSbYh9D8CkkSmiAp6u_ucexGo5I

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7DBE 8 KB
3 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/error_handler.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242892081&bpp=131&bdt=92&idt=332&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1137205606&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531706%2C95320884&oid=2&pvsid=2231393102354728&tmod=1615939969&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ciatwd3whlet&fsb=1&dtd=337

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98943ace7e40462eae22caf1645fadbf7e7d59b696cd3ed0391837e0efa41801

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 20:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3480
x-xss-protection: 0
server: cafe
etag: 1596694241577312856
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 20:51:46 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7DBE 3 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 10:17:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2627
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 10:17:45 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7DBE 20 KB
8 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32833
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 01:54:19 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7DBE 203 KB
64 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 11:01:32 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 079F 0
19 B 84ms
84ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVxwTjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzAFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QMkhwqsWM3SbYehKHzZjEba0GvVnFlDPbR3kxHOwTIQrjlM0cEVpmABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwOACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTg4NDI5NDQ3OTM5MTYzOBiZ0iE&sigh=ahXzkq_o6Vw&uach_m=%5BUACH%5D&cid=CAQSKQAvHhf_qMDfm-jOAltJXcYpBapCKqh0a8bQc6VzXAvO9qUU-pqEDQLPGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889044&bpp=2941&bdt=115&idt=3202&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3422866323&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079759%2C42532523%2C44795921%2C95320884&oid=2&pvsid=510619576081689&tmod=930227628&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ocue0moz9rkc&fsb=1&dtd=3204
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 22 Dec 2023 11:01:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 079F 0
39 B 50ms
50ms Image
image/gif 2600:1901:0:76b9::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1j9jafp4kn9ah8v1n2rpnxc35zvkshszf68qa878bgbvcksk25z698ndgypfxq7strpn9vqpcw9x2rbsv5y4nw35cdn9axsaknpcsz93fn2rjy0chtmsgq5exfshj7w3bs20v1n2zrgznm845jmtrfra202810wq4y17sz3n4x9898dfyvfyjwx1masbtjm82wsgrrwhsj79m04sx5vnymmndmtnd1tmzaym3freqax1azsdvnry5ca8qra92156nnjwf4t869qd84gnspmckbnc7na9f8e6fyw15c2n0517jy27awd4m28bbdvb5kq616g8rc1d662h0hxs1kpezkw0q71wjr7s6v38y0458aq4vg9zv98akkp79pzrnffxn1hg6qqa97rkqr8&b=ZYVsjAAETzwH_aMtAAMvh-ZQ1wKQ-bcsEPyIpg&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889044&bpp=2941&bdt=115&idt=3202&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3422866323&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079759%2C42532523%2C44795921%2C95320884&oid=2&pvsid=510619576081689&tmod=930227628&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ocue0moz9rkc&fsb=1&dtd=3204
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 11:01:32 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame C500 115 KB
14 KB 60ms
60ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kyed8k67exvqz66enq0ateb4ngactzsqtxkjj0p7y5zy0t4642bge25e75636knbksdhkngzm219hdj48h40k8k58k4agbpe9xn87j454k5avds7tpwnacg4ypnfn1cywq3eshtwjtdhhgzg45byvpfj3gp5zk1nvytzkft17m7hagcrakpxggdc8dvs7nfrrgmmr2915hk3k8kdda0z7q8v321s3vjh6vh6sdqqyn6vnrd2ph9a7yee285dcpw8p7mx06bz99wrpn5wqdp2vspdpqttw7kqyqzf3amsnrstt1623nps3npmbvgmqas0z9zqzcc2m32cyqgcg01z9va7ez7h9nktth4vcf65g3fvsexch7cwb00jxq8sg4w02d8eh8204esyfd2t41pd7agkb8bc6t6x892ztmvz5ednsf4tt7xjv7xsrzd4ywhjbtrz0mz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kyed8k67exvqz66enq0ateb4ngactzsqtxkjj0p7y5zy0t4642bge25e75636knbksdhkngzm219hdj48h40k8k58k4agbpe9xn87j454k5avds7tpwnacg4ypnfn1cywq3eshtwjtdhhgzg45byvpfj3gp5zk1nvytzkft17m7hagcrakpxggdc8dvs7nfrrgmmr2915hk3k8kdda0z7q8v321s3vjh6vh6sdqqyn6vnrd2ph9a7yee285dcpw8p7mx06bz99wrpn5wqdp2vspdpqttw7kqyqzf3amsnrstt1623nps3npmbvgmqas0z9zqzcc2m32cyqgcg01z9va7ez7h9nktth4vcf65g3fvsexch7cwb00jxq8sg4w02d8eh8204esyfd2t41pd7agkb8bc6t6x892ztmvz5ednsf4tt7xjv7xsrzd4ywhjbtrz0mz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 810711
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EzVV%2FmsdTdxaraCIblCcdbWI6Fjzp%2B5Vb1uuUfNaZLJIjdVYvOOHDYdjn6a5DfamnkPUA1MZ0EHsRn4WXvyPRiabyyuMuG9oB28amxGBN3Ng4z8kH2hYOqj0fE6KSIIOzRLykHprKEk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8397de0f8a56696a-FRA
expires: Sat, 23 Dec 2023 11:01:32 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame C500 24 KB
9 KB 65ms
65ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kyed8k67exvqz66enq0ateb4ngactzsqtxkjj0p7y5zy0t4642bge25e75636knbksdhkngzm219hdj48h40k8k58k4agbpe9xn87j454k5avds7tpwnacg4ypnfn1cywq3eshtwjtdhhgzg45byvpfj3gp5zk1nvytzkft17m7hagcrakpxggdc8dvs7nfrrgmmr2915hk3k8kdda0z7q8v321s3vjh6vh6sdqqyn6vnrd2ph9a7yee285dcpw8p7mx06bz99wrpn5wqdp2vspdpqttw7kqyqzf3amsnrstt1623nps3npmbvgmqas0z9zqzcc2m32cyqgcg01z9va7ez7h9nktth4vcf65g3fvsexch7cwb00jxq8sg4w02d8eh8204esyfd2t41pd7agkb8bc6t6x892ztmvz5ednsf4tt7xjv7xsrzd4ywhjbtrz0mz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 179202
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xIupzRKK4BsYJ2GK4lvjOS4vU0SjMj8TJn2%2FOxEr%2FCpBrv0XRIcqkHeYeqfrwlH0tBl69RrsCTVBF1bjJWeYJXJ00gRaIz8uIGoclfmpt75bzK75xHchwO6kk9NG9TdP12WW1wg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 8397de0f88859131-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 09:16:49 GMT

GET
H3 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4287 8 KB
3 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/error_handler.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98943ace7e40462eae22caf1645fadbf7e7d59b696cd3ed0391837e0efa41801

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 20:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3480
x-xss-protection: 0
server: cafe
etag: 1596694241577312856
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 20:51:46 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4287 3 KB
1 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 10:17:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2627
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 10:17:45 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4287 20 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32833
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 01:54:19 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4287 203 KB
64 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 11:01:32 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame C718 350 B
910 B 159ms
52ms Image
image/png 2606:4700:20::681a:61b

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1926737
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iW0O2GocBck41XaxW1pU9ITugwXVNI62yVxzXnh5zDNMY0o7U1vgfoAwLcS0BfZ6K8YY%2Ba2Jg4UaiOJh%2FoCBuHOd5P0CZQZSu5Bp91v3rZXwTlHMFUc33fALxoQjqwKIrSXdxnfCgW%2Fv6lmjmPY%2BqMz8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8397de105e30694c-FRA
expires: Fri, 29 Nov 2024 03:49:15 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 50F6 2 KB
1 KB 70ms
69ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2013481
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 8397de0fba7f696a-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Fri, 22 Dec 2023 11:01:32 GMT
expires: Wed, 29 Nov 2023 04:43:03 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z9PEUL7xAcULcYdSU8EM0Vkqglapgd6oq2MQAw2ggsxcQlFqJSUANML5mROiPg3EnPOOh3ciNGNPZl0Fp7Rix6OFAzsXkP4W6%2FQZygWHpYReOUw6mzxx6q4fSv4pDiI6vEOkYRY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame A75C 2 KB
2 KB 77ms
77ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1g75fdxqbvphc982ghfse6v3n1rfe4yj6dqy8se0nwj72v4vy32jajr89v10858n13a4qvfywdfv72p1a2qccnec3nqsm6js0vg576q17zn0tp8sq5mmnz1wh0c2z1gtwvdkvbegvz3s7qb5mjbxbrhjt3yjzdd6eknsg4w7szrf9mfh9gahbsjfzq8t4erabzt1cnym2kthhf93ax0cwp7a1yzmajtz2g8tqx8hx345vmkp7bzqckg0wf19tawmckb6d1ac6fp8ah18myfmsa618m02q31q3fqvascarrqjk8zvqk9120mg6axhjr482741bbkfwwkfaeksd3tkm8vyc9kwgjmm5veaanesdtqgwmp0er2z8tbkzxg38cbmph37zqetxr7gsdx27ntg383ptgqb7zntaxq1113nqvmkrkjdw7qkb3vbwbtk1wbr8cs2gth7v8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0f46b2918e477200be87cb94fe5fcefd6709ca57d8af751446b14a8d0ce298

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8397de0fba84696a-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 11:01:32 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 330A 1 KB
643 B 39ms
39ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51698
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Fri, 22 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A043 0
0 158ms
78ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssO75IlrGfP3kD2yvIY67gp7ax34yJBKk9hcNztKp_jTq-PW4oLUCoHVO4sy5jsN3cRibmOzfPnTuRS5M9Ftj3lCZ2KQ3wLWllC89uQ8o3wagY_sUujLdDWA7_QjrIjHDMgYVp1GhEUN8jh_3iOiGrjvJeWbkwgEYq-JGVotfrM7S64e8aqaIkZwNZmT5r9qxalsZ4nUiqYxy0alc16B5M-KvTAf5nN1KM7HeaRHOVrBg6_h-rMExQRNiad9oNcp5n5g3_ue1YKsyOGsw_mF3dkuQ6gth7zB0cWBiqKmR_vTEV4HFqG5XKoOwTBpYYMWBZAnwfY6lqvTV3TDwNEBFzcIj7JgF-CGWkkc04M3TwPMRRuPExLRDKn0JoGSqWQUe1yQ9Prj327J6uUdNHyT4U&sai=AMfl-YTH09xM5Eq36puLoWJ1pcTUzOy-hpOyFsbr9hr2I8a_OcTADLBPVhk84hxbGvssndskXHyZIS0JHS6Gr7A&sig=Cg0ArKJSzM1GgDYlxSQIEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 22 Dec 2023 11:01:32 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A043 16 KB
12 KB 182ms
103ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc1152c6791393462d034fa657eaf36ac8dcc73b4e22c6258628d55c9ed15481

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12214
x-xss-protection: 0

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame BF7D 2 KB
1 KB 60ms
60ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2013481
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 8397de0fca96696a-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Fri, 22 Dec 2023 11:01:32 GMT
expires: Wed, 29 Nov 2023 04:43:03 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1eAYO1nfMMQ1PRk49jPdI7IWvSPTgBD9BlpX2A6BS2rOD%2B%2FmgS8PxScCE%2Fjr2vJk6sT316OFksuJ4uFu9MhjwARQBIDblxntleOc5Dl8ZxcG%2BB8xTjnG3QK26XZlSCOgfdQywE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 7DBE 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42422cb1706c506eb32f3e19a4875cfa09172363192641c062a035d4f46309b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame C428 2 KB
2 KB 67ms
67ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jz04agx21t9ams746q5g4pjncjm7kvrmvgcs99w3fd1kgb7n2kd4e04m3t7gprnhsd43102ahp1r8p476wj8vas1n0v61s30s4k66pxdzf8vf32dwq9tt3v1wmfnhdq3v7reetcs5vwsyy0c3kjr1wafxyvrdfx42hkvn089znjp5411t35m1zj4v4dmdh2cng9cnbgmnde6xdn2pw5cx118fgf06crq3a1n4arsxzm95kkv0yx2cmw18t8f613y5r8f7rb95ks81q2aw2g32qn4p4tre55wbcknzs0mcvb2tn280yqrtz18cns51qmmc3waad2ny11dgcvh0be7n7d79nhedy7awk8fgzv7rya0gmxdzd0gnespc4zey2rhpbws5d43jq2fxv2yd6cw5b701ckwe76f20n981gazd5j5cky5xf9rkv71va9e6364700vj3&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-lwejGyFZfPvGuKe7_UPzNCDiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0Pa18-Gn5sKix6c_kPnCh-TZdD5h9YMlIv5mPqA18d5yzX2osEflVvrzg5R4kxNTo1uBZD-zKluzx0EoT0jdYq2sMPUo1du29zzeYA7iRoGCXjEY8MxKL-ol_qiNHx4Y644lbmZ41gLF_KsN1XgI30u9ShSUm0ipLW35u7XnVIUE0xIlbz6HE81P4JLfXv8YXS7-38as4WRKGdPEQWh1ifHP2Ubx2dJHT--sJcPN5ctYhMZLvRLP-1W81RPdB7oYkIT7fRhC38RbP4A-tNwTgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN3Ax5zyooMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_16pC8lVHUJk3gPGqrBYOqDnfSAbg%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

867c548cca19b22658f84703546e5bfd0f399bdb4d0d68ac45b2ff9597e7c97b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8397de0feab5696a-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 11:01:32 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4AE4 1 KB
643 B 39ms
39ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51698
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Fri, 22 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame A75C 115 KB
14 KB 53ms
52ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g75fdxqbvphc982ghfse6v3n1rfe4yj6dqy8se0nwj72v4vy32jajr89v10858n13a4qvfywdfv72p1a2qccnec3nqsm6js0vg576q17zn0tp8sq5mmnz1wh0c2z1gtwvdkvbegvz3s7qb5mjbxbrhjt3yjzdd6eknsg4w7szrf9mfh9gahbsjfzq8t4erabzt1cnym2kthhf93ax0cwp7a1yzmajtz2g8tqx8hx345vmkp7bzqckg0wf19tawmckb6d1ac6fp8ah18myfmsa618m02q31q3fqvascarrqjk8zvqk9120mg6axhjr482741bbkfwwkfaeksd3tkm8vyc9kwgjmm5veaanesdtqgwmp0er2z8tbkzxg38cbmph37zqetxr7gsdx27ntg383ptgqb7zntaxq1113nqvmkrkjdw7qkb3vbwbtk1wbr8cs2gth7v8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1g75fdxqbvphc982ghfse6v3n1rfe4yj6dqy8se0nwj72v4vy32jajr89v10858n13a4qvfywdfv72p1a2qccnec3nqsm6js0vg576q17zn0tp8sq5mmnz1wh0c2z1gtwvdkvbegvz3s7qb5mjbxbrhjt3yjzdd6eknsg4w7szrf9mfh9gahbsjfzq8t4erabzt1cnym2kthhf93ax0cwp7a1yzmajtz2g8tqx8hx345vmkp7bzqckg0wf19tawmckb6d1ac6fp8ah18myfmsa618m02q31q3fqvascarrqjk8zvqk9120mg6axhjr482741bbkfwwkfaeksd3tkm8vyc9kwgjmm5veaanesdtqgwmp0er2z8tbkzxg38cbmph37zqetxr7gsdx27ntg383ptgqb7zntaxq1113nqvmkrkjdw7qkb3vbwbtk1wbr8cs2gth7v8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 810711
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vn9Tq8%2FPALRZ8%2Bno2KGl%2FGA8yzLY83D5DYcugYGG1sACpRGOpdI1ThCd2aP3M%2Fx5Vz0hkv%2FeiP5DDe60mLFk03xIqsSj7jOlaZ8HJ%2FMFdtLRt5MvJtb5%2F2JH5hn3IEKaArPsXxyVZdQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8397de106b33696a-FRA
expires: Sat, 23 Dec 2023 11:01:32 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame A75C 24 KB
10 KB 91ms
91ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g75fdxqbvphc982ghfse6v3n1rfe4yj6dqy8se0nwj72v4vy32jajr89v10858n13a4qvfywdfv72p1a2qccnec3nqsm6js0vg576q17zn0tp8sq5mmnz1wh0c2z1gtwvdkvbegvz3s7qb5mjbxbrhjt3yjzdd6eknsg4w7szrf9mfh9gahbsjfzq8t4erabzt1cnym2kthhf93ax0cwp7a1yzmajtz2g8tqx8hx345vmkp7bzqckg0wf19tawmckb6d1ac6fp8ah18myfmsa618m02q31q3fqvascarrqjk8zvqk9120mg6axhjr482741bbkfwwkfaeksd3tkm8vyc9kwgjmm5veaanesdtqgwmp0er2z8tbkzxg38cbmph37zqetxr7gsdx27ntg383ptgqb7zntaxq1113nqvmkrkjdw7qkb3vbwbtk1wbr8cs2gth7v8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 179202
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MaXIjSF4GEVu1HyG2EMhoNnmDPYMKz0%2BlGSPDKXiJ%2BScy4Q%2F%2Fw%2BkGSI6zi3%2F49UCYmu8l9jWON3%2B2iVNkLuDyxIDxCNu6G7ANGufP2AOFizfT3BxljLgQ5CFhWSYxWECYKbzQd0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 8397de106b34696a-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 09:16:49 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame C428 115 KB
14 KB 92ms
91ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jz04agx21t9ams746q5g4pjncjm7kvrmvgcs99w3fd1kgb7n2kd4e04m3t7gprnhsd43102ahp1r8p476wj8vas1n0v61s30s4k66pxdzf8vf32dwq9tt3v1wmfnhdq3v7reetcs5vwsyy0c3kjr1wafxyvrdfx42hkvn089znjp5411t35m1zj4v4dmdh2cng9cnbgmnde6xdn2pw5cx118fgf06crq3a1n4arsxzm95kkv0yx2cmw18t8f613y5r8f7rb95ks81q2aw2g32qn4p4tre55wbcknzs0mcvb2tn280yqrtz18cns51qmmc3waad2ny11dgcvh0be7n7d79nhedy7awk8fgzv7rya0gmxdzd0gnespc4zey2rhpbws5d43jq2fxv2yd6cw5b701ckwe76f20n981gazd5j5cky5xf9rkv71va9e6364700vj3&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-lwejGyFZfPvGuKe7_UPzNCDiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0Pa18-Gn5sKix6c_kPnCh-TZdD5h9YMlIv5mPqA18d5yzX2osEflVvrzg5R4kxNTo1uBZD-zKluzx0EoT0jdYq2sMPUo1du29zzeYA7iRoGCXjEY8MxKL-ol_qiNHx4Y644lbmZ41gLF_KsN1XgI30u9ShSUm0ipLW35u7XnVIUE0xIlbz6HE81P4JLfXv8YXS7-38as4WRKGdPEQWh1ifHP2Ubx2dJHT--sJcPN5ctYhMZLvRLP-1W81RPdB7oYkIT7fRhC38RbP4A-tNwTgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN3Ax5zyooMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_16pC8lVHUJk3gPGqrBYOqDnfSAbg%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jz04agx21t9ams746q5g4pjncjm7kvrmvgcs99w3fd1kgb7n2kd4e04m3t7gprnhsd43102ahp1r8p476wj8vas1n0v61s30s4k66pxdzf8vf32dwq9tt3v1wmfnhdq3v7reetcs5vwsyy0c3kjr1wafxyvrdfx42hkvn089znjp5411t35m1zj4v4dmdh2cng9cnbgmnde6xdn2pw5cx118fgf06crq3a1n4arsxzm95kkv0yx2cmw18t8f613y5r8f7rb95ks81q2aw2g32qn4p4tre55wbcknzs0mcvb2tn280yqrtz18cns51qmmc3waad2ny11dgcvh0be7n7d79nhedy7awk8fgzv7rya0gmxdzd0gnespc4zey2rhpbws5d43jq2fxv2yd6cw5b701ckwe76f20n981gazd5j5cky5xf9rkv71va9e6364700vj3&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-lwejGyFZfPvGuKe7_UPzNCDiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0Pa18-Gn5sKix6c_kPnCh-TZdD5h9YMlIv5mPqA18d5yzX2osEflVvrzg5R4kxNTo1uBZD-zKluzx0EoT0jdYq2sMPUo1du29zzeYA7iRoGCXjEY8MxKL-ol_qiNHx4Y644lbmZ41gLF_KsN1XgI30u9ShSUm0ipLW35u7XnVIUE0xIlbz6HE81P4JLfXv8YXS7-38as4WRKGdPEQWh1ifHP2Ubx2dJHT--sJcPN5ctYhMZLvRLP-1W81RPdB7oYkIT7fRhC38RbP4A-tNwTgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN3Ax5zyooMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_16pC8lVHUJk3gPGqrBYOqDnfSAbg%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 810711
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ddxGHYHYGKCXwAjYye94JmX8MsgJoqfmUoZ1KSqkX%2FbQ8b5OsrUqLwHiF4GXF96Jg9TlUpTocDr4VRkV7oa5KAenYZ4cbCXAlzfT13ppMAdpHnUUNleYDxMZ8af4QLHIjvKPfqP%2F8lA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8397de106b35696a-FRA
expires: Sat, 23 Dec 2023 11:01:32 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame C428 24 KB
10 KB 51ms
50ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jz04agx21t9ams746q5g4pjncjm7kvrmvgcs99w3fd1kgb7n2kd4e04m3t7gprnhsd43102ahp1r8p476wj8vas1n0v61s30s4k66pxdzf8vf32dwq9tt3v1wmfnhdq3v7reetcs5vwsyy0c3kjr1wafxyvrdfx42hkvn089znjp5411t35m1zj4v4dmdh2cng9cnbgmnde6xdn2pw5cx118fgf06crq3a1n4arsxzm95kkv0yx2cmw18t8f613y5r8f7rb95ks81q2aw2g32qn4p4tre55wbcknzs0mcvb2tn280yqrtz18cns51qmmc3waad2ny11dgcvh0be7n7d79nhedy7awk8fgzv7rya0gmxdzd0gnespc4zey2rhpbws5d43jq2fxv2yd6cw5b701ckwe76f20n981gazd5j5cky5xf9rkv71va9e6364700vj3&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-lwejGyFZfPvGuKe7_UPzNCDiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0Pa18-Gn5sKix6c_kPnCh-TZdD5h9YMlIv5mPqA18d5yzX2osEflVvrzg5R4kxNTo1uBZD-zKluzx0EoT0jdYq2sMPUo1du29zzeYA7iRoGCXjEY8MxKL-ol_qiNHx4Y644lbmZ41gLF_KsN1XgI30u9ShSUm0ipLW35u7XnVIUE0xIlbz6HE81P4JLfXv8YXS7-38as4WRKGdPEQWh1ifHP2Ubx2dJHT--sJcPN5ctYhMZLvRLP-1W81RPdB7oYkIT7fRhC38RbP4A-tNwTgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN3Ax5zyooMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_16pC8lVHUJk3gPGqrBYOqDnfSAbg%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 179202
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wPG0v3afkOOULHgXNtl2jGfbCYkxHZHAEUf%2Fzg5r%2BOnJJsnAy3TVVPfnOiknAg34xmXHQWuZ%2BmCe81wV6PGCr1vHgnfrTeRFBguL%2FKhy7j8DiaNgXj3STT2k35q8SyYt%2BnyCRnk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 8397de106b36696a-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 09:16:49 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 330A
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENOWA24WNW45n776_qQQ9C0&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dFl3dDJ4U00xUmdEaHk1&google_gid=CAESENOWA24WNW45n776_qQQ9C0&google_cver=1&google_push=AXcoOmQBhgBTYefk3KopEw5FkhHmsYzBPftBBAVVw-wCZLm...

170 B
188 B

49ms
49ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dFl3dDJ4U00xUmdEaHk1&google_gid=CAESENOWA24WNW45n776_qQQ9C0&google_cver=1&google_push=AXcoOmQBhgBTYefk3KopEw5FkhHmsYzBPftBBAVVw-wCZLmrPoEJgnHQBtXYFS5hRTNULK-pdAZaV_-QFzzUft0cKIKAX4VtlxCH

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 11:01:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 22 Dec 2023 11:01:32 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-006fa252bd7417634@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dFl3dDJ4U00xUmdEaHk1&google_gid=CAESENOWA24WNW45n776_qQQ9C0&google_cver=1&google_push=AXcoOmQBhgBTYefk3KopEw5FkhHmsYzBPftBBAVVw-wCZLmrPoEJgnHQBtXYFS5hRTNULK-pdAZaV_-QFzzUft0cKIKAX4VtlxCH
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 330A
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEL1LUNv8Asv3W_BguzJpGjg&google_cver=1&google_push=AXcoOmTNXWZ3DQmPeeH4560SL09GeMIBKGaLSDEwHdx_FAlWiuySsd8mm2yIAKm_FGEVv1yiXc9ecAvw_VIM-hqLryCo-iP...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEL1LUNv8Asv3W_BguzJpGjg&google_cver=1&google_push=AXcoOmTNXWZ3DQmPeeH4560SL09GeMIBKGaLSDEwHdx_FAlWiuySsd8mm2yIAKm_FGEVv1yiXc9ecAvw_VIM-hqLryCo-...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTNXWZ3DQmPeeH4560SL09GeMIBKGaLSDEwHdx_FAlWiuySsd8mm2yIAKm_FGEVv1yiXc9ecAvw_VIM-hqLryCo-iPXqehx

170 B
188 B

51ms
51ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTNXWZ3DQmPeeH4560SL09GeMIBKGaLSDEwHdx_FAlWiuySsd8mm2yIAKm_FGEVv1yiXc9ecAvw_VIM-hqLryCo-iPXqehx

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 11:01:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTNXWZ3DQmPeeH4560SL09GeMIBKGaLSDEwHdx_FAlWiuySsd8mm2yIAKm_FGEVv1yiXc9ecAvw_VIM-hqLryCo-iPXqehx
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 330A
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDzowZC0slH0Xl1g0Hdn01c&google_cver=1&google_push=AXcoOmQ4jAz9hHXapgdM9_-9llrZlM7gzBvtvXzxJPKmIFroJ8OVdryauQCyzj6w-cjYOnRP6C6blKXQ...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY2NDIzNDUzOTk1NzEwODcyNQ&google_push=AXcoOmQ4jAz9hHXapgdM9_-9llrZlM7gzBvtvXzxJPKmIFroJ8OVdryauQCyzj6w-cjYOnRP6C6blK...

170 B
188 B

48ms
48ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY2NDIzNDUzOTk1NzEwODcyNQ&google_push=AXcoOmQ4jAz9hHXapgdM9_-9llrZlM7gzBvtvXzxJPKmIFroJ8OVdryauQCyzj6w-cjYOnRP6C6blKXQSRBje3IClYsGqip7yVCn

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 11:01:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 11:01:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY2NDIzNDUzOTk1NzEwODcyNQ&google_push=AXcoOmQ4jAz9hHXapgdM9_-9llrZlM7gzBvtvXzxJPKmIFroJ8OVdryauQCyzj6w-cjYOnRP6C6blKXQSRBje3IClYsGqip7yVCn
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame 330A 0
236 B 380ms
57ms Image
text/plain 2600:9000:25e8:3400:1b:5138:8a40:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEDlLTQvT6OS2pO2z6MwAMYE&google_cver=1&google_push=AXcoOmTi2BEaLi-rq1hpxVCD5pha2WeTD0UqMHILvm2baM27wC6fqTQHw6s3n8dqcOlzMCfY1zgwW0hE2LTYGNfwLywOnQvzpXs
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242892081&bpp=131&bdt=92&idt=332&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1137205606&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531706%2C95320884&oid=2&pvsid=2231393102354728&tmod=1615939969&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ciatwd3whlet&fsb=1&dtd=337
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25e8:3400:1b:5138:8a40:93a1 -, , ASN (),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
cache-control: no-cache, must-revalidate
via: 1.1 e07bd6386c24c4e98bde2dc8881304ee.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS1-P3
x-amz-cf-id: Dax2bfplvYFuju12mVYjGYM0GZCWxVzDMj2lT6R_eTkKuBbjcKUptA==
x-cache: Miss from cloudfront

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 330A
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEC...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRNhMqqXYMMclnIZBtirKgkbTblI8Cc9FXdZxz4Wcf4Gos2eVfxrt4XiXNQVPbO-XAcVYYXodKWiaeqkP7F-2LUVrdwPbI&redir=https%3A%2F%2Fcm.g.double...
https://sync.targeting.unrulymedia.com/csync/RX-1e27c462-4877-430c-a868-93eb3e6f316e-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRNhMqqXYMMclnIZBtir...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRNhMqqXYMMclnIZBtirKgkbTblI8Cc9FXdZxz4Wcf4Gos2eVfxrt4XiXNQVPbO-XAcVYYXodKWiaeqkP7F-2LUVrdwPbI&google_hm=Ax4nxGJId0MMqGiT6z5vMW4

170 B
188 B

48ms
48ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRNhMqqXYMMclnIZBtirKgkbTblI8Cc9FXdZxz4Wcf4Gos2eVfxrt4XiXNQVPbO-XAcVYYXodKWiaeqkP7F-2LUVrdwPbI&google_hm=Ax4nxGJId0MMqGiT6z5vMW4

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 11:01:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRNhMqqXYMMclnIZBtirKgkbTblI8Cc9FXdZxz4Wcf4Gos2eVfxrt4XiXNQVPbO-XAcVYYXodKWiaeqkP7F-2LUVrdwPbI&google_hm=Ax4nxGJId0MMqGiT6z5vMW4
date: Fri, 22 Dec 2023 11:01:33 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX1e27c4624877430ca86893eb3e6f316e003
content-type: text/html

GET
H2

200

report
sync.teads.tv/um/ Frame 330A
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECemMGPmCgcq...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmTOoJkt-JlUa27kBpikmwLt7awp87fsgh28HTE48eKTHJjib9sK6H0im81v_jNRyNQrZ3fc-tMUV24bf67TisnDMN3S-l0Xbg
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

66ms
66ms

Image
image/gif

2.19.104.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242892081&bpp=131&bdt=92&idt=332&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1137205606&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531706%2C95320884&oid=2&pvsid=2231393102354728&tmod=1615939969&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ciatwd3whlet&fsb=1&dtd=337
Protocol: H2
Server: 2.19.104.4 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-104-4.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Fri, 22 Dec 2023 11:01:33 GMT
pragma: no-cache
date: Fri, 22 Dec 2023 11:01:33 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 11:01:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 330A 43 B
145 B 41ms
41ms Image
image/gif 18.197.41.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJ0uOcH9pILQwopB74d6Asc&google_cver=1&google_push=AXcoOmRgTRGDNSFsGzKKdJpZbSIm1iT6Q7jnaE6pXaFKQ9gUGZDryJ7Td3nd0bkotymuQk6pU92BmG-ZlHyI3SnKuwE-ka4xOQIaiw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242892081&bpp=131&bdt=92&idt=332&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1137205606&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531706%2C95320884&oid=2&pvsid=2231393102354728&tmod=1615939969&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ciatwd3whlet&fsb=1&dtd=337
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.41.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-41-124.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 330A 0
12 B 46ms
46ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JcLtrBNfIU7l24EE0h0A1YoIMifzxDkD4Y-1hry7mp3FWNhWLV6fO4vn6O0Q5XXWWYL2k12Tg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 4AE4 0
103 B 43ms
40ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDNWXNF6YnE-jKEp9D4tA7Y&google_cver=1&google_push=AXcoOmTQqNsSy0wMQBBLVhCCxuNNnpkzDJiTFrGOSzT81mjRGwvAVDSf6tHmW2DSGpNCQOkzQCMl_kbAIU_cvQbCDN5N6RTD0-B_
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889134&bpp=2967&bdt=88&idt=3265&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C31079979%2C44809531%2C95320869%2C95320884&oid=2&pvsid=1570296872092261&tmod=982348649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ojcf858v2p6&fsb=1&dtd=3272
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 11:01:32 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4AE4
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEKmSpIvl-YexYsFoLlkhQE0&google_cver=1&google_push=AXcoOmSgRVTv0rI6pUJTIZWbi5VrWm_OH4CNJOS8r5XdtJhUcEe3YxDAzGQYSkwy_Vp_9VfyFTA5s7J52i70HiJCyfqaKMTcSVig
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=92094092DF0A4340841270F42541A162&google_push=AXcoOmSgRVTv0rI6pUJTIZWbi5VrWm_OH4CNJOS8r5XdtJhUcEe3YxDAzGQYSkwy_Vp_9VfyFTA5s7J52i70HiJ...

170 B
188 B

50ms
50ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=92094092DF0A4340841270F42541A162&google_push=AXcoOmSgRVTv0rI6pUJTIZWbi5VrWm_OH4CNJOS8r5XdtJhUcEe3YxDAzGQYSkwy_Vp_9VfyFTA5s7J52i70HiJCyfqaKMTcSVig

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 11:01:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 22 Dec 2023 11:01:32 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=92094092DF0A4340841270F42541A162&google_push=AXcoOmSgRVTv0rI6pUJTIZWbi5VrWm_OH4CNJOS8r5XdtJhUcEe3YxDAzGQYSkwy_Vp_9VfyFTA5s7J52i70HiJCyfqaKMTcSVig
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 21 Dec 2023 11:01:32 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 4AE4 43 B
362 B 45ms
42ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSEyOU1LdU1hpsAStABOsffWzeY4uejfZ0r6ym8Ckvf7dAvpU-aYsFtGWvuycxoepqi5tRbcue0p5NrW3P6QniIMRaFex5i&google_gid=CAESEHMkx1PcI7xWWJkVBJtasQA&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 11:01:32 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 250088
expires: Fri, 22 Dec 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4AE4
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHGPse3mVBIJjZz8IhpC3To&google_cver=1&google_push=AXcoOmT2xEj12KW8NAj4bi78artyaKuHwdpFcF7EiPK-xcbJiVRkDDrpHjlOWIKoGQvEI5vTE0b...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFHSVVCOE8tMTMtSzA3Sw==&google_push=AXcoOmT2xEj12KW8NAj4bi78artyaKuHwdpFcF7EiPK-xcbJiVRkDDrpHjlOWIKoGQvEI5vTE0bIY2MZkLcsMYEDKXXU5Z8G6Lo

170 B
188 B

49ms
49ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFHSVVCOE8tMTMtSzA3Sw==&google_push=AXcoOmT2xEj12KW8NAj4bi78artyaKuHwdpFcF7EiPK-xcbJiVRkDDrpHjlOWIKoGQvEI5vTE0bIY2MZkLcsMYEDKXXU5Z8G6Lo

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 11:01:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFHSVVCOE8tMTMtSzA3Sw==&google_push=AXcoOmT2xEj12KW8NAj4bi78artyaKuHwdpFcF7EiPK-xcbJiVRkDDrpHjlOWIKoGQvEI5vTE0bIY2MZkLcsMYEDKXXU5Z8G6Lo
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e8e3ec71b160ae7345e4e302cc752a77
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4AE4
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOhiMUubKFKX2a_EPnTAuDU&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOhiMUubKFKX2a_EPnTAuDU&google_push=AX...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOhiMUubKFKX2a_EPnTAuDU&google_hm=ZYVsjfZiGd6ghCryqwmsHwAAFKoAAAAB&google_nid=index&google_push=AXcoOmRM38dVldt7SdXZ-TVbLOzqH3JjwnSOI...

170 B
188 B

50ms
50ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOhiMUubKFKX2a_EPnTAuDU&google_hm=ZYVsjfZiGd6ghCryqwmsHwAAFKoAAAAB&google_nid=index&google_push=AXcoOmRM38dVldt7SdXZ-TVbLOzqH3JjwnSOI-egYKK6pW86dv5_JjD7DsbRLhpw7MH3k5bjnlAWs-Rkt3UB3J42Qm2IeU0-6Y2B

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 11:01:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MABe3L%2Bv%2BImRMjlFv0E%2FWPXDA%2BLz4CkVh3jMrggZPR1DXJisgsyR7xSAwmLhdNlFRlcCykm1Jh%2B66MKWrh7V5EIPpAvhAa5JgtxyLYwrVQmN%2BWXQT%2B4B8UfJufNY3EVXMDPJu03U%2B8HetA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOhiMUubKFKX2a_EPnTAuDU&google_hm=ZYVsjfZiGd6ghCryqwmsHwAAFKoAAAAB&google_nid=index&google_push=AXcoOmRM38dVldt7SdXZ-TVbLOzqH3JjwnSOI-egYKK6pW86dv5_JjD7DsbRLhpw7MH3k5bjnlAWs-Rkt3UB3J42Qm2IeU0-6Y2B
cache-control: no-cache
cf-ray: 8397de12fed5453a-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 4AE4
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEGjB83VX9zOJkylftHhzN50&google_cver=1&google_push=AXcoOmSi1kVz64WPryjs4GSKl6XvzzY5ra6xkoMAOEhwcNrfXIh7ERk4fjWXE6arZT74PZ3CdZkKcLmesiq...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSi1kVz64WPryjs4GSKl6XvzzY5ra6xkoMAOEhwcNrfXIh7ERk4fjWXE6arZT74PZ3CdZkKcLmesiq5n91dEnwGNLwxkOoyrg
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

39ms
39ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 11:01:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4AE4
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEHy36zJnR_DAkjxjrYqmApg&google_cver=1&google_push=AXcoOmTBD2ELzsoj6...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODk1MTMwMTA1MzgzMzQ2ODQ3MQ%3D%3D&google_gid=CAESEHy36zJnR_DAkjxjrYqmApg&google_cver=1&google_push=AXcoOmTBD2ELzsoj6ek979Hy4QP_C6qfOg...

170 B
188 B

51ms
51ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODk1MTMwMTA1MzgzMzQ2ODQ3MQ%3D%3D&google_gid=CAESEHy36zJnR_DAkjxjrYqmApg&google_cver=1&google_push=AXcoOmTBD2ELzsoj6ek979Hy4QP_C6qfOgndxCYVQAsARbjlIQfY9WjxDudttW_LW2GH-DiZMSfDeEtg2lfOxysNUCMbVv7e1qfXzw

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 11:01:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 11:01:32 GMT
an-x-request-uuid: 124b91cc-3758-4ed6-84f2-7655fa00ea76
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODk1MTMwMTA1MzgzMzQ2ODQ3MQ%3D%3D&google_gid=CAESEHy36zJnR_DAkjxjrYqmApg&google_cver=1&google_push=AXcoOmTBD2ELzsoj6ek979Hy4QP_C6qfOgndxCYVQAsARbjlIQfY9WjxDudttW_LW2GH-DiZMSfDeEtg2lfOxysNUCMbVv7e1qfXzw
x-proxy-origin: 80.255.7.100; 80.255.7.100; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4AE4 0
12 B 52ms
52ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LbChtnDqC8ptXE9LRqKTBPYtI9QQMeyrldJwJsnVVbK1DCyzaJ7JpwoiPAXv4udq5JM7tcBy0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame C500 350 B
639 B 54ms
54ms Image
image/png 2606:4700:20::681a:61b

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1926737
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WVjMXlpIvj2QY32XmOQOVrkWS6mqpQiASnxVGYuMejVRL9qg3c6NDWjPzjPWT0O6VO%2Fe5cVdeB26TyNDmtyD4z0W8kamKI2A%2FeLXGIfvWW1ncEzIgLlz%2BCZEkoluG0iANwBfrCcKXxQ6cXs6i%2BOvxKUB"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8397de10be7a694c-FRA
expires: Fri, 29 Nov 2024 03:49:15 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C1D6 0
0 76ms
75ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvm--swa5_uj6Lw_QjYc07bDEYFzmjdhRDXXtSi2Jqpp4T9LCE18rPjBByUm3orTTdlfGlv6IkNPM6nC6eId6fxXb8MKtlyq7t9uVP6Cnz-ZV0MD_KNu0earKxgTOQcOHoyIJ5t9fkdmsglluEqblMQTdRwAC2T5XGtFar2dH7GYFkmcSdKKy9tl9uv4pXnSaZUq2cPuget84j4GZ_IVdPARD5GMt5RkIlbAJFkjyJTOsiGcNGeh7w-D5qnbtJwcNowMWop0pN9TOr5IQHWFELQpSA9em7VyJjMxBWl3zzPMxHJfsJBRs5qdYHzsoYuxLhAUeqr78DAMUkG2hbByTV2CECo_YqrzBfk_vR6-Bf1zYjgZ2Cm4EKciJVBB-tQpO0F_h8d_57YG6Ugeq1n46SN&sai=AMfl-YQ_19glfGPCK4l_EjmEM8VFFN3qDcYiHL2MDpB1Ku3ZOGKKWVlI2tYaJe2AyI3yIBMKCRquckTZHNMzQYA&sig=Cg0ArKJSzGua9Aih0G_iEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 22 Dec 2023 11:01:32 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C1D6 15 KB
12 KB 87ms
87ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94fd0fbd71fd2b1ebc82c0404b3bd76c9099bbee0c5361a7069822f889728be4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11939
x-xss-protection: 0

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame A4C6 2 KB
1 KB 51ms
51ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2013481
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 8397de10cb95696a-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Fri, 22 Dec 2023 11:01:32 GMT
expires: Wed, 29 Nov 2023 04:43:03 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2d7R8sPslbi7itYtP7JCnQVl5vVqYIFcAi3JkroNC7eQU1LPlUf28UrrTtxG4qzCL3koBMzBmHUOgmV9Fmh9RwvOCk83RrUv7XsIwwguSf0X6epISy%2BGBRCTjTCBbMY%2F8mLRr4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 347ms
66ms Preflight
text/plain 2606:4700:20::681a:ad1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8397de1288dc3644-FRA
content-length: 24
content-type: text/plain
date: Fri, 22 Dec 2023 11:01:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4SVxT0Y4ROBnfyIZ5s%2FCZVGWMC7KlzHJlcFo670zVDPBhquHslB4%2Ff7Lagss74XcYjeWj8Aci%2FUdq6lPCaSAUicy4nF%2FCOrLeoE8aXSP71%2FCT7BtZS3RNEdt9%2FCJKHi8ubhSqv0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-qqr2

POST
H3 200 rs Show response
ad4m.at/ Frame C718 1 KB
1 KB 70ms
69ms XHR
text/plain 2606:4700:20::681a:ad1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 19b72a92913062223f56ea8d20589267234fd8ee714fb46607968711a9d6d63d

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jFQp36NAJs1dxey5BbTMXs%2FPYV9FM3pAuVJkAIT7qeik9hSumMbsEfBAJIZsvoX6QZHpSArSdC2365v8skHGUUNRoPSnsUqkMx8xVCG7zAZ8oyGCV5JdqN5NKRvLFuOWUoKxycE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 8397de12f96b3644-FRA
x-backend-server: aa-reachservice-group-europe-west1-qqr2
alt-svc: h3=":443"; ma=86400

POST
H3 200 rs Show response
ad4m.at/ Frame 4527 1 KB
1 KB 65ms
65ms XHR
text/plain 2606:4700:20::681a:ad1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b2da1d8d97bf0f9c6b91a686f349e4ce0e46f0c24ce6ffede5568a2225139b8f

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1tAl2KYOYzZCdmCjqP6Fwbq6D7oaMsEgd2AvcZarGwgdcs2%2F3nTq6cmo5IFYt%2B2nuWk9t%2B9cSC1zL%2Bx8nnfTKMUcvVNlmEcuutbqTgPptjCZkTarf0xVUUzWMkj8CtLs2J5I0o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 8397de12f9663644-FRA
x-backend-server: aa-reachservice-group-europe-west1-p07n
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 344ms
63ms Preflight
text/plain 2606:4700:20::681a:ad1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8397de1288e33644-FRA
content-length: 24
content-type: text/plain
date: Fri, 22 Dec 2023 11:01:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FxvAfadGx23%2BiNtVGb8yiWLKr2D2EGKIf9NB%2FMXVDifN90EMKME%2BKmv1%2F%2FAGIBpfhlxXD71jBMFAPSyVbZcX4GMOtGyOLQRS32xuMCOM1Xre05nhXrodhfviqQvQhCN%2FeMXxwuU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-p07n

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A043 17 KB
6 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 11:01:32 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame A75C 350 B
639 B 50ms
50ms Image
image/png 2606:4700:20::681a:61b

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1926737
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ocoCB66YTcGVB%2BeI%2FGW2y9yCCNx5nc4U3cdOOmQRS6ALLAkGmcenOj6WTN8MQpIbQNW47ykvP2DJVSOiDPMj%2FUfyC0hlVY%2BB67rHM0Fiy1BsKBZbN%2F3YF19luLMH3FEVncnEHacnbT59sPm8tATtbR7L"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8397de10fec5694c-FRA
expires: Fri, 29 Nov 2024 03:49:15 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4287 0
19 B 81ms
80ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cg1kOjGyFZfPvGuKe7_UPzNCDiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzQFP0Pa18-Gn5sKix6c_kPnCh-TZdD5h9YMlIv5mPqA18d5yzX2osEflVvrzg5R4kxNTo1uBZD-zKluzx0EoT0jdYq2sMPUo1du29zzeYA7iRoGCXjEY8MxKL-ol_qiNHx4Y644lbmZ41gLF_KsN1XgI30u9ShSUm0ipLW35u7XnVIUE0xIlbz6HE81P4JLfXv8YXS7-38as4WRKGdPEQWh1ifHP2Ubx2ZBFbn173ESNLUwQEhwCL-D2718R3z3F2jra2RYD6QZuxxGHoMD2gAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN3Ax5zyooMDgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU4ODQyOTQ0NzkzOTE2MzgYmdIh&sigh=yvTyaQaQekQ&uach_m=%5BUACH%5D&cid=CAQSKQAvHhf_9BEQedlX9m4weRpgTVXz4zseFG4p1UgPPDx02RaD9SDs-3svGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889134&bpp=2967&bdt=88&idt=3265&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C31079979%2C44809531%2C95320869%2C95320884&oid=2&pvsid=1570296872092261&tmod=982348649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ojcf858v2p6&fsb=1&dtd=3272
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 22 Dec 2023 11:01:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 4287 0
39 B 50ms
49ms Image
image/gif 2600:1901:0:76b9::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hpj4zkpx7g8tdccjqj8k6g080k94tw1qjayxkv990ybwg3937h87d7nvrnz75gtsm9jn7ksb6zcqxx7zfkav11e5qvbc72a28ys2tzznwqey92kwvp13cps70rqrtb36h0ehk643nztdf8w1by7xc8c5xxf9pg6vr9wx3s05sx87xqfhc9qeb32k0qntjsg8cdtej05a5726c2pfwepzs7qdh17h5216csfx93h1mfxycnxkq9n12qjxctfyfsyne02mc8yxq9e23ejcabcc4eh06by8j5d91hqf8b9vfm00x6mgqrvsczvhatqzmp1pw5pmcbw5ghk0jahtn7vrmvdwrgmdgpqdtpt4v3vrbkkfm8q5xcgj2e6essf2pc157rykcr2zr6tjt0&b=ZYVsjAAGt_MIu89iAADoTLp-SSmIlEQ9d71lbg&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889134&bpp=2967&bdt=88&idt=3265&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C31079979%2C44809531%2C95320869%2C95320884&oid=2&pvsid=1570296872092261&tmod=982348649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ojcf858v2p6&fsb=1&dtd=3272
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 11:01:32 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 6555 2 KB
1 KB 57ms
57ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2013481
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 8397de110bc1696a-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Fri, 22 Dec 2023 11:01:32 GMT
expires: Wed, 29 Nov 2023 04:43:03 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfCjl6EENvE5kF2J67wyZR%2BnNuXQF7xF57WuClSzCF%2FRU%2FRWDfY8SStvHWdaHMYyX77IUjImPkXveIutEJ94b%2BD2YHWdirxco%2BruwA%2Bpc9DKxTLe1FMOpvH%2B62%2B%2FD54hB9uRBE4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 8561 2 KB
1 KB 50ms
50ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2013481
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 8397de110bc4696a-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Fri, 22 Dec 2023 11:01:32 GMT
expires: Wed, 29 Nov 2023 04:43:03 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUtptv0dH03EyCJ2nElYtbldarDddNtGWZwitMEn08GHh8u2UdWmhiY51d6SxS%2FGHx9K1MkbKXPaxmIkKtAzLttBFS%2FAnX%2FU6eCfbM9GNF8xsdiLQY6nI4i%2BvUC%2FEnAw6u4bBmE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C1D6 17 KB
6 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 11:01:33 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B569 13 KB
5 KB 41ms
40ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 10:19:47 GMT
expires: Sat, 21 Dec 2024 10:19:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B5DD 829 B
1 KB 51ms
50ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

29ef0739d5603f89381de3d3cd955be635a16c212f5122ef604feefb145a19f3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ePmoiYu3h_0UYCnbug81tw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ePmoiYu3h_0UYCnbug81tw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 11:01:33 GMT
expires: Fri, 22 Dec 2023 11:01:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3138 0
0 78ms
78ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIKP2UUA5dgz_i1jIDt_l8elvdj1yAv3Ie6sFLPEdDit2CcX8ZyqCXzM2kHTxxydqZqZuNiyoBnocR-WaUGRxuYEzUG7lVgS_kVMhHb1l8be9ybxbSFxZVeV82ymTRIa8_Sv5ie7n7GWZ5fI9uF5JQm53Q99B6eMjClssdmdsL4RNh8dTuffAWrkUKzpgAOV3UmU0C4wewNroTo1SsZRfQORwGFGSaGX31erKblHWNLeDif5g9nb4tAMZttJEngORjKwIfIoFGCjEnkngdod3g46wZ1dGeddHaof2bg4D_zRK7Z-V1enkO8MXdivY9yviYGQHxpguuRjW3qt_QPMN3QzPffV1kXeQY-CX3j9rsN_0VFGCXXwKek6PsarwAxc4t7g7Ek0OzjaFLpVqKodmz&sai=AMfl-YR7JjnIfEUegI7jhXOyil8ANoXkR4RbCo6J1Iq815ShaR4XjZpNQrpsHH6TKu8rpymmWUNrzIqMrRNnXpg&sig=Cg0ArKJSzM3Riq4K4nKvEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 22 Dec 2023 11:01:33 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3138 16 KB
12 KB 90ms
90ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78693fd6e7380b2962ece513f734b418641b263e302684660323b93961ce7bf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12237
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F791 0
0 76ms
75ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstdpBAYussLxI_Ko1cOjkIvPaUqC1P-_yikv6amIHD2oWZerrR5Y6o2RDmeU42N123Z9pyPkNpL7n-yxcYXXTrY5i3BUZoGvo3afSh7nmS_zHzrcf3_cdM7CaPsZxf8vrJGHKW3ThnUzGiGrRISYFl3dGeBaSPzpHc9sVk8qFJmZVESFda501CXrO9fykOUFvtWiwfH-3HpV0YVcUGaucelvnmQz828NDs4Ug6pMDcnHJT0qV22MQSj1EAUT9oN7UappBMWZ3U5EEusb0vkSY6kyEM-WYTw9eUH7K4C426j7gy-u4XKIj-gGOo7LDipYJSZbxwxwlsq_fP9DR9wkIdyVwC9RVl9P45Pz7v0Bx-zfCfONVmRqiqPhI06_9P2swJo8nrIHpjAmZEIOfKyjmw&sai=AMfl-YTyELNjPFVaD4o_uv9Tc3s6OfeGeZvqgaZ2qdHpMDQSysYh68P2O9c9H1OuRSG0cs3AkczR2-0MMwjF_z8&sig=Cg0ArKJSzGNA1m5qeWePEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 22 Dec 2023 11:01:33 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F791 16 KB
12 KB 95ms
95ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec227134d399227fe358e0086b7e5537b5274cd941b5b5fb0e565c4eb13a56b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12130
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7DBE 0
19 B 82ms
81ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cbr5kjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzQFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_Yb33_1fjSZowh-7hH81-K9VITf8atQGn1AKqA3EL27NXU8KzIn1gAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwOACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTg4NDI5NDQ3OTM5MTYzOBiZ0iE&sigh=BBqnDqHhDZE&uach_m=%5BUACH%5D&cid=CAQSKQAvHhf_XPsKTJ06_Vi1oeLMb8hn04J9hXLc7KxEvNVhbcOr92Te5lx6GAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242892081&bpp=131&bdt=92&idt=332&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1137205606&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531706%2C95320884&oid=2&pvsid=2231393102354728&tmod=1615939969&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ciatwd3whlet&fsb=1&dtd=337
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 22 Dec 2023 11:01:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame 7DBE 0
11 B 49ms
49ms Image
image/gif 2600:1901:0:76b9::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jnmkcsmhcskhz5zg09avxrarjks2t5n5gv1dncz50p8eqkg0ag55pmgq63ez7bmvs3swptxk5swshr3j7w8httdhmpnwwd48e0ap8qfmq4qjxd35trkqv0xtrn4gywcsxjqymp5sxrprjxq70yenmgztxt7njz9ymv1xb7nkccf5bdcxbbt7mhajfm9jnz85s8zehpyst5rz6h9cfs62mzj43be1vr2adf7weewxsyc1fy8s5js7xdc94ptkke348359yatg7q3h0ng70kby26xexbc02y8znvv052f2b95dppkhxpxm5ns9y6h2k9ygxcvgt8a39zs80ce24jcr8xw9z98pxwhqq2jf94b135qbf8wzzn26yev4da5psvfw99anzjq08qng4r&b=ZYVsjAAG8NoIu8PUAAKNszvlctmc_hJ4PED5eg&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242892081&bpp=131&bdt=92&idt=332&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1137205606&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531706%2C95320884&oid=2&pvsid=2231393102354728&tmod=1615939969&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ciatwd3whlet&fsb=1&dtd=337
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 11:01:33 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6085 13 KB
5 KB 41ms
40ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 10:19:47 GMT
expires: Sat, 21 Dec 2024 10:19:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8C25 829 B
769 B 52ms
51ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

26030c67cb2fdca21d7a79476616fdb6466ff96e9708a24c4c1f6677b6ad55f3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-f2pL2kudCwcKBwrwZn4x-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-f2pL2kudCwcKBwrwZn4x-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 11:01:33 GMT
expires: Fri, 22 Dec 2023 11:01:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 63ms
62ms Preflight
text/plain 2606:4700:20::681a:ad1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8397de12b91f3644-FRA
content-length: 24
content-type: text/plain
date: Fri, 22 Dec 2023 11:01:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cLsgdbk5SgHoh3TTKsHJvTixqirKRaESXKrCn3PIkDIYnRY8%2BZfRG%2BKtSQ%2BRCHR3s5AuE45dTI5u0RCyhFUEUcSiqtvga7oBQITLGOTpQLL03uQeT4UWPKw9ByPfv6iPXHUE3BY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-qqr2

POST
H3 200 rs Show response
ad4m.at/ Frame C500 2 KB
2 KB 70ms
69ms XHR
text/plain 2606:4700:20::681a:ad1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e817fe0df75a2ccb8908c15918c041961d4dd252ed0ef6a33fc8aad26ca00161

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RXhEOBCiDW5ELpZXvPbeM8%2F%2BUbuG%2F9LlnZJWmpV93fIX4MjgZw0rGUiJdp8F%2FcytP35WLk8gi1T8MRPxGIrWZWpPihj%2BQLLVwqOS7QnOKkC1FcBSy1ocfkU0xMT2MACQ3K2gB7E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 8397de1329aa3644-FRA
x-backend-server: aa-reachservice-group-europe-west1-p07n
alt-svc: h3=":443"; ma=86400

POST
H3 200 rs Show response
ad4m.at/ Frame C428 1 KB
1 KB 69ms
68ms XHR
text/plain 2606:4700:20::681a:ad1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: c8faf99fd993e58fc0a8cd69550d2a57eebf491b4a8bc7bbf9fa7fb2d7ac39b7

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EIk4UFWFAl5O8DYYwBFtr0YUAwJ96yMxBe%2FHIs%2F4v7XpRQvwwFwOO6WfJsCjSddbAcU6gALK4RyoyMqXCT6XqnW%2F%2FcBIfFJrCnea8pjmLYtxV7UCIp8HdMPGdKTJGyqEoKvdnbo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 8397de1329bb3644-FRA
x-backend-server: aa-reachservice-group-europe-west1-qqr2
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 69ms
69ms Preflight
text/plain 2606:4700:20::681a:ad1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8397de12b9213644-FRA
content-length: 24
content-type: text/plain
date: Fri, 22 Dec 2023 11:01:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6RK%2F3MIRftSo8EJCWbywTufBd1Ba6HhHc1BnLfS6CftFMatFhOxbWXMsL%2FQVMue7BohhWIOmADhG7xLCvS%2BPknE25m%2BDD8ZJsRUnO4TlN7ngcQ73FfvekhXgp8vfKt2lcuJW5zc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-p07n

POST
H3 200 rs Show response
ad4m.at/ Frame A75C 2 KB
2 KB 66ms
65ms XHR
text/plain 2606:4700:20::681a:ad1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2d993f50ef7d1ef5baf8468fa8c632211a101343450e640468e3295396388d

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AV0wQ0QdAMZJ5XVZ1PIPQIoZFp%2BDS2fN0IdOf0KdrUZeGaVlDXKKRDs%2Fahvj3I1WuYmjU%2BfXNu2xjSqYFHWuF7ufeKJ72BBLAdT%2FnkjHIJrlakTItWQ44vSmRqKvut%2B60QxLrUI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 8397de1329ac3644-FRA
x-backend-server: aa-reachservice-group-europe-west1-qqr2
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 63ms
63ms Preflight
text/plain 2606:4700:20::681a:ad1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8397de12b9233644-FRA
content-length: 24
content-type: text/plain
date: Fri, 22 Dec 2023 11:01:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2EesA%2B51Yb3xIZdmk3VVvfs8JvVpf7y0pfUcRE88zoHWedPE2prFZg5oDBSxERsPKq7eifZJB3oSgflnIyyouVtqejTW93jUP1XmdVkLTxI%2Fq9ZU%2FN1oamzsQ7gn56UGjQDA%2Fg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-p07n

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame B569 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 13:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78652
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Dec 2024 13:10:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B5DD 0
0 74ms
74ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=3970707060804890&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 6085 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 13:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78652
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Dec 2024 13:10:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8C25 0
0 74ms
74ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=4053400509795091&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E8EF 0
0 77ms
76ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnCy11sAnygD950D2oUDn4DiXJYntFFtXmr_VecG54LGvf8t_430SvBLtozFwRUTGMdXXukIVB1wBdEYNFZg3YQkEN3DPx3IEsnvUcX9LZdtyozA7zM2jjoWznXvyBxQ0hQWRxEyB5C9AAYBleWHu0P1S8WarJREKt871uSWjdc9bkNVkBxg-qmt6ogl506yxZRJFuyo9uOMZjqVt3ujScKCas4IJPNMohoO609ko3vQVrRAY-wpzETW2Jbj9UnK_GkwISkDlapmUUiohfsOIEdyhczXthjT3jxqdReonH2S5B_dnqGDF7-OLGvwcghDPU-U1sBDWRpsB4uM_tybpl2loCmgEEYE_-lnVa2l4P0NFVzPzZCnHML_0HHeDa7w7xUErSg3zb7AdbgYmELEaP&sai=AMfl-YSX1gfet6FuYR3PBWoUORqCyCr9eNl1lO3KzPnuDJc87raqSpAzSP4trUrsAOz7aTAo8aD5HVAj9ElauaU&sig=Cg0ArKJSzMkMvhEAY2VWEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 22 Dec 2023 11:01:33 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E8EF 16 KB
12 KB 87ms
87ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2178b3bd0c2cc7cfcd4b46abe1f019da9afc22b4b2de0ddd0f104de9b4e420e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12313
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3138 17 KB
6 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 11:01:33 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F791 17 KB
6 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 11:01:33 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame AA4C 3 KB
3 KB 76ms
75ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=15573&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=50&e=&g=19cccbff6ba55a50bb543fea0fdda0f7%2F15810034432410532909&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893147&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gxkax8vs8wwrz466bvm1cenqphnepcc09pphpvx93akwkbny9ajgbpacyx1qr2cted4766g5k56dsap8zyx2yrsy4nzdaf533mab14h3d43wjp6w854eyg551dm1egv7yep92jbb53aqveymhbkzcsp3agwdekx5dapn8cve6zcecpsmdcsqypk6dk615d2yam9jmcer08a7pbsxd2n0mcgbszevsss0prxa11025g7m19ba366beh580fwk66stagr746bfrfg4fd7z5dtjwv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCagb0jGyFZdm8DMSn9u8P9v6bsAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0BxRWrgw_MqYX9BGT2-o6yEZpeftb8751Zup5jUCqeLvwxusBrZlEk5LxdcX8Qr2LSN1mxVY4EBr9LWE7kCeGvMrvSqygzW3W8JU0wKWNTPbUNv_OpF7jo6gzDfi647ZTN2Y9wFbuxBn-0iprfEJ4JWgD3gFplj9QPQEmGvzvNh7C0bK7z2QlCPEqxLrcXnmncekBeWVmxfO6c4oD9eP_TagmTSTO2bU3U1C-TgiCoRuk8owVKPWg3EsAoKuox1j-asZ0i8L16n7DTsNyD6ABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYnIy5nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1OM4sUSYYTQ2D54aP0AKfuApn0Pg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d6654a62f272de17f6ecfcc755101b008d42ed334f70b653d5afd51495636f8

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hyrtxbjtezax0agkm65gpxaydgp7z5bm5r0dbsbvzw7jpkk71hre35yerz6tghgw275m26qzk3a2a4vf0gb9nsq46hs364dzd27bsj6965esr3w1jt04h08ab4hwmdgyyg2924rgz0yhhg5s6nz7xymvwvmptbrh7av1k69gc9fd5w1wys6cvzsk115x10smj3knp0sry42wzp24q9crr4kmc8k2ctqq1tjsspg720523zhscer2cqjtjqcytx65eenksgsryhj1w94xz0s9cy9vma0sbehar5a8exv7cb73mq9fpkfk1jvg63htwpdybrj31hhz4b1r08w7arzgwgpdjv1ptym7ntmsb4erxpp0p69ywavxz7arcds8txeakd3jb0snwnqpkcrwfhpg1xsap1c5rbzdqzgerx7j56kfj7wf60sycjkczj7b1m09m13nk5s&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCagb0jGyFZdm8DMSn9u8P9v6bsAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0BxRWrgw_MqYX9BGT2-o6yEZpeftb8751Zup5jUCqeLvwxusBrZlEk5LxdcX8Qr2LSN1mxVY4EBr9LWE7kCeGvMrvSqygzW3W8JU0wKWNTPbUNv_OpF7jo6gzDfi647ZTN2Y9wFbuxBn-0iprfEJ4JWgD3gFplj9QPQEmGvzvNh7C0bK7z2QlCPEqxLrcXnmncekBeWVmxfO6c4oD9eP_TagmTSTO2bU3U1C-TgiCoRuk8owVKPWg3EsAoKuox1j-asZ0i8L16n7DTsNyD6ABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYnIy5nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1OM4sUSYYTQ2D54aP0AKfuApn0Pg%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8397de136e0b696a-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 11:01:33 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 93BA 3 KB
3 KB 69ms
69ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=15573&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=50&e=&g=3ebec5b4d9a3d8de1a44d57c95ae6be1%2F8852330303997521108&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893270&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfrmkfj9ke73stsawqsjg0j29qh1tk4gjybgpvvjcqvt04eczkvtenyj0kwd0jmxzb42j9caqyf55ed104xh4je3baq7b30dmv1qmqt57yjzbh0cc18aaac0vhwrm4zzzvm91pdmxfj7ayjhc79hh2fn5wsvgak8cvszr8qbx33hz337q24zwewx77j8tv8mmagv5q510s2wdw747d6w7qp9q3xs2g8es8mya0yb6pehpsg740s8f1mzfcm8beenmc9t8zfz4k4sbn084b9eekm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz158jGyFZZ20C4S99u8PtKOYoAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0IQNZADTwm0SdaKP45aHfDXOps8PlSRTHBi0TnKiX8uZOupqyLMABMgddSc0wwnkI-qNoXEEGHh2PgIj2hCiRS93av71pId0pyTE6ux5dk6R0f7siuMMJUyuDtkXSWYAEAGRUn45tBcUXppWEwUve4_dKzX9h9ajg4K2kHVlFP-p2xK_fTqxEFXBsxUdUoUoJbhj8Fzg128SM77iu6vaGxXqEUpr6RUozeBUD-UBeNrjVWeGgrqpuroWKuVlCsOsLfUeB1dvyKaIn_e2NumABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYzZC4nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2id-X13hiHACaKYAL5s4ftSpou9w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fea91d88ec3a7a0e721f2a283f71aa532ab947d817a4e82f933b2e269e074739

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jpn3p0px50wjyek0mgx94504erwhbn8jxppejjryqf7wzq53evtp6ajbe3exkh3wg20dt0pve17prnx2ttt8yvc13h42wmj2cwc1stms6k1ybnq08wg3gyes1bhqksdxc25gw5pmxda92zms50abkjh8ng1dgm54vygpkvqh0prv9h2yn4sw8gvfm79z22dkzt1nnazjt7tw9pt57w39msbvkarmwyxg89tdzehx22am05h2ks27h9xp5wjj6h9e3mdhz9wyg5wqjvzkxq06ewyz5vebhawcn6r9ax0epf2a0kx4a7kjq1j841xn2zh9mcsy1dvc3fpmqh2ve6rtqjn1zqmb19f6ss3szmcs6j8pknkaykv96xse3tqt6df898a7dksnq686cfhehpea8nh1ywgpy1ep1xyr8y9r1ag13h34f24cfax4x7fjdbz2fkfps60&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz158jGyFZZ20C4S99u8PtKOYoAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0IQNZADTwm0SdaKP45aHfDXOps8PlSRTHBi0TnKiX8uZOupqyLMABMgddSc0wwnkI-qNoXEEGHh2PgIj2hCiRS93av71pId0pyTE6ux5dk6R0f7siuMMJUyuDtkXSWYAEAGRUn45tBcUXppWEwUve4_dKzX9h9ajg4K2kHVlFP-p2xK_fTqxEFXBsxUdUoUoJbhj8Fzg128SM77iu6vaGxXqEUpr6RUozeBUD-UBeNrjVWeGgrqpuroWKuVlCsOsLfUeB1dvyKaIn_e2NumABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYzZC4nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2id-X13hiHACaKYAL5s4ftSpou9w%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8397de136e13696a-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 11:01:33 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B569 0
10 B 38ms
38ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?6k4_Tg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 5793 11 KB
5 KB 67ms
65ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=117569%2C22451%2C43766&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M%2C791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x%2CEDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP&c=120&d=600&e=&g=321ec706a9e9084c47b143badf7f4031%2F15314562129382337961&i=29981%2C25174%2C24891&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893293&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm22q4b9444aejr3r6k9w1n2dvzxe0b3qnmwenxnk96q6kyadxr1vaapm438v4556zjm9437abmem008nc834ewqnqjcsmb070bh8ev7ap1e6q5s2vrhf4nyvbjtd0vj0etyx2a0p7qgysx4n6aeaj1jmnkjh44nwgdc2e9f9pjwnzjh7se4y15wc8bybw22npf60v0bewxjv540b98drpvzvj5hxwe4y0cc6mtnx58km4p4c1d9a8shsks4gxsht2gca8g08qbf5rh0r5sqwwb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e9a71de8640d1d2451c9db5982ca3d2ba217f13d0315baa04411287db42dae7

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1g75fdxqbvphc982ghfse6v3n1rfe4yj6dqy8se0nwj72v4vy32jajr89v10858n13a4qvfywdfv72p1a2qccnec3nqsm6js0vg576q17zn0tp8sq5mmnz1wh0c2z1gtwvdkvbegvz3s7qb5mjbxbrhjt3yjzdd6eknsg4w7szrf9mfh9gahbsjfzq8t4erabzt1cnym2kthhf93ax0cwp7a1yzmajtz2g8tqx8hx345vmkp7bzqckg0wf19tawmckb6d1ac6fp8ah18myfmsa618m02q31q3fqvascarrqjk8zvqk9120mg6axhjr482741bbkfwwkfaeksd3tkm8vyc9kwgjmm5veaanesdtqgwmp0er2z8tbkzxg38cbmph37zqetxr7gsdx27ntg383ptgqb7zntaxq1113nqvmkrkjdw7qkb3vbwbtk1wbr8cs2gth7v8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8397de139e3b696a-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 11:01:33 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 6EB7 11 KB
4 KB 78ms
77ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=19769%2C197862%2C537178&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=0b6692431a0ccc8a3d007ad5020f0715%2F12881294171857800507&i=21630%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893182&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpcdsd441js1y7svjvzf0ya59emx4d97d82wfg1fncwqyhjya4dj4kkcerpemycstmvk4s65w0jjx2qaradsny5jvxvnmwh1r5hk83dcnj6crz87z98z2vzx66btzy1xx1mvh4hk5j3e31errx6bnsa53345qc4jsymbpb1xpfyqdvfyhbp898fkppxmtb9ckky5k1xc62gbfhakxaf3pxys19x0g567sqk5yfswpywhmbgrx59dea6vggcyahsvbjvw98rn781zzscfrft5907%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

539dcbf05829f814ac43ca279d55baaf1821174a080a32fa6e08d488a3f88358

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1kyed8k67exvqz66enq0ateb4ngactzsqtxkjj0p7y5zy0t4642bge25e75636knbksdhkngzm219hdj48h40k8k58k4agbpe9xn87j454k5avds7tpwnacg4ypnfn1cywq3eshtwjtdhhgzg45byvpfj3gp5zk1nvytzkft17m7hagcrakpxggdc8dvs7nfrrgmmr2915hk3k8kdda0z7q8v321s3vjh6vh6sdqqyn6vnrd2ph9a7yee285dcpw8p7mx06bz99wrpn5wqdp2vspdpqttw7kqyqzf3amsnrstt1623nps3npmbvgmqas0z9zqzcc2m32cyqgcg01z9va7ez7h9nktth4vcf65g3fvsexch7cwb00jxq8sg4w02d8eh8204esyfd2t41pd7agkb8bc6t6x892ztmvz5ednsf4tt7xjv7xsrzd4ywhjbtrz0mz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8397de139e3d696a-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 11:01:33 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6085 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?TKgIhA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame B555 6 KB
3 KB 68ms
67ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=183975&b=Z28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=50&e=&g=121c3689836262a14e893a5705835435%2F5587413522742643148&i=20597&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893301&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jzexnyx97018mp6hcfpggvcjhebj7r1t7h62fs0ts94mmtj548jk27brb9qkhwvj1qgnvyrnj3qw1p0edgar0ja435z66qjn8brm6z7m6bawm3qpxhfbf5hw5wk6tv9a0m10ctj525nj077ngg7j4frfqynq8aqtgtxh0hfk0zc9txcj0cj0cwz5dpz2rd32101vmeq2g0tkvtwvpq3tcytncjdst5xm808pet4vysz1whhxn5azs5reabkqjtjj148ysyktghz75qs3348zd3e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-lwejGyFZfPvGuKe7_UPzNCDiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0Pa18-Gn5sKix6c_kPnCh-TZdD5h9YMlIv5mPqA18d5yzX2osEflVvrzg5R4kxNTo1uBZD-zKluzx0EoT0jdYq2sMPUo1du29zzeYA7iRoGCXjEY8MxKL-ol_qiNHx4Y644lbmZ41gLF_KsN1XgI30u9ShSUm0ipLW35u7XnVIUE0xIlbz6HE81P4JLfXv8YXS7-38as4WRKGdPEQWh1ifHP2Ubx2dJHT--sJcPN5ctYhMZLvRLP-1W81RPdB7oYkIT7fRhC38RbP4A-tNwTgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN3Ax5zyooMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_16pC8lVHUJk3gPGqrBYOqDnfSAbg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c654b4d50ad1ad7a804399b703554bcbd7f5882c126a21f0798de1a9e99df18c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jz04agx21t9ams746q5g4pjncjm7kvrmvgcs99w3fd1kgb7n2kd4e04m3t7gprnhsd43102ahp1r8p476wj8vas1n0v61s30s4k66pxdzf8vf32dwq9tt3v1wmfnhdq3v7reetcs5vwsyy0c3kjr1wafxyvrdfx42hkvn089znjp5411t35m1zj4v4dmdh2cng9cnbgmnde6xdn2pw5cx118fgf06crq3a1n4arsxzm95kkv0yx2cmw18t8f613y5r8f7rb95ks81q2aw2g32qn4p4tre55wbcknzs0mcvb2tn280yqrtz18cns51qmmc3waad2ny11dgcvh0be7n7d79nhedy7awk8fgzv7rya0gmxdzd0gnespc4zey2rhpbws5d43jq2fxv2yd6cw5b701ckwe76f20n981gazd5j5cky5xf9rkv71va9e6364700vj3&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-lwejGyFZfPvGuKe7_UPzNCDiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0Pa18-Gn5sKix6c_kPnCh-TZdD5h9YMlIv5mPqA18d5yzX2osEflVvrzg5R4kxNTo1uBZD-zKluzx0EoT0jdYq2sMPUo1du29zzeYA7iRoGCXjEY8MxKL-ol_qiNHx4Y644lbmZ41gLF_KsN1XgI30u9ShSUm0ipLW35u7XnVIUE0xIlbz6HE81P4JLfXv8YXS7-38as4WRKGdPEQWh1ifHP2Ubx2dJHT--sJcPN5ctYhMZLvRLP-1W81RPdB7oYkIT7fRhC38RbP4A-tNwTgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN3Ax5zyooMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_16pC8lVHUJk3gPGqrBYOqDnfSAbg%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8397de139e43696a-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 11:01:33 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 257C 13 KB
5 KB 40ms
40ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 10:19:47 GMT
expires: Sat, 21 Dec 2024 10:19:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7C6B 829 B
560 B 49ms
49ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

90f10ca4b4b71f7d97bb2bdf4f6566f5bdf2b5b339da48738b1d2fa4391a7df2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oxjwQ0AHQ-6NwJyd9GmQYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-oxjwQ0AHQ-6NwJyd9GmQYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 11:01:33 GMT
expires: Fri, 22 Dec 2023 11:01:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3F78 13 KB
5 KB 42ms
41ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 10:19:47 GMT
expires: Sat, 21 Dec 2024 10:19:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B968 829 B
561 B 51ms
50ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2d9c3d077667e6e6e6db0d58ac74ee13502b643d66a63dcf213a9991e7b5d1b1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-w8mAq_JT3uWTUKLF58fLDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-w8mAq_JT3uWTUKLF58fLDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 11:01:33 GMT
expires: Fri, 22 Dec 2023 11:01:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E8EF 17 KB
6 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 11:01:33 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 93BA 115 KB
14 KB 56ms
54ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=50&e=&g=3ebec5b4d9a3d8de1a44d57c95ae6be1%2F8852330303997521108&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893270&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfrmkfj9ke73stsawqsjg0j29qh1tk4gjybgpvvjcqvt04eczkvtenyj0kwd0jmxzb42j9caqyf55ed104xh4je3baq7b30dmv1qmqt57yjzbh0cc18aaac0vhwrm4zzzvm91pdmxfj7ayjhc79hh2fn5wsvgak8cvszr8qbx33hz337q24zwewx77j8tv8mmagv5q510s2wdw747d6w7qp9q3xs2g8es8mya0yb6pehpsg740s8f1mzfcm8beenmc9t8zfz4k4sbn084b9eekm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz158jGyFZZ20C4S99u8PtKOYoAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0IQNZADTwm0SdaKP45aHfDXOps8PlSRTHBi0TnKiX8uZOupqyLMABMgddSc0wwnkI-qNoXEEGHh2PgIj2hCiRS93av71pId0pyTE6ux5dk6R0f7siuMMJUyuDtkXSWYAEAGRUn45tBcUXppWEwUve4_dKzX9h9ajg4K2kHVlFP-p2xK_fTqxEFXBsxUdUoUoJbhj8Fzg128SM77iu6vaGxXqEUpr6RUozeBUD-UBeNrjVWeGgrqpuroWKuVlCsOsLfUeB1dvyKaIn_e2NumABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYzZC4nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2id-X13hiHACaKYAL5s4ftSpou9w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=15573&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=50&e=&g=3ebec5b4d9a3d8de1a44d57c95ae6be1%2F8852330303997521108&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893270&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfrmkfj9ke73stsawqsjg0j29qh1tk4gjybgpvvjcqvt04eczkvtenyj0kwd0jmxzb42j9caqyf55ed104xh4je3baq7b30dmv1qmqt57yjzbh0cc18aaac0vhwrm4zzzvm91pdmxfj7ayjhc79hh2fn5wsvgak8cvszr8qbx33hz337q24zwewx77j8tv8mmagv5q510s2wdw747d6w7qp9q3xs2g8es8mya0yb6pehpsg740s8f1mzfcm8beenmc9t8zfz4k4sbn084b9eekm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz158jGyFZZ20C4S99u8PtKOYoAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0IQNZADTwm0SdaKP45aHfDXOps8PlSRTHBi0TnKiX8uZOupqyLMABMgddSc0wwnkI-qNoXEEGHh2PgIj2hCiRS93av71pId0pyTE6ux5dk6R0f7siuMMJUyuDtkXSWYAEAGRUn45tBcUXppWEwUve4_dKzX9h9ajg4K2kHVlFP-p2xK_fTqxEFXBsxUdUoUoJbhj8Fzg128SM77iu6vaGxXqEUpr6RUozeBUD-UBeNrjVWeGgrqpuroWKuVlCsOsLfUeB1dvyKaIn_e2NumABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYzZC4nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2id-X13hiHACaKYAL5s4ftSpou9w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 810712
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWWLyVOj3%2FTNRDku4Y31nyP%2BHHGSe25ahVE%2Fw92KbS40qRYJlXspmZIxi4nXStJJIen%2BytS8nNCzh1METysUCd50kAMS2PUFtk0cM0I8JnxXPXzG1IBjXcrce8G14PgbZi%2BKSDVQ5I4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8397de13ee92696a-FRA
expires: Sat, 23 Dec 2023 11:01:33 GMT

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 93BA 9 KB
9 KB 59ms
50ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=50&e=&g=3ebec5b4d9a3d8de1a44d57c95ae6be1%2F8852330303997521108&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893270&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfrmkfj9ke73stsawqsjg0j29qh1tk4gjybgpvvjcqvt04eczkvtenyj0kwd0jmxzb42j9caqyf55ed104xh4je3baq7b30dmv1qmqt57yjzbh0cc18aaac0vhwrm4zzzvm91pdmxfj7ayjhc79hh2fn5wsvgak8cvszr8qbx33hz337q24zwewx77j8tv8mmagv5q510s2wdw747d6w7qp9q3xs2g8es8mya0yb6pehpsg740s8f1mzfcm8beenmc9t8zfz4k4sbn084b9eekm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz158jGyFZZ20C4S99u8PtKOYoAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0IQNZADTwm0SdaKP45aHfDXOps8PlSRTHBi0TnKiX8uZOupqyLMABMgddSc0wwnkI-qNoXEEGHh2PgIj2hCiRS93av71pId0pyTE6ux5dk6R0f7siuMMJUyuDtkXSWYAEAGRUn45tBcUXppWEwUve4_dKzX9h9ajg4K2kHVlFP-p2xK_fTqxEFXBsxUdUoUoJbhj8Fzg128SM77iu6vaGxXqEUpr6RUozeBUD-UBeNrjVWeGgrqpuroWKuVlCsOsLfUeB1dvyKaIn_e2NumABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYzZC4nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2id-X13hiHACaKYAL5s4ftSpou9w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2007970
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 8772
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:13:38 GMT
server: cloudflare
etag: "15b1f39d668aa86c2ba2ba17d94cc733"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBwEf8n7kIT6sJMdKr9gQ2MpOxNrdH69eUPsSNFNVkXpVvm10e4hDTOZ9JdVaRxET%2BvpMCWgH4%2FlbGdM79pVl8aW0AlXUzg2YibniEdbCtvIObLjZfrz%2FVhTlcoxKSomRdzKkJ0WaDWpWyFb"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8397de13fe909131-FRA

GET
H2 200 7959CC8A5841863E2029D11337BD9743816B11539BB7B5FE82C05DA418BFFEA9B2B39CC1367019AB169ACFDD5A75E84454CFD285683B9548532D984CEBD8DAF8
assets.ad4m.at/product_image/ Frame 93BA 21 KB
21 KB 62ms
53ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/7959CC8A5841863E2029D11337BD9743816B11539BB7B5FE82C05DA418BFFEA9B2B39CC1367019AB169ACFDD5A75E84454CFD285683B9548532D984CEBD8DAF8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=50&e=&g=3ebec5b4d9a3d8de1a44d57c95ae6be1%2F8852330303997521108&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893270&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfrmkfj9ke73stsawqsjg0j29qh1tk4gjybgpvvjcqvt04eczkvtenyj0kwd0jmxzb42j9caqyf55ed104xh4je3baq7b30dmv1qmqt57yjzbh0cc18aaac0vhwrm4zzzvm91pdmxfj7ayjhc79hh2fn5wsvgak8cvszr8qbx33hz337q24zwewx77j8tv8mmagv5q510s2wdw747d6w7qp9q3xs2g8es8mya0yb6pehpsg740s8f1mzfcm8beenmc9t8zfz4k4sbn084b9eekm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz158jGyFZZ20C4S99u8PtKOYoAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0IQNZADTwm0SdaKP45aHfDXOps8PlSRTHBi0TnKiX8uZOupqyLMABMgddSc0wwnkI-qNoXEEGHh2PgIj2hCiRS93av71pId0pyTE6ux5dk6R0f7siuMMJUyuDtkXSWYAEAGRUn45tBcUXppWEwUve4_dKzX9h9ajg4K2kHVlFP-p2xK_fTqxEFXBsxUdUoUoJbhj8Fzg128SM77iu6vaGxXqEUpr6RUozeBUD-UBeNrjVWeGgrqpuroWKuVlCsOsLfUeB1dvyKaIn_e2NumABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYzZC4nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2id-X13hiHACaKYAL5s4ftSpou9w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 086201b1717dc01de92caf616dba26dac813fabb51aa117fb6c42502b4b1e08c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2098584
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 21332
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:10:58 GMT
server: cloudflare
etag: "50190e2f2596fbaf0b3827698ee24008"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7D%2FNFGqae%2BQUjP1Liu9HiB6bDcyutKiglBYoprE3%2B8Yr7J1qiDtGoR%2Fc8I3PvkF5qFxTHjlmVH6ZN68FDEd3uLqElk706P9uJgQPyQnTv1DeAuZ87XGqOfxc3GNNIw%2FleyeS%2F%2BefMI8Eae7F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8397de13fe8d9131-FRA

GET
H2 200 2aed39855b5f46b72660fe7fe4b2634f
pv.medialead.de/trck/epv/ Frame 93BA 0
326 B 165ms
51ms Image
application/javascript 91.121.248.44

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/epv/2aed39855b5f46b72660fe7fe4b2634f?t=htlp&subid=oneidG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=50&e=&g=3ebec5b4d9a3d8de1a44d57c95ae6be1%2F8852330303997521108&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893270&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfrmkfj9ke73stsawqsjg0j29qh1tk4gjybgpvvjcqvt04eczkvtenyj0kwd0jmxzb42j9caqyf55ed104xh4je3baq7b30dmv1qmqt57yjzbh0cc18aaac0vhwrm4zzzvm91pdmxfj7ayjhc79hh2fn5wsvgak8cvszr8qbx33hz337q24zwewx77j8tv8mmagv5q510s2wdw747d6w7qp9q3xs2g8es8mya0yb6pehpsg740s8f1mzfcm8beenmc9t8zfz4k4sbn084b9eekm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz158jGyFZZ20C4S99u8PtKOYoAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0IQNZADTwm0SdaKP45aHfDXOps8PlSRTHBi0TnKiX8uZOupqyLMABMgddSc0wwnkI-qNoXEEGHh2PgIj2hCiRS93av71pId0pyTE6ux5dk6R0f7siuMMJUyuDtkXSWYAEAGRUn45tBcUXppWEwUve4_dKzX9h9ajg4K2kHVlFP-p2xK_fTqxEFXBsxUdUoUoJbhj8Fzg128SM77iu6vaGxXqEUpr6RUozeBUD-UBeNrjVWeGgrqpuroWKuVlCsOsLfUeB1dvyKaIn_e2NumABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYzZC4nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2id-X13hiHACaKYAL5s4ftSpou9w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
attribution-reporting-register-source: {"source_event_id":"17200573720104378","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame AA4C 115 KB
14 KB 75ms
75ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=50&e=&g=19cccbff6ba55a50bb543fea0fdda0f7%2F15810034432410532909&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893147&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gxkax8vs8wwrz466bvm1cenqphnepcc09pphpvx93akwkbny9ajgbpacyx1qr2cted4766g5k56dsap8zyx2yrsy4nzdaf533mab14h3d43wjp6w854eyg551dm1egv7yep92jbb53aqveymhbkzcsp3agwdekx5dapn8cve6zcecpsmdcsqypk6dk615d2yam9jmcer08a7pbsxd2n0mcgbszevsss0prxa11025g7m19ba366beh580fwk66stagr746bfrfg4fd7z5dtjwv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCagb0jGyFZdm8DMSn9u8P9v6bsAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0BxRWrgw_MqYX9BGT2-o6yEZpeftb8751Zup5jUCqeLvwxusBrZlEk5LxdcX8Qr2LSN1mxVY4EBr9LWE7kCeGvMrvSqygzW3W8JU0wKWNTPbUNv_OpF7jo6gzDfi647ZTN2Y9wFbuxBn-0iprfEJ4JWgD3gFplj9QPQEmGvzvNh7C0bK7z2QlCPEqxLrcXnmncekBeWVmxfO6c4oD9eP_TagmTSTO2bU3U1C-TgiCoRuk8owVKPWg3EsAoKuox1j-asZ0i8L16n7DTsNyD6ABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYnIy5nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1OM4sUSYYTQ2D54aP0AKfuApn0Pg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=15573&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=50&e=&g=19cccbff6ba55a50bb543fea0fdda0f7%2F15810034432410532909&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893147&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gxkax8vs8wwrz466bvm1cenqphnepcc09pphpvx93akwkbny9ajgbpacyx1qr2cted4766g5k56dsap8zyx2yrsy4nzdaf533mab14h3d43wjp6w854eyg551dm1egv7yep92jbb53aqveymhbkzcsp3agwdekx5dapn8cve6zcecpsmdcsqypk6dk615d2yam9jmcer08a7pbsxd2n0mcgbszevsss0prxa11025g7m19ba366beh580fwk66stagr746bfrfg4fd7z5dtjwv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCagb0jGyFZdm8DMSn9u8P9v6bsAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0BxRWrgw_MqYX9BGT2-o6yEZpeftb8751Zup5jUCqeLvwxusBrZlEk5LxdcX8Qr2LSN1mxVY4EBr9LWE7kCeGvMrvSqygzW3W8JU0wKWNTPbUNv_OpF7jo6gzDfi647ZTN2Y9wFbuxBn-0iprfEJ4JWgD3gFplj9QPQEmGvzvNh7C0bK7z2QlCPEqxLrcXnmncekBeWVmxfO6c4oD9eP_TagmTSTO2bU3U1C-TgiCoRuk8owVKPWg3EsAoKuox1j-asZ0i8L16n7DTsNyD6ABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYnIy5nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1OM4sUSYYTQ2D54aP0AKfuApn0Pg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 810712
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E9qHZVw62pdv1nlebb6RLX6AwiOptvHnfiXvSuSSURPumlu26qiNhisw%2BgsO6LgshYmg%2BOhFuurACpkq%2BqRDuzQQZ4KrR7%2FiWT6QYW0l6rVf1u9a5EO9T1JkGlhEm%2BGf4pvuCzwgv00%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8397de13ee96696a-FRA
expires: Sat, 23 Dec 2023 11:01:33 GMT

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame AA4C 9 KB
9 KB 59ms
51ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=50&e=&g=19cccbff6ba55a50bb543fea0fdda0f7%2F15810034432410532909&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893147&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gxkax8vs8wwrz466bvm1cenqphnepcc09pphpvx93akwkbny9ajgbpacyx1qr2cted4766g5k56dsap8zyx2yrsy4nzdaf533mab14h3d43wjp6w854eyg551dm1egv7yep92jbb53aqveymhbkzcsp3agwdekx5dapn8cve6zcecpsmdcsqypk6dk615d2yam9jmcer08a7pbsxd2n0mcgbszevsss0prxa11025g7m19ba366beh580fwk66stagr746bfrfg4fd7z5dtjwv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCagb0jGyFZdm8DMSn9u8P9v6bsAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0BxRWrgw_MqYX9BGT2-o6yEZpeftb8751Zup5jUCqeLvwxusBrZlEk5LxdcX8Qr2LSN1mxVY4EBr9LWE7kCeGvMrvSqygzW3W8JU0wKWNTPbUNv_OpF7jo6gzDfi647ZTN2Y9wFbuxBn-0iprfEJ4JWgD3gFplj9QPQEmGvzvNh7C0bK7z2QlCPEqxLrcXnmncekBeWVmxfO6c4oD9eP_TagmTSTO2bU3U1C-TgiCoRuk8owVKPWg3EsAoKuox1j-asZ0i8L16n7DTsNyD6ABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYnIy5nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1OM4sUSYYTQ2D54aP0AKfuApn0Pg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2007970
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 8772
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:13:38 GMT
server: cloudflare
etag: "15b1f39d668aa86c2ba2ba17d94cc733"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ht4Pm1mkdbukI7G9v4MosUGMr0y6pqv5j3imflVduMX7%2FHli1WN9lhhu3bJjek6HtKUtqSIJ05OM741PJxWYOm1Tw45cwEKviB2sUdHRBUkDAOu0lefQ72Psy7PRqhXw5Ma7w%2BNYNXi8OnFk"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8397de13fe8e9131-FRA

GET
H2 200 7959CC8A5841863E2029D11337BD9743816B11539BB7B5FE82C05DA418BFFEA9B2B39CC1367019AB169ACFDD5A75E84454CFD285683B9548532D984CEBD8DAF8
assets.ad4m.at/product_image/ Frame AA4C 21 KB
21 KB 62ms
55ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/7959CC8A5841863E2029D11337BD9743816B11539BB7B5FE82C05DA418BFFEA9B2B39CC1367019AB169ACFDD5A75E84454CFD285683B9548532D984CEBD8DAF8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=50&e=&g=19cccbff6ba55a50bb543fea0fdda0f7%2F15810034432410532909&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893147&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gxkax8vs8wwrz466bvm1cenqphnepcc09pphpvx93akwkbny9ajgbpacyx1qr2cted4766g5k56dsap8zyx2yrsy4nzdaf533mab14h3d43wjp6w854eyg551dm1egv7yep92jbb53aqveymhbkzcsp3agwdekx5dapn8cve6zcecpsmdcsqypk6dk615d2yam9jmcer08a7pbsxd2n0mcgbszevsss0prxa11025g7m19ba366beh580fwk66stagr746bfrfg4fd7z5dtjwv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCagb0jGyFZdm8DMSn9u8P9v6bsAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0BxRWrgw_MqYX9BGT2-o6yEZpeftb8751Zup5jUCqeLvwxusBrZlEk5LxdcX8Qr2LSN1mxVY4EBr9LWE7kCeGvMrvSqygzW3W8JU0wKWNTPbUNv_OpF7jo6gzDfi647ZTN2Y9wFbuxBn-0iprfEJ4JWgD3gFplj9QPQEmGvzvNh7C0bK7z2QlCPEqxLrcXnmncekBeWVmxfO6c4oD9eP_TagmTSTO2bU3U1C-TgiCoRuk8owVKPWg3EsAoKuox1j-asZ0i8L16n7DTsNyD6ABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYnIy5nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1OM4sUSYYTQ2D54aP0AKfuApn0Pg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 086201b1717dc01de92caf616dba26dac813fabb51aa117fb6c42502b4b1e08c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2098584
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 21332
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:10:58 GMT
server: cloudflare
etag: "50190e2f2596fbaf0b3827698ee24008"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDxvL2RofIno8efbz%2BLp1S4CIW3aQj5bQE6OtNTU8EWnBDZuhwv6m3YcMXt7AEoiQb3dTCKvB5vugDizJYmwnem7vPawyaciCB2C8ngKX4ojkCAfXg%2BdH6lkHKAwpqIVnbmBUcfj2KDd62zA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8397de13fe919131-FRA

GET
H2 200 2aed39855b5f46b72660fe7fe4b2634f
pv.medialead.de/trck/epv/ Frame AA4C 0
327 B 163ms
50ms Image
application/javascript 91.121.248.44

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/epv/2aed39855b5f46b72660fe7fe4b2634f?t=htlp&subid=oneidG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=50&e=&g=19cccbff6ba55a50bb543fea0fdda0f7%2F15810034432410532909&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893147&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gxkax8vs8wwrz466bvm1cenqphnepcc09pphpvx93akwkbny9ajgbpacyx1qr2cted4766g5k56dsap8zyx2yrsy4nzdaf533mab14h3d43wjp6w854eyg551dm1egv7yep92jbb53aqveymhbkzcsp3agwdekx5dapn8cve6zcecpsmdcsqypk6dk615d2yam9jmcer08a7pbsxd2n0mcgbszevsss0prxa11025g7m19ba366beh580fwk66stagr746bfrfg4fd7z5dtjwv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCagb0jGyFZdm8DMSn9u8P9v6bsAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0BxRWrgw_MqYX9BGT2-o6yEZpeftb8751Zup5jUCqeLvwxusBrZlEk5LxdcX8Qr2LSN1mxVY4EBr9LWE7kCeGvMrvSqygzW3W8JU0wKWNTPbUNv_OpF7jo6gzDfi647ZTN2Y9wFbuxBn-0iprfEJ4JWgD3gFplj9QPQEmGvzvNh7C0bK7z2QlCPEqxLrcXnmncekBeWVmxfO6c4oD9eP_TagmTSTO2bU3U1C-TgiCoRuk8owVKPWg3EsAoKuox1j-asZ0i8L16n7DTsNyD6ABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYnIy5nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1OM4sUSYYTQ2D54aP0AKfuApn0Pg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
attribution-reporting-register-source: {"source_event_id":"17200573720104378","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 5793 115 KB
14 KB 58ms
56ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C22451%2C43766&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M%2C791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x%2CEDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP&c=120&d=600&e=&g=321ec706a9e9084c47b143badf7f4031%2F15314562129382337961&i=29981%2C25174%2C24891&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893293&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm22q4b9444aejr3r6k9w1n2dvzxe0b3qnmwenxnk96q6kyadxr1vaapm438v4556zjm9437abmem008nc834ewqnqjcsmb070bh8ev7ap1e6q5s2vrhf4nyvbjtd0vj0etyx2a0p7qgysx4n6aeaj1jmnkjh44nwgdc2e9f9pjwnzjh7se4y15wc8bybw22npf60v0bewxjv540b98drpvzvj5hxwe4y0cc6mtnx58km4p4c1d9a8shsks4gxsht2gca8g08qbf5rh0r5sqwwb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=117569%2C22451%2C43766&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M%2C791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x%2CEDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP&c=120&d=600&e=&g=321ec706a9e9084c47b143badf7f4031%2F15314562129382337961&i=29981%2C25174%2C24891&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893293&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm22q4b9444aejr3r6k9w1n2dvzxe0b3qnmwenxnk96q6kyadxr1vaapm438v4556zjm9437abmem008nc834ewqnqjcsmb070bh8ev7ap1e6q5s2vrhf4nyvbjtd0vj0etyx2a0p7qgysx4n6aeaj1jmnkjh44nwgdc2e9f9pjwnzjh7se4y15wc8bybw22npf60v0bewxjv540b98drpvzvj5hxwe4y0cc6mtnx58km4p4c1d9a8shsks4gxsht2gca8g08qbf5rh0r5sqwwb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 810712
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BLGMaTxkhVoJhJu3jHB%2FtL689cwbadS6GnOAGjLjVwha5fucLNTMSaIl8hMe93Jf3%2BsN%2FcEZGzPSZTqvgN8MJWI%2BKUqUS4w5s%2FrfMUpXQIyrErtPj7Wt3%2BCYa1hyAMnw1ZqfdbDprX4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8397de140eae696a-FRA
expires: Sat, 23 Dec 2023 11:01:33 GMT

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 5793 2 KB
2 KB 56ms
52ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C22451%2C43766&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M%2C791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x%2CEDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP&c=120&d=600&e=&g=321ec706a9e9084c47b143badf7f4031%2F15314562129382337961&i=29981%2C25174%2C24891&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893293&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm22q4b9444aejr3r6k9w1n2dvzxe0b3qnmwenxnk96q6kyadxr1vaapm438v4556zjm9437abmem008nc834ewqnqjcsmb070bh8ev7ap1e6q5s2vrhf4nyvbjtd0vj0etyx2a0p7qgysx4n6aeaj1jmnkjh44nwgdc2e9f9pjwnzjh7se4y15wc8bybw22npf60v0bewxjv540b98drpvzvj5hxwe4y0cc6mtnx58km4p4c1d9a8shsks4gxsht2gca8g08qbf5rh0r5sqwwb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 136190
cf-polished: origFmt=png, origSize=2170
alt-svc: h3=":443"; ma=86400
content-length: 1662
cf-bgj: imgq:85,h2pri
last-modified: Mon, 13 Nov 2023 08:38:25 GMT
server: cloudflare
etag: "4721aa7c2d5fa652c8092463f9a485bd"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0AOU%2BTPsA2WPrHHOd4oo3CWV65AJsgbTQglgPKbCuRkf86B0%2FrHCxXEpFNX%2BMLG%2FA5Wut%2Bp%2BoH9CAECb01PI2qpLeiUcs%2BOjV8f8eslUY4%2B3n0FM0fgDFqvqfXLLzde0CyR%2Bf4D5QXKTawr"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8397de140eb79131-FRA

GET
H2 200 B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame 5793 23 KB
23 KB 54ms
49ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C22451%2C43766&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M%2C791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x%2CEDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP&c=120&d=600&e=&g=321ec706a9e9084c47b143badf7f4031%2F15314562129382337961&i=29981%2C25174%2C24891&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893293&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm22q4b9444aejr3r6k9w1n2dvzxe0b3qnmwenxnk96q6kyadxr1vaapm438v4556zjm9437abmem008nc834ewqnqjcsmb070bh8ev7ap1e6q5s2vrhf4nyvbjtd0vj0etyx2a0p7qgysx4n6aeaj1jmnkjh44nwgdc2e9f9pjwnzjh7se4y15wc8bybw22npf60v0bewxjv540b98drpvzvj5hxwe4y0cc6mtnx58km4p4c1d9a8shsks4gxsht2gca8g08qbf5rh0r5sqwwb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3387435
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 23392
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:08:23 GMT
server: cloudflare
etag: "faa9f958d13ef03f911b71f117846705"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mw5R65S5olLy6BbUQWqYdJwAZcEVQ5qa41Wulvvo2k%2FFtVyEoV0a%2FntHR%2FWwx2DkXPvep%2BZaZPaB9uTETQ%2BRfWq8uLn9jQeCDOTMI61DZRY3aya5Em2qsD8TgaMAawQm280TQFCZcuXta%2BsV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8397de140ebb9131-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 5793 43 B
702 B 190ms
93ms Image
image/gif 104.102.45.165

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C22451%2C43766&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M%2C791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x%2CEDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP&c=120&d=600&e=&g=321ec706a9e9084c47b143badf7f4031%2F15314562129382337961&i=29981%2C25174%2C24891&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893293&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm22q4b9444aejr3r6k9w1n2dvzxe0b3qnmwenxnk96q6kyadxr1vaapm438v4556zjm9437abmem008nc834ewqnqjcsmb070bh8ev7ap1e6q5s2vrhf4nyvbjtd0vj0etyx2a0p7qgysx4n6aeaj1jmnkjh44nwgdc2e9f9pjwnzjh7se4y15wc8bybw22npf60v0bewxjv540b98drpvzvj5hxwe4y0cc6mtnx58km4p4c1d9a8shsks4gxsht2gca8g08qbf5rh0r5sqwwb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 -, , ASN (),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Dec 2023 11:01:33 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 F1668CEEF41AAD8A0C029F9D23FE46EC6F8068CDC15DA60F85AFC1E3BD14A8C560B4DF91D88D53A78DBCC7160246BC21A8B17CCED604428331EE91402A545B83
assets.ad4m.at/logo/ Frame 5793 9 KB
10 KB 77ms
72ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F1668CEEF41AAD8A0C029F9D23FE46EC6F8068CDC15DA60F85AFC1E3BD14A8C560B4DF91D88D53A78DBCC7160246BC21A8B17CCED604428331EE91402A545B83
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C22451%2C43766&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M%2C791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x%2CEDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP&c=120&d=600&e=&g=321ec706a9e9084c47b143badf7f4031%2F15314562129382337961&i=29981%2C25174%2C24891&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893293&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm22q4b9444aejr3r6k9w1n2dvzxe0b3qnmwenxnk96q6kyadxr1vaapm438v4556zjm9437abmem008nc834ewqnqjcsmb070bh8ev7ap1e6q5s2vrhf4nyvbjtd0vj0etyx2a0p7qgysx4n6aeaj1jmnkjh44nwgdc2e9f9pjwnzjh7se4y15wc8bybw22npf60v0bewxjv540b98drpvzvj5hxwe4y0cc6mtnx58km4p4c1d9a8shsks4gxsht2gca8g08qbf5rh0r5sqwwb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dd5bb9fda081a3cb1bd6d513edb1a71746031bec07d8c646abe5813ba9dd4c4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 137288
cf-polished: qual=85, origFmt=jpeg, origSize=13332
alt-svc: h3=":443"; ma=86400
content-length: 9604
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Nov 2023 17:02:02 GMT
server: cloudflare
etag: "23e86ef8ba51d351917574e3e8d33ca5"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ghGR0YLrZmPiO2P4DS4%2FCTErcVdtkZQNHsry1tP%2Baf4Dk0vB7KwuqsINWDCwpWLVLHBxWNNRy7YtLvKgRhf1Rv43T7V1bW7X%2B1jYdBBXfjfXd17fGiAHIMg7mSA35wpMOSlDCHXqt2k7odk"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8397de140ebc9131-FRA

GET
H2 200 FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame 5793 26 KB
27 KB 77ms
73ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C22451%2C43766&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M%2C791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x%2CEDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP&c=120&d=600&e=&g=321ec706a9e9084c47b143badf7f4031%2F15314562129382337961&i=29981%2C25174%2C24891&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893293&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm22q4b9444aejr3r6k9w1n2dvzxe0b3qnmwenxnk96q6kyadxr1vaapm438v4556zjm9437abmem008nc834ewqnqjcsmb070bh8ev7ap1e6q5s2vrhf4nyvbjtd0vj0etyx2a0p7qgysx4n6aeaj1jmnkjh44nwgdc2e9f9pjwnzjh7se4y15wc8bybw22npf60v0bewxjv540b98drpvzvj5hxwe4y0cc6mtnx58km4p4c1d9a8shsks4gxsht2gca8g08qbf5rh0r5sqwwb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db2e4e6461e2031165b8e5e9c11a58bdc3eb90876cb1bf9a660a96220ff103ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 130902
cf-polished: qual=85, origFmt=jpeg, origSize=27208
alt-svc: h3=":443"; ma=86400
content-length: 27004
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 15:25:13 GMT
server: cloudflare
etag: "b0768a8c228032955d69e4578a6f208e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m9CY0%2FZp7qWJuWpux7e8kQKZ6Y9FUDznWN%2B91F%2F0o0UMGiS9ilAOALgdCCQpzW3Ly%2FoxTnKuDqLfV%2BjFRCY1pH8zbUyz6fieA%2FczOldkNhLEKKrl9ZLGFzAHDkwR%2BzsTp%2BLuEO2IiR4Cd%2BUZ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8397de140ebe9131-FRA

GET

/
banner.congstar.de/cookie/ Frame 5793
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CJDqi53yooMDFc-T_QcddFUF7w;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1703242893_77f2d161-a0b9-11ee-a9f2-22382f104756

0
0

GET
H2 200 4CF27F3A6A2F6D91C5A3622C8F01C9A26CFA811CA6347403820EFE1173CC3C68B9FBEA4FDD4B7737FA67797C095DA1E54C193B8458F430E3BCD6ACC6B33929DA
assets.ad4m.at/logo/ Frame 5793 10 KB
10 KB 75ms
71ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/4CF27F3A6A2F6D91C5A3622C8F01C9A26CFA811CA6347403820EFE1173CC3C68B9FBEA4FDD4B7737FA67797C095DA1E54C193B8458F430E3BCD6ACC6B33929DA
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C22451%2C43766&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M%2C791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x%2CEDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP&c=120&d=600&e=&g=321ec706a9e9084c47b143badf7f4031%2F15314562129382337961&i=29981%2C25174%2C24891&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893293&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm22q4b9444aejr3r6k9w1n2dvzxe0b3qnmwenxnk96q6kyadxr1vaapm438v4556zjm9437abmem008nc834ewqnqjcsmb070bh8ev7ap1e6q5s2vrhf4nyvbjtd0vj0etyx2a0p7qgysx4n6aeaj1jmnkjh44nwgdc2e9f9pjwnzjh7se4y15wc8bybw22npf60v0bewxjv540b98drpvzvj5hxwe4y0cc6mtnx58km4p4c1d9a8shsks4gxsht2gca8g08qbf5rh0r5sqwwb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 617175475dd7762c2557066f330446636c982b371b142462cf7b4cd7c395f79a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 129869
cf-polished: qual=85, origFmt=jpeg, origSize=11698
alt-svc: h3=":443"; ma=86400
content-length: 10082
cf-bgj: imgq:85,h2pri
last-modified: Sat, 04 Nov 2023 16:39:26 GMT
server: cloudflare
etag: "bf7d8cf3c1179b8166a2b621809cce6b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XXMfmH9739msr9DVWX0et45KYsS9LEQryw0xkikcNNir61TwNu9m06x4S3CNlxnTHfYvFwAQKFlo9ZKgpBfPLGnIT6AYdK8Smw4lGsLOWPTlzUkuiiOADrM43IFmHjjk0Dd6P9xat8c2qOl%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8397de140ebf9131-FRA

GET
H2 200 D0B9541CF4E773D41DBC4ABCC9F6E672B34430F49375E17E41F087E6D1C801229BC513C607F51A81B070BEEF036EED35D1C1A6EBC0C47606BF42647C16A34FCE
assets.ad4m.at/product_image/ Frame 5793 14 KB
14 KB 57ms
55ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/D0B9541CF4E773D41DBC4ABCC9F6E672B34430F49375E17E41F087E6D1C801229BC513C607F51A81B070BEEF036EED35D1C1A6EBC0C47606BF42647C16A34FCE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C22451%2C43766&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M%2C791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x%2CEDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP&c=120&d=600&e=&g=321ec706a9e9084c47b143badf7f4031%2F15314562129382337961&i=29981%2C25174%2C24891&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893293&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm22q4b9444aejr3r6k9w1n2dvzxe0b3qnmwenxnk96q6kyadxr1vaapm438v4556zjm9437abmem008nc834ewqnqjcsmb070bh8ev7ap1e6q5s2vrhf4nyvbjtd0vj0etyx2a0p7qgysx4n6aeaj1jmnkjh44nwgdc2e9f9pjwnzjh7se4y15wc8bybw22npf60v0bewxjv540b98drpvzvj5hxwe4y0cc6mtnx58km4p4c1d9a8shsks4gxsht2gca8g08qbf5rh0r5sqwwb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a9e1eedba53e281f772796dd83eb2280b1a1c1c1c9ebd114d5bb7499fde7bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3468409
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 14254
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 09:11:52 GMT
server: cloudflare
etag: "5354ec8a9e72c8f64868101f5dd44ece"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUaM8MljA2WVxYhWfRrR1IQEEBapyvisgLJJjXx3yOD7lKfqSzFOumRxdz%2FXiQyJ47pVT3HkfO14i1OLV4QpMLmOZ5u6dGuBZnbeMEjIqYrcwGaQ5AGG8E673AXvqOIgLG6ZcDdBlmV9LDp4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8397de140ec19131-FRA

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame B555 115 KB
14 KB 59ms
58ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975&b=Z28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=50&e=&g=121c3689836262a14e893a5705835435%2F5587413522742643148&i=20597&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893301&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jzexnyx97018mp6hcfpggvcjhebj7r1t7h62fs0ts94mmtj548jk27brb9qkhwvj1qgnvyrnj3qw1p0edgar0ja435z66qjn8brm6z7m6bawm3qpxhfbf5hw5wk6tv9a0m10ctj525nj077ngg7j4frfqynq8aqtgtxh0hfk0zc9txcj0cj0cwz5dpz2rd32101vmeq2g0tkvtwvpq3tcytncjdst5xm808pet4vysz1whhxn5azs5reabkqjtjj148ysyktghz75qs3348zd3e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-lwejGyFZfPvGuKe7_UPzNCDiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0Pa18-Gn5sKix6c_kPnCh-TZdD5h9YMlIv5mPqA18d5yzX2osEflVvrzg5R4kxNTo1uBZD-zKluzx0EoT0jdYq2sMPUo1du29zzeYA7iRoGCXjEY8MxKL-ol_qiNHx4Y644lbmZ41gLF_KsN1XgI30u9ShSUm0ipLW35u7XnVIUE0xIlbz6HE81P4JLfXv8YXS7-38as4WRKGdPEQWh1ifHP2Ubx2dJHT--sJcPN5ctYhMZLvRLP-1W81RPdB7oYkIT7fRhC38RbP4A-tNwTgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN3Ax5zyooMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_16pC8lVHUJk3gPGqrBYOqDnfSAbg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=183975&b=Z28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=50&e=&g=121c3689836262a14e893a5705835435%2F5587413522742643148&i=20597&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893301&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jzexnyx97018mp6hcfpggvcjhebj7r1t7h62fs0ts94mmtj548jk27brb9qkhwvj1qgnvyrnj3qw1p0edgar0ja435z66qjn8brm6z7m6bawm3qpxhfbf5hw5wk6tv9a0m10ctj525nj077ngg7j4frfqynq8aqtgtxh0hfk0zc9txcj0cj0cwz5dpz2rd32101vmeq2g0tkvtwvpq3tcytncjdst5xm808pet4vysz1whhxn5azs5reabkqjtjj148ysyktghz75qs3348zd3e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-lwejGyFZfPvGuKe7_UPzNCDiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0Pa18-Gn5sKix6c_kPnCh-TZdD5h9YMlIv5mPqA18d5yzX2osEflVvrzg5R4kxNTo1uBZD-zKluzx0EoT0jdYq2sMPUo1du29zzeYA7iRoGCXjEY8MxKL-ol_qiNHx4Y644lbmZ41gLF_KsN1XgI30u9ShSUm0ipLW35u7XnVIUE0xIlbz6HE81P4JLfXv8YXS7-38as4WRKGdPEQWh1ifHP2Ubx2dJHT--sJcPN5ctYhMZLvRLP-1W81RPdB7oYkIT7fRhC38RbP4A-tNwTgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN3Ax5zyooMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_16pC8lVHUJk3gPGqrBYOqDnfSAbg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 810712
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ko1gBI7rbaY8dZ91AgzWHEti8gF7mjLO4xeTyJfFrm%2Fsqa4MxFwNyuye1odP%2FLElUwDc3NA6g32XRiOnTHYVhuZKVnPkkyFLixiiuoYSg4cmtZALFgjHRYBkrRtWzWBT96cM7%2F49cLk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8397de141ebb696a-FRA
expires: Sat, 23 Dec 2023 11:01:33 GMT

GET
H2 200 71822252443746CAFD12D9E55FD268C1CD4E723FC7E6FEA7C619297C18F60F705EDC75D8C302298612ADE97D145F0B4D195653C63CDD1F77FE140282FF3AC22A
assets.ad4m.at/logo/ Frame B555 10 KB
10 KB 76ms
76ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/71822252443746CAFD12D9E55FD268C1CD4E723FC7E6FEA7C619297C18F60F705EDC75D8C302298612ADE97D145F0B4D195653C63CDD1F77FE140282FF3AC22A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975&b=Z28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=50&e=&g=121c3689836262a14e893a5705835435%2F5587413522742643148&i=20597&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893301&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jzexnyx97018mp6hcfpggvcjhebj7r1t7h62fs0ts94mmtj548jk27brb9qkhwvj1qgnvyrnj3qw1p0edgar0ja435z66qjn8brm6z7m6bawm3qpxhfbf5hw5wk6tv9a0m10ctj525nj077ngg7j4frfqynq8aqtgtxh0hfk0zc9txcj0cj0cwz5dpz2rd32101vmeq2g0tkvtwvpq3tcytncjdst5xm808pet4vysz1whhxn5azs5reabkqjtjj148ysyktghz75qs3348zd3e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-lwejGyFZfPvGuKe7_UPzNCDiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0Pa18-Gn5sKix6c_kPnCh-TZdD5h9YMlIv5mPqA18d5yzX2osEflVvrzg5R4kxNTo1uBZD-zKluzx0EoT0jdYq2sMPUo1du29zzeYA7iRoGCXjEY8MxKL-ol_qiNHx4Y644lbmZ41gLF_KsN1XgI30u9ShSUm0ipLW35u7XnVIUE0xIlbz6HE81P4JLfXv8YXS7-38as4WRKGdPEQWh1ifHP2Ubx2dJHT--sJcPN5ctYhMZLvRLP-1W81RPdB7oYkIT7fRhC38RbP4A-tNwTgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN3Ax5zyooMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_16pC8lVHUJk3gPGqrBYOqDnfSAbg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40df2b78182e4ea8c29b45c73a0e7bef10dc5ab61798ce22238d039d2bd81b92

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 132558
cf-polished: origFmt=png, origSize=10653
alt-svc: h3=":443"; ma=86400
content-length: 9924
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Nov 2023 11:11:38 GMT
server: cloudflare
etag: "ca1cf24fc82b7541b262f0d4b15a8100"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BhaLIR0Dc3Q2iAwsOTciU8kEagVCC4uMlnQF%2FcnKSAzTTBxpyCKe76Hga%2F78%2Fzjn7YF3LO4bTouCrUWGO5kh%2BcET%2B3vyoImm7GcVIH0q%2BZTkdYVKbhk5cYLbYQnitK9EWxEnZzE4QFPfjNXu"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8397de142ee99131-FRA

GET
H2 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame B555 28 KB
28 KB 78ms
78ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975&b=Z28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=50&e=&g=121c3689836262a14e893a5705835435%2F5587413522742643148&i=20597&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893301&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jzexnyx97018mp6hcfpggvcjhebj7r1t7h62fs0ts94mmtj548jk27brb9qkhwvj1qgnvyrnj3qw1p0edgar0ja435z66qjn8brm6z7m6bawm3qpxhfbf5hw5wk6tv9a0m10ctj525nj077ngg7j4frfqynq8aqtgtxh0hfk0zc9txcj0cj0cwz5dpz2rd32101vmeq2g0tkvtwvpq3tcytncjdst5xm808pet4vysz1whhxn5azs5reabkqjtjj148ysyktghz75qs3348zd3e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-lwejGyFZfPvGuKe7_UPzNCDiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0Pa18-Gn5sKix6c_kPnCh-TZdD5h9YMlIv5mPqA18d5yzX2osEflVvrzg5R4kxNTo1uBZD-zKluzx0EoT0jdYq2sMPUo1du29zzeYA7iRoGCXjEY8MxKL-ol_qiNHx4Y644lbmZ41gLF_KsN1XgI30u9ShSUm0ipLW35u7XnVIUE0xIlbz6HE81P4JLfXv8YXS7-38as4WRKGdPEQWh1ifHP2Ubx2dJHT--sJcPN5ctYhMZLvRLP-1W81RPdB7oYkIT7fRhC38RbP4A-tNwTgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN3Ax5zyooMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_16pC8lVHUJk3gPGqrBYOqDnfSAbg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dc0b8445f80ad134748d7c83953db4326302247a34ba6fa2239b61836930842

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3228099
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 28452
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:10:32 GMT
server: cloudflare
etag: "ad60aab65075d58e4390c75c7ea7b04e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=quGL6IZ471ayISIs5tuoS2V3n9qP%2B%2BVU0BEuv0PQnzQXaqAkSH8sGKcFH4WXrq6mzzYkjE%2BIBI0b0PbR1%2B99g7uJ7HkxRGustlVfyux0c4fwZQ4eW7gYFDARqG6fLvatLB%2B4UjlPk5gbEgb2"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8397de142eec9131-FRA

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 6EB7 115 KB
14 KB 61ms
60ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C197862%2C537178&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=0b6692431a0ccc8a3d007ad5020f0715%2F12881294171857800507&i=21630%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893182&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpcdsd441js1y7svjvzf0ya59emx4d97d82wfg1fncwqyhjya4dj4kkcerpemycstmvk4s65w0jjx2qaradsny5jvxvnmwh1r5hk83dcnj6crz87z98z2vzx66btzy1xx1mvh4hk5j3e31errx6bnsa53345qc4jsymbpb1xpfyqdvfyhbp898fkppxmtb9ckky5k1xc62gbfhakxaf3pxys19x0g567sqk5yfswpywhmbgrx59dea6vggcyahsvbjvw98rn781zzscfrft5907%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=19769%2C197862%2C537178&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=0b6692431a0ccc8a3d007ad5020f0715%2F12881294171857800507&i=21630%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893182&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpcdsd441js1y7svjvzf0ya59emx4d97d82wfg1fncwqyhjya4dj4kkcerpemycstmvk4s65w0jjx2qaradsny5jvxvnmwh1r5hk83dcnj6crz87z98z2vzx66btzy1xx1mvh4hk5j3e31errx6bnsa53345qc4jsymbpb1xpfyqdvfyhbp898fkppxmtb9ckky5k1xc62gbfhakxaf3pxys19x0g567sqk5yfswpywhmbgrx59dea6vggcyahsvbjvw98rn781zzscfrft5907%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 810712
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R9z5heQN98b7GYEQ1ZUngzoyZKYX1nKrUTNA5gZgqOfGqwp%2FCd02LwTA8y1lVj6B%2FqYZHlze20YiMan3DUKcO%2BDmbvkAmT%2Fpleqn6xsmT92w14DEOGusKT3jQ8D5IPzjZ4M9rnOkHsw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8397de141ec5696a-FRA
expires: Sat, 23 Dec 2023 11:01:33 GMT

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 6EB7 4 KB
5 KB 65ms
64ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C197862%2C537178&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=0b6692431a0ccc8a3d007ad5020f0715%2F12881294171857800507&i=21630%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893182&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpcdsd441js1y7svjvzf0ya59emx4d97d82wfg1fncwqyhjya4dj4kkcerpemycstmvk4s65w0jjx2qaradsny5jvxvnmwh1r5hk83dcnj6crz87z98z2vzx66btzy1xx1mvh4hk5j3e31errx6bnsa53345qc4jsymbpb1xpfyqdvfyhbp898fkppxmtb9ckky5k1xc62gbfhakxaf3pxys19x0g567sqk5yfswpywhmbgrx59dea6vggcyahsvbjvw98rn781zzscfrft5907%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 135585
cf-polished: qual=85, origFmt=jpeg, origSize=7258
alt-svc: h3=":443"; ma=86400
content-length: 4294
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 09:56:16 GMT
server: cloudflare
etag: "679602b08629bcaaabfcfad4e68fe53a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gLPfCxYUtBaoA36H6NmO9v2ySiq2QkCQ9vnE86sZlt2D0wnCuekZ4pJjqZxAjmc1L2NV6htuoCtHNGdrrlwNF7Gpqfykutsd%2FEiujx3yJbzCHZY9A%2Fl4DI2TA1ZfIUd3G3i12%2F9%2FtPvL%2Bj3s"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8397de142eef9131-FRA

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 6EB7 15 KB
16 KB 75ms
75ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C197862%2C537178&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=0b6692431a0ccc8a3d007ad5020f0715%2F12881294171857800507&i=21630%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893182&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpcdsd441js1y7svjvzf0ya59emx4d97d82wfg1fncwqyhjya4dj4kkcerpemycstmvk4s65w0jjx2qaradsny5jvxvnmwh1r5hk83dcnj6crz87z98z2vzx66btzy1xx1mvh4hk5j3e31errx6bnsa53345qc4jsymbpb1xpfyqdvfyhbp898fkppxmtb9ckky5k1xc62gbfhakxaf3pxys19x0g567sqk5yfswpywhmbgrx59dea6vggcyahsvbjvw98rn781zzscfrft5907%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1916386
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 15521
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:09:52 GMT
server: cloudflare
etag: "269bd58060bc660c3aec98b388bae571"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=apsQxp2zVxVj4ECsrzXg%2Fu4JI1ezb%2BZ9k3Z%2FRSXpVkD65NKirkYkp42dX6kGBEIzDMSetNJXmLB0gG8%2BQGeDjfsYSnM18JpclCzqhDZUk5z%2FihlK4B61wLafXIvCVxlPenT3DnnmkgMnLgIK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8397de142ef09131-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 6EB7 43 B
702 B 180ms
94ms Image
image/gif 104.102.45.165

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C197862%2C537178&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=0b6692431a0ccc8a3d007ad5020f0715%2F12881294171857800507&i=21630%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893182&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpcdsd441js1y7svjvzf0ya59emx4d97d82wfg1fncwqyhjya4dj4kkcerpemycstmvk4s65w0jjx2qaradsny5jvxvnmwh1r5hk83dcnj6crz87z98z2vzx66btzy1xx1mvh4hk5j3e31errx6bnsa53345qc4jsymbpb1xpfyqdvfyhbp898fkppxmtb9ckky5k1xc62gbfhakxaf3pxys19x0g567sqk5yfswpywhmbgrx59dea6vggcyahsvbjvw98rn781zzscfrft5907%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 -, , ASN (),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Dec 2023 11:01:33 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
assets.ad4m.at/logo/ Frame 6EB7 8 KB
8 KB 69ms
68ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C197862%2C537178&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=0b6692431a0ccc8a3d007ad5020f0715%2F12881294171857800507&i=21630%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893182&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpcdsd441js1y7svjvzf0ya59emx4d97d82wfg1fncwqyhjya4dj4kkcerpemycstmvk4s65w0jjx2qaradsny5jvxvnmwh1r5hk83dcnj6crz87z98z2vzx66btzy1xx1mvh4hk5j3e31errx6bnsa53345qc4jsymbpb1xpfyqdvfyhbp898fkppxmtb9ckky5k1xc62gbfhakxaf3pxys19x0g567sqk5yfswpywhmbgrx59dea6vggcyahsvbjvw98rn781zzscfrft5907%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1126261762db36bce53560ac36f5ede1954662d33a6d6eeb62d84b715070e7bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 129570
cf-polished: qual=85, origFmt=jpeg, origSize=10446
alt-svc: h3=":443"; ma=86400
content-length: 7728
cf-bgj: imgq:85,h2pri
last-modified: Sat, 04 Nov 2023 16:41:23 GMT
server: cloudflare
etag: "bddcb815cd8abad672404f9cdec6f97c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NbPZwm21Ty1ilXEStjKEtkM5zjyJbFkroQLZA79G8Sc84fXahEs7FD9mE1Bks2P2KhX%2BHGgOF3x%2FBJ%2FbXyme7JBjY3qj3gU3sCdOZy7Z1NicV2DmTgR70a7%2BeSiyy%2FaBCa2sbHiO79qgZJ0Z"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8397de142ef29131-FRA

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 6EB7 11 KB
11 KB 73ms
72ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C197862%2C537178&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=0b6692431a0ccc8a3d007ad5020f0715%2F12881294171857800507&i=21630%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893182&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpcdsd441js1y7svjvzf0ya59emx4d97d82wfg1fncwqyhjya4dj4kkcerpemycstmvk4s65w0jjx2qaradsny5jvxvnmwh1r5hk83dcnj6crz87z98z2vzx66btzy1xx1mvh4hk5j3e31errx6bnsa53345qc4jsymbpb1xpfyqdvfyhbp898fkppxmtb9ckky5k1xc62gbfhakxaf3pxys19x0g567sqk5yfswpywhmbgrx59dea6vggcyahsvbjvw98rn781zzscfrft5907%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7f7f5265aeb0202ce88e8a6dfcc0ca25a7b990bb9ffac2f9e430ae6af2b6154

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 145506
cf-polished: qual=85, origFmt=jpeg, origSize=13532
alt-svc: h3=":443"; ma=86400
content-length: 11268
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Nov 2023 22:13:51 GMT
server: cloudflare
etag: "d9fd29c7a268fd485230a60f0d2e0192"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xjjxKfGGlJl7MeFXmgNfK2BgC1QuzmbfGSVoFMa8U98QKMOAAA%2BtnKP5rv%2BY8D01xQlF2%2F%2F%2FP2tt88Jfo1yROiiEQZfzBnT5CrAWl5jy11gAbLL9T3xieQVDiM7mUvJWGpmluNOkIByO%2F3Z"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8397de142ef49131-FRA

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 6EB7 7 KB
7 KB 65ms
64ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C197862%2C537178&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=0b6692431a0ccc8a3d007ad5020f0715%2F12881294171857800507&i=21630%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893182&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpcdsd441js1y7svjvzf0ya59emx4d97d82wfg1fncwqyhjya4dj4kkcerpemycstmvk4s65w0jjx2qaradsny5jvxvnmwh1r5hk83dcnj6crz87z98z2vzx66btzy1xx1mvh4hk5j3e31errx6bnsa53345qc4jsymbpb1xpfyqdvfyhbp898fkppxmtb9ckky5k1xc62gbfhakxaf3pxys19x0g567sqk5yfswpywhmbgrx59dea6vggcyahsvbjvw98rn781zzscfrft5907%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 137012
cf-polished: qual=85, origFmt=jpeg, origSize=8714
alt-svc: h3=":443"; ma=86400
content-length: 6672
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 08:50:26 GMT
server: cloudflare
etag: "52953af169f970e1ac17ba40d8c26548"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WifneLx459dRGmzJTUQZ%2F4wyD04Jvsgm7KIRE2lZaZgjwR%2BaQiDmNOtqdJqndLYHX8eoHDccdquSXP89WC8KiLvgv0n65Y4Kq6yf9FB2%2FatZ0Elep4I%2B3Jva0ZrYaIG1RrF2d8Zj9wAnHgUC"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8397de142ef59131-FRA

GET
H2 200 E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
assets.ad4m.at/ Frame 6EB7 25 KB
25 KB 65ms
65ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C197862%2C537178&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=0b6692431a0ccc8a3d007ad5020f0715%2F12881294171857800507&i=21630%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893182&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpcdsd441js1y7svjvzf0ya59emx4d97d82wfg1fncwqyhjya4dj4kkcerpemycstmvk4s65w0jjx2qaradsny5jvxvnmwh1r5hk83dcnj6crz87z98z2vzx66btzy1xx1mvh4hk5j3e31errx6bnsa53345qc4jsymbpb1xpfyqdvfyhbp898fkppxmtb9ckky5k1xc62gbfhakxaf3pxys19x0g567sqk5yfswpywhmbgrx59dea6vggcyahsvbjvw98rn781zzscfrft5907%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d276da068fea1049fbb29d0aaeda5b9fa8a38e50b3f55741ffe2899cd52e6d5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1391836
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 25413
cf-bgj: imgq:85,h2pri
last-modified: Wed, 06 Dec 2023 08:24:17 GMT
server: cloudflare
etag: "7e811696e8763f5dce86bbb648013620"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UwxxD4gc%2Fr%2BWYjQAEEYpkTU40Ok4VOKJkIddE4GGxZqkFwQkVRp4W2CF8G25WAB8xCrG7SGaMN0NvOgd8czK%2BLCb9AsP6OdegMCGgMgTCjPtn4OrwcHzU1w0fTz%2FMaQ%2Fi52D%2Fs8SgJ5v7Pze"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8397de142ef69131-FRA

GET
H2

200

ztpv.php
www.conrad.de/ Frame 6EB7
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneiddk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPWoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1703242893_77e20880-a0b9-11ee-86a2-223889379c61&insert=AW&&gdpr=0&gdpr_consent=

0
495 B

153ms
54ms

Image
text/html

2606:4700::6813:afbe

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1703242893_77e20880-a0b9-11ee-86a2-223889379c61&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Protocol

Server

2606:4700::6813:afbe -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
cf-ray: 8397de15d9ee1e54-FRA
content-length: 0
expires: -1

Redirect headers

Date: Fri, 22 Dec 2023 11:01:33 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1703242893_77e20880-a0b9-11ee-86a2-223889379c61&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 257C 39 KB
15 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 13:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78652
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Dec 2024 13:10:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7C6B 0
0 77ms
76ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=510619576081689&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 47A9 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 10:19:47 GMT
expires: Sat, 21 Dec 2024 10:19:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CCB0 829 B
561 B 54ms
54ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f5d96f591ddd879e8e7ca5958e0dd3e5aa20d2e469ec61c56066c86bec0171b4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3BhQOP0D9w2KhCZpVh9qRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-3BhQOP0D9w2KhCZpVh9qRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 11:01:33 GMT
expires: Fri, 22 Dec 2023 11:01:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 3F78 39 KB
15 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 13:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78652
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Dec 2024 13:10:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B968 0
0 75ms
74ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=1570296872092261&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 429 link.html
track.webgains.com/ Frame 5793 0
0 204ms
52ms Script
text/html 3.9.151.155

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3118461&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j8c2m3feyf2njzws6r5hsjn4wzg9kr69ym57w2pjrmtw74v8nh8hwhefkv6svhv5jxraewnk0gn393fvry1ed3mys3b1v8y5qw4nj4m9t90ff80tbz9egc1rd5vr3g4maham613snfs3rn2bqzkssratbvtw45k5hp971cas3jckz32tayx8pezm3gg5z7197rmr44n4jakhp73hfttrs6vhsp45ya86mw63s1v8ar7aq3bhsev4xszhaaqrzyz1jyg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gm22q4b9444aejr3r6k9w1n2dvzxe0b3qnmwenxnk96q6kyadxr1vaapm438v4556zjm9437abmem008nc834ewqnqjcsmb070bh8ev7ap1e6q5s2vrhf4nyvbjtd0vj0etyx2a0p7qgysx4n6aeaj1jmnkjh44nwgdc2e9f9pjwnzjh7se4y15wc8bybw22npf60v0bewxjv540b98drpvzvj5hxwe4y0cc6mtnx58km4p4c1d9a8shsks4gxsht2gca8g08qbf5rh0r5sqwwb%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%252526client%25253Dca-pub-5884294479391638%252526adurl%25253D&clickref=oneidEDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdPoneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBWoneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C22451%2C43766&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M%2C791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x%2CEDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP&c=120&d=600&e=&g=321ec706a9e9084c47b143badf7f4031%2F15314562129382337961&i=29981%2C25174%2C24891&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893293&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm22q4b9444aejr3r6k9w1n2dvzxe0b3qnmwenxnk96q6kyadxr1vaapm438v4556zjm9437abmem008nc834ewqnqjcsmb070bh8ev7ap1e6q5s2vrhf4nyvbjtd0vj0etyx2a0p7qgysx4n6aeaj1jmnkjh44nwgdc2e9f9pjwnzjh7se4y15wc8bybw22npf60v0bewxjv540b98drpvzvj5hxwe4y0cc6mtnx58km4p4c1d9a8shsks4gxsht2gca8g08qbf5rh0r5sqwwb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.151.155 -, , ASN (),
Reverse DNS
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
server: awselb/2.0
content-length: 45
content-type: text/html

GET
H2 429 link.html
track.webgains.com/ Frame B555 0
0 176ms
57ms Script
text/html 3.9.151.155

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2370525&wgcampaignid=1384975&wgprogramid=265645&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h7ty6v350b64dm7eqc9fhb5x2dkrh4ab34ks16hz4dvh70p25yj7cv6pse2sznhsp2nx3902tg8gpaz41dmyvvyxdw207pwr9yvkm045ya8a57rz5jm88m567ap2xnmh3px0eey087dcykdtdtjpxkfd4qzn5ra2xjc2mnd107pd9jrvc3985ykkheqd1wvsaehctjvn5h8s4r5r5cv4xe4zgscyyphcwky8v8g97jkke8nzwt103ermsa824mfkzrg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jzexnyx97018mp6hcfpggvcjhebj7r1t7h62fs0ts94mmtj548jk27brb9qkhwvj1qgnvyrnj3qw1p0edgar0ja435z66qjn8brm6z7m6bawm3qpxhfbf5hw5wk6tv9a0m10ctj525nj077ngg7j4frfqynq8aqtgtxh0hfk0zc9txcj0cj0cwz5dpz2rd32101vmeq2g0tkvtwvpq3tcytncjdst5xm808pet4vysz1whhxn5azs5reabkqjtjj148ysyktghz75qs3348zd3e%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC-lwejGyFZfPvGuKe7_UPzNCDiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0Pa18-Gn5sKix6c_kPnCh-TZdD5h9YMlIv5mPqA18d5yzX2osEflVvrzg5R4kxNTo1uBZD-zKluzx0EoT0jdYq2sMPUo1du29zzeYA7iRoGCXjEY8MxKL-ol_qiNHx4Y644lbmZ41gLF_KsN1XgI30u9ShSUm0ipLW35u7XnVIUE0xIlbz6HE81P4JLfXv8YXS7-38as4WRKGdPEQWh1ifHP2Ubx2dJHT--sJcPN5ctYhMZLvRLP-1W81RPdB7oYkIT7fRhC38RbP4A-tNwTgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN3Ax5zyooMD-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_16pC8lVHUJk3gPGqrBYOqDnfSAbg%252526client%25253Dca-pub-5884294479391638%252526adurl%25253D&clickref=oneid9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneidZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975&b=Z28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=50&e=&g=121c3689836262a14e893a5705835435%2F5587413522742643148&i=20597&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893301&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jzexnyx97018mp6hcfpggvcjhebj7r1t7h62fs0ts94mmtj548jk27brb9qkhwvj1qgnvyrnj3qw1p0edgar0ja435z66qjn8brm6z7m6bawm3qpxhfbf5hw5wk6tv9a0m10ctj525nj077ngg7j4frfqynq8aqtgtxh0hfk0zc9txcj0cj0cwz5dpz2rd32101vmeq2g0tkvtwvpq3tcytncjdst5xm808pet4vysz1whhxn5azs5reabkqjtjj148ysyktghz75qs3348zd3e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-lwejGyFZfPvGuKe7_UPzNCDiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0Pa18-Gn5sKix6c_kPnCh-TZdD5h9YMlIv5mPqA18d5yzX2osEflVvrzg5R4kxNTo1uBZD-zKluzx0EoT0jdYq2sMPUo1du29zzeYA7iRoGCXjEY8MxKL-ol_qiNHx4Y644lbmZ41gLF_KsN1XgI30u9ShSUm0ipLW35u7XnVIUE0xIlbz6HE81P4JLfXv8YXS7-38as4WRKGdPEQWh1ifHP2Ubx2dJHT--sJcPN5ctYhMZLvRLP-1W81RPdB7oYkIT7fRhC38RbP4A-tNwTgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN3Ax5zyooMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_16pC8lVHUJk3gPGqrBYOqDnfSAbg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.151.155 -, , ASN (),
Reverse DNS
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
server: awselb/2.0
content-length: 45
content-type: text/html

GET
H2 200 link.html Show response
track.webgains.com/ Frame 6EB7 2 KB
2 KB 201ms
85ms Script
text/html 3.9.151.155

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&wgprogramid=286305&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jbnxht85kjqctbcp1b46bscmbrst2wqac4qr0cdz0kf8dvrabcwtz6nqmeb50y8e2j308gf6t431dh68gpx180j0m1k4hdt9wtjy9rtz9a7ha1abe13m8q81v31mzjb9bxbtzv858m98pfx15g3pj09fr9q21a3h73ffcnxjedwtfv41gs2q00zmmndecz2tg268hcsn11fbp76vxds38nmgy6fph3kbvbr1p4ktaz8ftt10eqfd850w059nk976kzzc%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jpcdsd441js1y7svjvzf0ya59emx4d97d82wfg1fncwqyhjya4dj4kkcerpemycstmvk4s65w0jjx2qaradsny5jvxvnmwh1r5hk83dcnj6crz87z98z2vzx66btzy1xx1mvh4hk5j3e31errx6bnsa53345qc4jsymbpb1xpfyqdvfyhbp898fkppxmtb9ckky5k1xc62gbfhakxaf3pxys19x0g567sqk5yfswpywhmbgrx59dea6vggcyahsvbjvw98rn781zzscfrft5907%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%252526client%25253Dca-pub-5884294479391638%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C197862%2C537178&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=0b6692431a0ccc8a3d007ad5020f0715%2F12881294171857800507&i=21630%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893182&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpcdsd441js1y7svjvzf0ya59emx4d97d82wfg1fncwqyhjya4dj4kkcerpemycstmvk4s65w0jjx2qaradsny5jvxvnmwh1r5hk83dcnj6crz87z98z2vzx66btzy1xx1mvh4hk5j3e31errx6bnsa53345qc4jsymbpb1xpfyqdvfyhbp898fkppxmtb9ckky5k1xc62gbfhakxaf3pxys19x0g567sqk5yfswpywhmbgrx59dea6vggcyahsvbjvw98rn781zzscfrft5907%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.151.155 -, , ASN (),
Reverse DNS
Software: nginx / PHP/7.4.26
Resource Hash: 0eed33c3afbfb159d33437fc30355d5c8543c2f133bf36c35711022cba3dd46f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
last-modified: Fri, 22 Dec 2023 11:01:33 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 22 Dec 2023 11:02:33 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CCB0 0
0 73ms
73ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=2231393102354728&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 47A9 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 13:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78652
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Dec 2024 13:10:41 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 257C 0
10 B 38ms
38ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?FZYAQA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3F78 0
10 B 39ms
38ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?q6baZQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 47A9 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?TCZpLg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:01:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 079F 42 B
64 B 76ms
75ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwuCLpOukbsNdb6zZEXjrt6bz-th-stH48qcQ0aPlv6oBvQ6gDd8Ev2_sypY3xOhADJZKuqJjCN36cgWLyZVI9gkE_7H-i6fBZTt8EkZsXyWBmOVYGdw&sig=Cg0ArKJSzG9G8ynnPh8JEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1418711512&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703242892249&rpt=440&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 11:01:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET pvClk.min.js
analytics.webgains.io/ Frame 6EB7 0
0

GET 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 6EB7 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: banner.congstar.de
URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1703242893_77f2d161-a0b9-11ee-a9f2-22382f104756

Domain: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Domain: cdn.track.production.webgains.team
URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1703243193&Signature=gtQ6c~41vTJwTvzBdRJmtOK4SXuqoX0LUni7ydCyHwwwcmtIfDsnWozWL5qb38yRDo6nuqZjOFLCZREnTJEnQCjE7l8PC-qB3-bAA~f2kcO8pk5D4IKYkM~9GeRTvf55yjGSKQbq1skCvXtuXeVl94rs8vpFy4Bf26qaayvU2rQr1fYSm2LytCCuAdRGU9872UFrE6tK-gjA9NnaIxoeysYJOEaP3RwfaI1aEKFYLjUK12xyZtz8JcsLqE6b40jwZW-6MKsoRHNl5BMWyNSMHr~thk6BwvM6dYSXNhG-e1QyIL~lB5LC7hriC143txBxViceOfPVmPwjXNRppl5LyA__&Key-Pair-Id=K28VXAGA7VWE0O

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.statcounter.com/	1970-01-21 02:43:22	Name: is_unique Value: sc12916097.1703242887.0
.statcounter.com/	1970-01-21 02:43:22	Name: is_visitor_unique Value: 1703242887220703575
.xgcartoon.com/	1970-01-21 01:52:58	Name: _ga Value: amp-XbxgKKOQKxwjR7osDQVOig
.doubleclick.net/	1970-01-21 02:28:58	Name: IDE Value: AHWqTUnoi4i0FNaVI7j45AeRT4vqEhmfVLUU2TIiun7L2NP4MbNm-oAFngxu4MCq6QM
.doubleclick.net/	1970-01-20 17:07:23	Name: test_cookie Value: CheckForPermission
.adform.net/	1970-01-20 17:52:01	Name: C Value: 1
.adnxs.com/	1970-01-20 19:16:58	Name: uuid2 Value: 8951301053833468471
.adform.net/	1970-01-20 18:33:46	Name: uid Value: 8664234539957108725
.w55c.net/	1970-01-21 02:39:03	Name: wfivefivec Value: tYwt2xSM1RgDhy5
.travelaudience.com/	1970-01-21 02:39:03	Name: _tracker Value: %7B%22UUID%22%3A%2279474F27-3844-4995-1AB1-21B139F1CEB5%22%7D
.simpli.fi/	1970-01-21 01:54:25	Name: suid Value: 92094092DF0A4340841270F42541A162
pixel.rubiconproject.com/	1970-01-20 19:16:58	Name: receive-cookie-deprecation Value: 1
.w55c.net/	1970-01-20 17:50:34	Name: matchgoogle Value: 5

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan Message: The resource https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network	error	URL: https://track.webgains.com/link.html?wglinkid=3118461&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j8c2m3feyf2njzws6r5hsjn4wzg9kr69ym57w2pjrmtw74v8nh8hwhefkv6svhv5jxraewnk0gn393fvry1ed3mys3b1v8y5qw4nj4m9t90ff80tbz9egc1rd5vr3g4maham613snfs3rn2bqzkssratbvtw45k5hp971cas3jckz32tayx8pezm3gg5z7197rmr44n4jakhp73hfttrs6vhsp45ya86mw63s1v8ar7aq3bhsev4xszhaaqrzyz1jyg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gm22q4b9444aejr3r6k9w1n2dvzxe0b3qnmwenxnk96q6kyadxr1vaapm438v4556zjm9437abmem008nc834ewqnqjcsmb070bh8ev7ap1e6q5s2vrhf4nyvbjtd0vj0etyx2a0p7qgysx4n6aeaj1jmnkjh44nwgdc2e9f9pjwnzjh7se4y15wc8bybw22npf60v0bewxjv540b98drpvzvj5hxwe4y0cc6mtnx58km4p4c1d9a8shsks4gxsht2gca8g08qbf5rh0r5sqwwb%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%252526client%25253Dca-pub-5884294479391638%252526adurl%25253D&clickref=oneidEDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdPoneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBWoneid__suite_Netmix_Reach121_BESTPERFORMER Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://track.webgains.com/link.html?wglinkid=2370525&wgcampaignid=1384975&wgprogramid=265645&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h7ty6v350b64dm7eqc9fhb5x2dkrh4ab34ks16hz4dvh70p25yj7cv6pse2sznhsp2nx3902tg8gpaz41dmyvvyxdw207pwr9yvkm045ya8a57rz5jm88m567ap2xnmh3px0eey087dcykdtdtjpxkfd4qzn5ra2xjc2mnd107pd9jrvc3985ykkheqd1wvsaehctjvn5h8s4r5r5cv4xe4zgscyyphcwky8v8g97jkke8nzwt103ermsa824mfkzrg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jzexnyx97018mp6hcfpggvcjhebj7r1t7h62fs0ts94mmtj548jk27brb9qkhwvj1qgnvyrnj3qw1p0edgar0ja435z66qjn8brm6z7m6bawm3qpxhfbf5hw5wk6tv9a0m10ctj525nj077ngg7j4frfqynq8aqtgtxh0hfk0zc9txcj0cj0cwz5dpz2rd32101vmeq2g0tkvtwvpq3tcytncjdst5xm808pet4vysz1whhxn5azs5reabkqjtjj148ysyktghz75qs3348zd3e%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC-lwejGyFZfPvGuKe7_UPzNCDiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0Pa18-Gn5sKix6c_kPnCh-TZdD5h9YMlIv5mPqA18d5yzX2osEflVvrzg5R4kxNTo1uBZD-zKluzx0EoT0jdYq2sMPUo1du29zzeYA7iRoGCXjEY8MxKL-ol_qiNHx4Y644lbmZ41gLF_KsN1XgI30u9ShSUm0ipLW35u7XnVIUE0xIlbz6HE81P4JLfXv8YXS7-38as4WRKGdPEQWh1ifHP2Ubx2dJHT--sJcPN5ctYhMZLvRLP-1W81RPdB7oYkIT7fRhC38RbP4A-tNwTgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN3Ax5zyooMD-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_16pC8lVHUJk3gPGqrBYOqDnfSAbg%252526client%25253Dca-pub-5884294479391638%252526adurl%25253D&clickref=oneid9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneidZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER Message: Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
ad4m.at
ads.travelaudience.com
analytics.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
c.statcounter.com
c1.adform.net
cdn.ampproject.org
cdn.track.production.webgains.team
cm.g.doubleclick.net
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
googleads.g.doubleclick.net
match.360yield.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pm.w55c.net
prod-rtb.ad4mat.net
pv.medialead.de
region1.google-analytics.com
rtb.openx.net
s.ad.smaato.net
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-a.xgcartoon.com
static-de.ad4mat.net
sync.1rx.io
sync.targeting.unrulymedia.com
sync.teads.tv
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
www.awin1.com
www.conrad.de
www.google.com
www.googletagservices.com
www.xgcartoon.com
x.bidswitch.net
analytics.webgains.io
banner.congstar.de
cdn.track.production.webgains.team
104.102.45.165
104.18.36.155
104.20.95.138
169.150.222.217
172.217.23.98
178.250.1.9
18.197.41.124
2.19.104.4
2001:4860:4802:34::36
213.155.156.165
217.182.178.228
2600:1901:0:76b9::
2600:9000:25e8:3400:1b:5138:8a40:93a1
2606:4700:20::681a:61b
2606:4700:20::681a:ad1
2606:4700:20::ac43:47bf
2606:4700:20::ac43:4a81
2606:4700::6813:afbe
2a00:1450:4001:800::2002
2a00:1450:4001:803::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:811::2001
2a00:1450:4001:81c::2001
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2002
2a02:fa8:8806:13::1370
3.9.151.155
35.190.0.66
35.204.74.118
35.227.252.103
35.71.131.137
37.157.4.28
37.252.171.85
46.228.174.117
51.89.9.252
52.58.114.78
54.229.5.240
69.173.144.165
91.121.248.44
00ec1365c05b2843c4e57ff0b5006e9501b19c4138d7d1286a7d42ab133b0d03
05e08c808879f06b105eb9a706db9efc115a1ad6a3bdd536d8cac7868012ef4e
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
086201b1717dc01de92caf616dba26dac813fabb51aa117fb6c42502b4b1e08c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c6b8f3b05a27a98bb5b8ef987e24599301129f33bfccc8f67a744faac72264f
0cbb4a1e80cdad6d5c96c1353aff383e743af61e8d5b157e3379694684b66ade
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0eed33c3afbfb159d33437fc30355d5c8543c2f133bf36c35711022cba3dd46f
10a9496c968fb01e420759b953e1c683c7620261d4d04ae9a290d42dd63d4455
1126261762db36bce53560ac36f5ede1954662d33a6d6eeb62d84b715070e7bc
19b72a92913062223f56ea8d20589267234fd8ee714fb46607968711a9d6d63d
1db88f073601d3e30002743d54a64924a0719eef98c5462c34215148781b79b5
1e2aa31ea0b4c14103915ba7d906536f68d021c22d3038b36c145bc2e6a2cc1d
1f1ea0482ac03225cda20a2b6ac7672db9066ca26dd0ac9c2e2be6e27ed2544c
25032c8c8a338369d566c3325a7395222ce48fa86a4f78ddc0b75c739b175927
26030c67cb2fdca21d7a79476616fdb6466ff96e9708a24c4c1f6677b6ad55f3
29ef0739d5603f89381de3d3cd955be635a16c212f5122ef604feefb145a19f3
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669
2a9e1eedba53e281f772796dd83eb2280b1a1c1c1c9ebd114d5bb7499fde7bdc
2b86d265a0bfafc113ce244f87cd497d3a164c87e97b9ff2bb8693217272e959
2d3334cb8e61a3c61e708b657e644941f8f70d86f10d9b8d9f2a8308b39b6701
2d9c3d077667e6e6e6db0d58ac74ee13502b643d66a63dcf213a9991e7b5d1b1
2dfc3120b346b740f323485e3711448804353c1c5c213ec822a6ff76e0c7b8ad
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32889607a9ca0ff509db1a6f3610a9e2b5e63cae6850fc208bd06c000d733db6
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3374f10dfed2ff562a68ac020cd5f30365b4d23d56dcf688698bd16b9121eaf1
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254
3b8fd957271a7089ccbf728bf63e93fd5de3d78b076ad856a91bed46b09d5abf
3c54442f21c2cbd18f8e6e2508129e77dab00b67022621679202cfe3b9baa4e9
3d6654a62f272de17f6ecfcc755101b008d42ed334f70b653d5afd51495636f8
3dd5bb9fda081a3cb1bd6d513edb1a71746031bec07d8c646abe5813ba9dd4c4
40df2b78182e4ea8c29b45c73a0e7bef10dc5ab61798ce22238d039d2bd81b92
41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37
42422cb1706c506eb32f3e19a4875cfa09172363192641c062a035d4f46309b7
43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28
4644c8170155f76f5c8812e6de5625011b0dab3ea1dccc9ea1df6ead950243c1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48996e74bebf44867bdf2ad3fc3a2fd7a9f7f7b9317e6a652f8e6191cfef90e8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
539dcbf05829f814ac43ca279d55baaf1821174a080a32fa6e08d488a3f88358
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
58307ba9ff94049bd067f1f1c986f76144e3b77c87ef8776f2b3c8f523f2bf44
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
6131dc1f5f4917d39d60cc5a0acdf6cc86983144801036d6a6dfde7e265a1b00
617175475dd7762c2557066f330446636c982b371b142462cf7b4cd7c395f79a
61b795b4b86772a190d146eabb64cfc867f858c9311ddbbecee0a76e4ce2b57b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
657f06943a34735f0a25f30c9ea05c15e24c0985bbdb771e615182b03e03fa9d
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
78693fd6e7380b2962ece513f734b418641b263e302684660323b93961ce7bf2
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b
7e0f46b2918e477200be87cb94fe5fcefd6709ca57d8af751446b14a8d0ce298
8013407130f3d1c34679b5d4a3ca7d56ce95e0a656d501bf0920e8bd8732b6a3
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2
83af0c09a4f51158ec41f22995415aad509db6ef38d91c7feda2503acf5c49f6
83e7677e066db996c90646e6a3c9b367f199ca7abd4b98135b412473c6e5a715
867c548cca19b22658f84703546e5bfd0f399bdb4d0d68ac45b2ff9597e7c97b
873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d
878a2cd75957206fa5958be9c549e0b8f9adf16b6ae5aa305b1405649f2d84a5
8871a6898febb707d23932c32a71b4b21eabdb61a08888195f7e408001ee9f5e
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc0b8445f80ad134748d7c83953db4326302247a34ba6fa2239b61836930842
8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad
8e9a71de8640d1d2451c9db5982ca3d2ba217f13d0315baa04411287db42dae7
8f5ae660a918eba08ad016ea2851d5f712d6f0d8bbddd7c64191e39796c65efa
90f10ca4b4b71f7d97bb2bdf4f6566f5bdf2b5b339da48738b1d2fa4391a7df2
930e3672504293e5810a58b53c4470f2d4ffcd345a68e608de29e0eaa459897d
94aea748a7ee24920e714e2e7f90b23d48298e7a79ae1c666308e020ab157a3f
94fd0fbd71fd2b1ebc82c0404b3bd76c9099bbee0c5361a7069822f889728be4
95db46ef48897d5028f019e9089af3e8e0b8aad3fe358fc3d1e19cfce72da8ec
95f9669f86fe28fac80e3a754575893953ce4880b37490c44fb603257ccfd95b
9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66
98943ace7e40462eae22caf1645fadbf7e7d59b696cd3ed0391837e0efa41801
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1
a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e
ac79466527bbddc1f62ebc9439506bf48c8c6f19cfbb8e2bb71541c45e0e032d
acec4320ad0885b9cbfe0e0c48f053349f07b44ca764cacf2b5940bbdd0b90c3
b2da1d8d97bf0f9c6b91a686f349e4ce0e46f0c24ce6ffede5568a2225139b8f
b44d8b78b9da842ebc8110ce6ab2389ae44f9704c9de7f5e72cf72b9b1a35388
bb22b6f1eaa16879c8550599bc09f556bba897ecd3826a49db742558c1e0751a
bf13e4e510802d75f0c3f6062d74bfdd1c4e2a0d6e54de7a92e1b0005c23e38b
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5
bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447
c016b97948d1832765d77dccc9eec9db6da68e15bd39e904ba2ad86c7d11c20c
c654b4d50ad1ad7a804399b703554bcbd7f5882c126a21f0798de1a9e99df18c
c79ac6cfee8e008a056c553c31aebea9faf21e90d1f8ca4e5fcf7367531aa868
c7f7f5265aeb0202ce88e8a6dfcc0ca25a7b990bb9ffac2f9e430ae6af2b6154
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a
c8faf99fd993e58fc0a8cd69550d2a57eebf491b4a8bc7bbf9fa7fb2d7ac39b7
c93dd298a227decbcbc5fcc458c787f081db10425e322950458c08e0656384d7
cf7e7f92b22ca9527fe6cfea0ca1578a6422262631baed0f863136a8d18a12d8
d03f4d2bc051e30a3e7200e115681be89ce1525e56ae6040c0f2ef93e4df328f
d2178b3bd0c2cc7cfcd4b46abe1f019da9afc22b4b2de0ddd0f104de9b4e420e
d276da068fea1049fbb29d0aaeda5b9fa8a38e50b3f55741ffe2899cd52e6d5d
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8
d50653c6b567749e8af96b01371c0830a1ab0731ac3e13230bc12913e00c4f52
db2e4e6461e2031165b8e5e9c11a58bdc3eb90876cb1bf9a660a96220ff103ab
dca1a0dc1f2b52f18cf46789de016d2937b1829b3f2db9a19aa78f31a9694e5a
de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421
de6f3845be49878afb5314dd5297e48423a4e952b0ad7fc367627de0338d49d7
e0435079f9a4a1280a9ccfbb593d29768c3f96b4cd7b0c6ee2134f820b5f65cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40d97b983b5756bf934b6b97d8d3fbb7cd719406bf82fee6e8a2c1acced376d
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348
e817fe0df75a2ccb8908c15918c041961d4dd252ed0ef6a33fc8aad26ca00161
e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212
eb2d993f50ef7d1ef5baf8468fa8c632211a101343450e640468e3295396388d
ec227134d399227fe358e0086b7e5537b5274cd941b5b5fb0e565c4eb13a56b7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5458d67488ccf7174d16072d151922758b6f084626a799a242ca5cb28d02526
f5d96f591ddd879e8e7ca5958e0dd3e5aa20d2e469ec61c56066c86bec0171b4
fc1152c6791393462d034fa657eaf36ac8dcc73b4e22c6258628d55c9ed15481
fea91d88ec3a7a0e721f2a283f71aa532ab947d817a4e82f933b2e269e074739

www.xgcartoon.com Open in urlscan Pro 169.150.222.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

261 Requests

90 %HTTPS

41 %IPv6

37 Domains

45 Subdomains

31 IPs

10 Countries

3334 kBTransfer

9062 kBSize

13 Cookies

1 Outgoing links

Redirected requests

261 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.xgcartoon.com Open in urlscan Pro
169.150.222.217 Public Scan

Screenshot
Live screenshot

Full Image

261
Requests

90 %
HTTPS

41 %
IPv6

37
Domains

45
Subdomains

31
IPs

10
Countries

3334 kB
Transfer

9062 kB
Size

13
Cookies

261 HTTP transactions
14 data transactions