URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Submission: On December 22 via api from US — Scanned from DE

Summary

This website contacted 31 IPs in 10 countries across 37 domains to perform 261 HTTP transactions. The main IP is 169.150.222.217, located in Hong Kong, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.xgcartoon.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on September 24th 2023. Valid for: a year.
This is the only time www.xgcartoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 169.150.222.217 60068 (CDN77 ^_^)
12 2a00:1450:400... 15169 (GOOGLE)
1 104.20.95.138 13335 (CLOUDFLAR...)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
51 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
36 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
48 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 35.71.131.137 16509 (AMAZON-02)
3 18.197.41.124 16509 (AMAZON-02)
5 5 37.157.4.28 198622 (ADFORM)
5 26 172.217.23.98 15169 (GOOGLE)
1 35.227.252.103 396982 (GOOGLE-CL...)
1 217.182.178.228 ()
5 2600:1901:0:7... 396982 (GOOGLE-CL...)
3 3 52.58.114.78 16509 (AMAZON-02)
2 178.250.1.9 44788 (ASN-CRITE...)
4 7 51.89.9.252 16276 (OVH)
2 54.229.5.240 16509 (AMAZON-02)
3 3 37.252.171.85 29990 (ASN-APPNEX)
2 2 35.204.74.118 396982 (GOOGLE-CL...)
1 1 35.190.0.66 15169 (GOOGLE)
2 2 69.173.144.165 26667 (RUBICONPR...)
2 4 2.19.104.4 16625 (AKAMAI-AS)
3 2606:4700:20:... ()
2 2 213.155.156.165 ()
1 2600:9000:25e... ()
3 3 46.228.174.117 ()
2 2 104.18.36.155 ()
10 2606:4700:20:... ()
2 91.121.248.44 ()
1 3 104.102.45.165 ()
1 2606:4700::68... ()
3 3.9.151.155 ()
261 31
Apex Domain
Subdomains
Transfer
78 googlesyndication.com
204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
1 MB
58 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 25796
ad4m.at — Cisco Umbrella Rank: 11359
assets.ad4m.at
484 KB
52 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
159 KB
12 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 428
251 KB
10 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
643 KB
10 xgcartoon.com
www.xgcartoon.com
static-a.xgcartoon.com
503 KB
8 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 145563
static-de.ad4mat.net
2 KB
7 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
2 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
3 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
3 KB
4 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1299
898 B
3 webgains.com
track.webgains.com
2 KB
3 awin1.com
www.awin1.com
2 KB
3 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 478
3 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 818
3 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
436 B
2 medialead.de
pv.medialead.de
653 B
2 casalemedia.com
ssum-sec.casalemedia.com
1 KB
2 1rx.io
sync.1rx.io
2 KB
2 de17a.com
d5p.de17a.com
647 B
2 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
1 KB
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 1765
397 B
2 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 550
725 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
297 B
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2627
207 B
1 conrad.de
www.conrad.de
495 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
573 B
1 smaato.net
s.ad.smaato.net
236 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 5555
550 B
1 smartadserver.com
ssbsync.smartadserver.com
45 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
236 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
256 B
1 statcounter.com
c.statcounter.com — Cisco Umbrella Rank: 10182
468 B
0 webgains.team Failed
cdn.track.production.webgains.team Failed
0 webgains.io Failed
analytics.webgains.io Failed
0 congstar.de Failed
banner.congstar.de Failed
261 37
Domain Requested by
36 pagead2.googlesyndication.com 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
36 tpc.googlesyndication.com 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
26 cm.g.doubleclick.net 5 redirects googleads.g.doubleclick.net
20 ad4m.at as.ad4m.at
ad4m.at
20 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
18 assets.ad4m.at as.ad4m.at
15 securepubads.g.doubleclick.net cdn.ampproject.org
204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
www.googletagservices.com
12 cdn.ampproject.org www.xgcartoon.com
cdn.ampproject.org
11 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
10 www.googletagservices.com 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
googleads.g.doubleclick.net
7 onetag-sys.com 4 redirects googleads.g.doubleclick.net
6 www.google.com googleads.g.doubleclick.net
tpc.googlesyndication.com
6 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com cdn.ampproject.org
5 prod-rtb.ad4mat.net googleads.g.doubleclick.net
5 c1.adform.net 5 redirects
5 static-a.xgcartoon.com www.xgcartoon.com
5 www.xgcartoon.com www.xgcartoon.com
cdn.ampproject.org
4 sync.teads.tv 2 redirects googleads.g.doubleclick.net
3 track.webgains.com as.ad4m.at
3 www.awin1.com 1 redirects as.ad4m.at
3 static-de.ad4mat.net as.ad4m.at
3 secure.adnxs.com 3 redirects
3 pm.w55c.net 3 redirects
3 x.bidswitch.net googleads.g.doubleclick.net
2 pv.medialead.de as.ad4m.at
2 ssum-sec.casalemedia.com 2 redirects
2 sync.1rx.io 2 redirects
2 d5p.de17a.com 2 redirects
2 pixel.rubiconproject.com 2 redirects
2 um.simpli.fi 2 redirects
2 match.360yield.com googleads.g.doubleclick.net
2 dis.criteo.com googleads.g.doubleclick.net
2 match.adsrvr.org googleads.g.doubleclick.net
2 dclk-match.dotomi.com googleads.g.doubleclick.net
1 www.conrad.de as.ad4m.at
1 sync.targeting.unrulymedia.com 1 redirects
1 s.ad.smaato.net googleads.g.doubleclick.net
1 ads.travelaudience.com 1 redirects
1 ssbsync.smartadserver.com googleads.g.doubleclick.net
1 rtb.openx.net googleads.g.doubleclick.net
1 region1.google-analytics.com cdn.ampproject.org
1 c.statcounter.com www.xgcartoon.com
0 cdn.track.production.webgains.team Failed as.ad4m.at
0 analytics.webgains.io Failed track.webgains.com
0 banner.congstar.de Failed as.ad4m.at
261 45

This site contains links to these domains. Also see Links.

Domain
cn.xgcartoon.com
Subject Issuer Validity Valid
*.xgcartoon.com
AlphaSSL CA - SHA256 - G4
2023-09-24 -
2024-10-25
a year crt.sh
misc-sni.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA
2023-12-05 -
2025-01-03
a year crt.sh
xgcartoon.com
GTS CA 1P5
2023-11-16 -
2024-02-14
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
www.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-07 -
2024-05-06
a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2023-08-15 -
2024-09-15
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-21 -
2024-01-23
a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4
2023-11-21 -
2024-02-19
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-01 -
2024-03-01
3 months crt.sh
*.360yield.com
Amazon RSA 2048 M01
2023-05-29 -
2024-06-26
a year crt.sh
ad4mat.net
GTS CA 1P5
2023-11-18 -
2024-02-16
3 months crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03
2023-09-04 -
2024-10-02
a year crt.sh
*.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
pv.medialead.de
R3
2023-12-04 -
2024-03-03
3 months crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-10 -
2024-03-09
a year crt.sh
*.webgains.com
Amazon RSA 2048 M01
2023-05-15 -
2024-06-13
a year crt.sh

This page contains 44 frames:

Primary Page: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Frame ID: E4B06E41042EACCAF1119C466ECD15B4
Requests: 38 HTTP requests in this frame

Frame: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: C1D696CA5DE356154BD07AFF2D9C1286
Requests: 11 HTTP requests in this frame

Frame: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: A043D66DAE5F9342F0376E93565061C2
Requests: 10 HTTP requests in this frame

Frame: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 313888EBE3E6CE87C2A684DE2AE516EE
Requests: 11 HTTP requests in this frame

Frame: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: F791BA66E2AE3EA2CA0B0F7A5C7F5991
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_inhead_fy2021.html?hello=world
Frame ID: 0FA02900134A0CC8FCD5007E22855B77
Requests: 1 HTTP requests in this frame

Frame: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: E8EF8CFB7017363ED33CE442C197DA7C
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1280467831&adf=3173046732&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888920&bpp=178&bdt=150&idt=3222&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=1137090130&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079979%2C44795921%2C44809004%2C95320884&oid=2&pvsid=4053400509795091&tmod=1632843462&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ktek2ykiwrgc&fsb=1&dtd=3231
Frame ID: 36F10B03482580AF239DDAE96DB6970A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=482000826&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888951&bpp=216&bdt=166&idt=3212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=3970707060804890&tmod=349667132&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iblt9knfzq7t&fsb=1&dtd=3219
Frame ID: 55180CBFB794FA88AEB32BAE7576C811
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889044&bpp=2941&bdt=115&idt=3202&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3422866323&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079759%2C42532523%2C44795921%2C95320884&oid=2&pvsid=510619576081689&tmod=930227628&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ocue0moz9rkc&fsb=1&dtd=3204
Frame ID: 079FD3E0A2E8C678CB73B078D7C00820
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889134&bpp=2967&bdt=88&idt=3265&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C31079979%2C44809531%2C95320869%2C95320884&oid=2&pvsid=1570296872092261&tmod=982348649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ojcf858v2p6&fsb=1&dtd=3272
Frame ID: 13BF7753894A929D929E396A9B566548
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242892081&bpp=131&bdt=92&idt=332&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1137205606&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531706%2C95320884&oid=2&pvsid=2231393102354728&tmod=1615939969&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ciatwd3whlet&fsb=1&dtd=337
Frame ID: 7DBE5D9A369010116B0D5C07B01FB8B0
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hyrtxbjtezax0agkm65gpxaydgp7z5bm5r0dbsbvzw7jpkk71hre35yerz6tghgw275m26qzk3a2a4vf0gb9nsq46hs364dzd27bsj6965esr3w1jt04h08ab4hwmdgyyg2924rgz0yhhg5s6nz7xymvwvmptbrh7av1k69gc9fd5w1wys6cvzsk115x10smj3knp0sry42wzp24q9crr4kmc8k2ctqq1tjsspg720523zhscer2cqjtjqcytx65eenksgsryhj1w94xz0s9cy9vma0sbehar5a8exv7cb73mq9fpkfk1jvg63htwpdybrj31hhz4b1r08w7arzgwgpdjv1ptym7ntmsb4erxpp0p69ywavxz7arcds8txeakd3jb0snwnqpkcrwfhpg1xsap1c5rbzdqzgerx7j56kfj7wf60sycjkczj7b1m09m13nk5s&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCagb0jGyFZdm8DMSn9u8P9v6bsAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0BxRWrgw_MqYX9BGT2-o6yEZpeftb8751Zup5jUCqeLvwxusBrZlEk5LxdcX8Qr2LSN1mxVY4EBr9LWE7kCeGvMrvSqygzW3W8JU0wKWNTPbUNv_OpF7jo6gzDfi647ZTN2Y9wFbuxBn-0iprfEJ4JWgD3gFplj9QPQEmGvzvNh7C0bK7z2QlCPEqxLrcXnmncekBeWVmxfO6c4oD9eP_TagmTSTO2bU3U1C-TgiCoRuk8owVKPWg3EsAoKuox1j-asZ0i8L16n7DTsNyD6ABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYnIy5nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1OM4sUSYYTQ2D54aP0AKfuApn0Pg%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: 4527D64471C992EFA96E4414FD474B75
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 66E36A1D8AEDEEDDC885F0FF446E6D56
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/error_handler.js
Frame ID: 25B9C17F256ADB145F5C2493BD606D39
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jpn3p0px50wjyek0mgx94504erwhbn8jxppejjryqf7wzq53evtp6ajbe3exkh3wg20dt0pve17prnx2ttt8yvc13h42wmj2cwc1stms6k1ybnq08wg3gyes1bhqksdxc25gw5pmxda92zms50abkjh8ng1dgm54vygpkvqh0prv9h2yn4sw8gvfm79z22dkzt1nnazjt7tw9pt57w39msbvkarmwyxg89tdzehx22am05h2ks27h9xp5wjj6h9e3mdhz9wyg5wqjvzkxq06ewyz5vebhawcn6r9ax0epf2a0kx4a7kjq1j841xn2zh9mcsy1dvc3fpmqh2ve6rtqjn1zqmb19f6ss3szmcs6j8pknkaykv96xse3tqt6df898a7dksnq686cfhehpea8nh1ywgpy1ep1xyr8y9r1ag13h34f24cfax4x7fjdbz2fkfps60&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz158jGyFZZ20C4S99u8PtKOYoAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0IQNZADTwm0SdaKP45aHfDXOps8PlSRTHBi0TnKiX8uZOupqyLMABMgddSc0wwnkI-qNoXEEGHh2PgIj2hCiRS93av71pId0pyTE6ux5dk6R0f7siuMMJUyuDtkXSWYAEAGRUn45tBcUXppWEwUve4_dKzX9h9ajg4K2kHVlFP-p2xK_fTqxEFXBsxUdUoUoJbhj8Fzg128SM77iu6vaGxXqEUpr6RUozeBUD-UBeNrjVWeGgrqpuroWKuVlCsOsLfUeB1dvyKaIn_e2NumABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYzZC4nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2id-X13hiHACaKYAL5s4ftSpou9w%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: C7184F04AA7F0C047B918877486726BA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C52ED6A21C1CA36E9E58F913F1F48236
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kyed8k67exvqz66enq0ateb4ngactzsqtxkjj0p7y5zy0t4642bge25e75636knbksdhkngzm219hdj48h40k8k58k4agbpe9xn87j454k5avds7tpwnacg4ypnfn1cywq3eshtwjtdhhgzg45byvpfj3gp5zk1nvytzkft17m7hagcrakpxggdc8dvs7nfrrgmmr2915hk3k8kdda0z7q8v321s3vjh6vh6sdqqyn6vnrd2ph9a7yee285dcpw8p7mx06bz99wrpn5wqdp2vspdpqttw7kqyqzf3amsnrstt1623nps3npmbvgmqas0z9zqzcc2m32cyqgcg01z9va7ez7h9nktth4vcf65g3fvsexch7cwb00jxq8sg4w02d8eh8204esyfd2t41pd7agkb8bc6t6x892ztmvz5ednsf4tt7xjv7xsrzd4ywhjbtrz0mz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: C500AA85BC89FF2A3AF5A0295C846EB2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 92EDA351C4FA58411E503DEBB4879186
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/error_handler.js
Frame ID: 42875EEE2BDF7AA9DC68CB2856F23C4D
Requests: 6 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 50F682E20E81B76E31BA252A2DEA9608
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1g75fdxqbvphc982ghfse6v3n1rfe4yj6dqy8se0nwj72v4vy32jajr89v10858n13a4qvfywdfv72p1a2qccnec3nqsm6js0vg576q17zn0tp8sq5mmnz1wh0c2z1gtwvdkvbegvz3s7qb5mjbxbrhjt3yjzdd6eknsg4w7szrf9mfh9gahbsjfzq8t4erabzt1cnym2kthhf93ax0cwp7a1yzmajtz2g8tqx8hx345vmkp7bzqckg0wf19tawmckb6d1ac6fp8ah18myfmsa618m02q31q3fqvascarrqjk8zvqk9120mg6axhjr482741bbkfwwkfaeksd3tkm8vyc9kwgjmm5veaanesdtqgwmp0er2z8tbkzxg38cbmph37zqetxr7gsdx27ntg383ptgqb7zntaxq1113nqvmkrkjdw7qkb3vbwbtk1wbr8cs2gth7v8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: A75CA10C5E5F13FEC7A5C4F979ABF713
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 330A82FCC56DBB3D8780FF5A15D51F79
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: BF7D7A87A331876EBB713D4F4A63FECF
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jz04agx21t9ams746q5g4pjncjm7kvrmvgcs99w3fd1kgb7n2kd4e04m3t7gprnhsd43102ahp1r8p476wj8vas1n0v61s30s4k66pxdzf8vf32dwq9tt3v1wmfnhdq3v7reetcs5vwsyy0c3kjr1wafxyvrdfx42hkvn089znjp5411t35m1zj4v4dmdh2cng9cnbgmnde6xdn2pw5cx118fgf06crq3a1n4arsxzm95kkv0yx2cmw18t8f613y5r8f7rb95ks81q2aw2g32qn4p4tre55wbcknzs0mcvb2tn280yqrtz18cns51qmmc3waad2ny11dgcvh0be7n7d79nhedy7awk8fgzv7rya0gmxdzd0gnespc4zey2rhpbws5d43jq2fxv2yd6cw5b701ckwe76f20n981gazd5j5cky5xf9rkv71va9e6364700vj3&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-lwejGyFZfPvGuKe7_UPzNCDiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0Pa18-Gn5sKix6c_kPnCh-TZdD5h9YMlIv5mPqA18d5yzX2osEflVvrzg5R4kxNTo1uBZD-zKluzx0EoT0jdYq2sMPUo1du29zzeYA7iRoGCXjEY8MxKL-ol_qiNHx4Y644lbmZ41gLF_KsN1XgI30u9ShSUm0ipLW35u7XnVIUE0xIlbz6HE81P4JLfXv8YXS7-38as4WRKGdPEQWh1ifHP2Ubx2dJHT--sJcPN5ctYhMZLvRLP-1W81RPdB7oYkIT7fRhC38RbP4A-tNwTgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN3Ax5zyooMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_16pC8lVHUJk3gPGqrBYOqDnfSAbg%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: C4283CE73B069478F106474B33AE44CC
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4AE4920B0EC6C76C5141D0501885205B
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: A4C6204FA4B6AB96286A926C4A11C11C
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 655569762EAF32F1263AE5DE60E5C640
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 8561C605EADD27AA25F7686099D94E8E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B5694B80AC9B99EDAF005F7F9BAEDB10
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B5DD32EC51F4614D8B15B445962ABB3E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6085B02FF7D9BD866C8CA4FD99A15AA2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8C25C11732666DC9B46B230B532EF0EA
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15573&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=50&e=&g=19cccbff6ba55a50bb543fea0fdda0f7%2F15810034432410532909&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893147&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gxkax8vs8wwrz466bvm1cenqphnepcc09pphpvx93akwkbny9ajgbpacyx1qr2cted4766g5k56dsap8zyx2yrsy4nzdaf533mab14h3d43wjp6w854eyg551dm1egv7yep92jbb53aqveymhbkzcsp3agwdekx5dapn8cve6zcecpsmdcsqypk6dk615d2yam9jmcer08a7pbsxd2n0mcgbszevsss0prxa11025g7m19ba366beh580fwk66stagr746bfrfg4fd7z5dtjwv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCagb0jGyFZdm8DMSn9u8P9v6bsAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0BxRWrgw_MqYX9BGT2-o6yEZpeftb8751Zup5jUCqeLvwxusBrZlEk5LxdcX8Qr2LSN1mxVY4EBr9LWE7kCeGvMrvSqygzW3W8JU0wKWNTPbUNv_OpF7jo6gzDfi647ZTN2Y9wFbuxBn-0iprfEJ4JWgD3gFplj9QPQEmGvzvNh7C0bK7z2QlCPEqxLrcXnmncekBeWVmxfO6c4oD9eP_TagmTSTO2bU3U1C-TgiCoRuk8owVKPWg3EsAoKuox1j-asZ0i8L16n7DTsNyD6ABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYnIy5nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1OM4sUSYYTQ2D54aP0AKfuApn0Pg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: AA4CCC12CD80AA3778F13CCFB83D5869
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15573&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=50&e=&g=3ebec5b4d9a3d8de1a44d57c95ae6be1%2F8852330303997521108&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893270&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfrmkfj9ke73stsawqsjg0j29qh1tk4gjybgpvvjcqvt04eczkvtenyj0kwd0jmxzb42j9caqyf55ed104xh4je3baq7b30dmv1qmqt57yjzbh0cc18aaac0vhwrm4zzzvm91pdmxfj7ayjhc79hh2fn5wsvgak8cvszr8qbx33hz337q24zwewx77j8tv8mmagv5q510s2wdw747d6w7qp9q3xs2g8es8mya0yb6pehpsg740s8f1mzfcm8beenmc9t8zfz4k4sbn084b9eekm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz158jGyFZZ20C4S99u8PtKOYoAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0IQNZADTwm0SdaKP45aHfDXOps8PlSRTHBi0TnKiX8uZOupqyLMABMgddSc0wwnkI-qNoXEEGHh2PgIj2hCiRS93av71pId0pyTE6ux5dk6R0f7siuMMJUyuDtkXSWYAEAGRUn45tBcUXppWEwUve4_dKzX9h9ajg4K2kHVlFP-p2xK_fTqxEFXBsxUdUoUoJbhj8Fzg128SM77iu6vaGxXqEUpr6RUozeBUD-UBeNrjVWeGgrqpuroWKuVlCsOsLfUeB1dvyKaIn_e2NumABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYzZC4nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2id-X13hiHACaKYAL5s4ftSpou9w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: 93BA80156082BF10F55DAF6F224DFCB9
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=117569%2C22451%2C43766&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M%2C791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x%2CEDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP&c=120&d=600&e=&g=321ec706a9e9084c47b143badf7f4031%2F15314562129382337961&i=29981%2C25174%2C24891&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893293&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm22q4b9444aejr3r6k9w1n2dvzxe0b3qnmwenxnk96q6kyadxr1vaapm438v4556zjm9437abmem008nc834ewqnqjcsmb070bh8ev7ap1e6q5s2vrhf4nyvbjtd0vj0etyx2a0p7qgysx4n6aeaj1jmnkjh44nwgdc2e9f9pjwnzjh7se4y15wc8bybw22npf60v0bewxjv540b98drpvzvj5hxwe4y0cc6mtnx58km4p4c1d9a8shsks4gxsht2gca8g08qbf5rh0r5sqwwb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: 57938D9F428E7DDE70EF690584A26CAC
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=19769%2C197862%2C537178&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=0b6692431a0ccc8a3d007ad5020f0715%2F12881294171857800507&i=21630%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893182&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpcdsd441js1y7svjvzf0ya59emx4d97d82wfg1fncwqyhjya4dj4kkcerpemycstmvk4s65w0jjx2qaradsny5jvxvnmwh1r5hk83dcnj6crz87z98z2vzx66btzy1xx1mvh4hk5j3e31errx6bnsa53345qc4jsymbpb1xpfyqdvfyhbp898fkppxmtb9ckky5k1xc62gbfhakxaf3pxys19x0g567sqk5yfswpywhmbgrx59dea6vggcyahsvbjvw98rn781zzscfrft5907%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: 6EB7E7A55A2CFE5B9F04D14926AEAAA9
Requests: 13 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=183975&b=Z28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=50&e=&g=121c3689836262a14e893a5705835435%2F5587413522742643148&i=20597&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893301&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jzexnyx97018mp6hcfpggvcjhebj7r1t7h62fs0ts94mmtj548jk27brb9qkhwvj1qgnvyrnj3qw1p0edgar0ja435z66qjn8brm6z7m6bawm3qpxhfbf5hw5wk6tv9a0m10ctj525nj077ngg7j4frfqynq8aqtgtxh0hfk0zc9txcj0cj0cwz5dpz2rd32101vmeq2g0tkvtwvpq3tcytncjdst5xm808pet4vysz1whhxn5azs5reabkqjtjj148ysyktghz75qs3348zd3e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-lwejGyFZfPvGuKe7_UPzNCDiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0Pa18-Gn5sKix6c_kPnCh-TZdD5h9YMlIv5mPqA18d5yzX2osEflVvrzg5R4kxNTo1uBZD-zKluzx0EoT0jdYq2sMPUo1du29zzeYA7iRoGCXjEY8MxKL-ol_qiNHx4Y644lbmZ41gLF_KsN1XgI30u9ShSUm0ipLW35u7XnVIUE0xIlbz6HE81P4JLfXv8YXS7-38as4WRKGdPEQWh1ifHP2Ubx2dJHT--sJcPN5ctYhMZLvRLP-1W81RPdB7oYkIT7fRhC38RbP4A-tNwTgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN3Ax5zyooMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_16pC8lVHUJk3gPGqrBYOqDnfSAbg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: B5557B24FEDBCC1554B865C54C9BFC78
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 257C0B4E275F9AAE828FAAE726090B56
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7C6B8E7B73951D4E9E4FAAF8B5C3927E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3F787696072FBB5359B6D7813E92E7D9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B9686F345B335239868CC2FAB07FEA04
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 47A9D680DC3D98510472863EE93CD68F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CCB0520730017F5B9365D5E030DF8B12
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

🍸光之美少女 第12季(Go!PRINCESS光之美少女!)【日語】 免費高清卡通動漫在線看 - 西瓜卡通

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Page Statistics

261
Requests

90 %
HTTPS

41 %
IPv6

37
Domains

45
Subdomains

31
IPs

10
Countries

3334 kB
Transfer

9062 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDzowZC0slH0Xl1g0Hdn01c&google_cver=1&google_push=AXcoOmTo4RNJx0TVeSOh-A3Pz5hpCkLROEWa54TqM112Rj5dkUGSqgoLY1bkDaX-ie_Uc9mrD7xhVoJdUmYejUZBLoXTZM3kYuRo4w HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDzowZC0slH0Xl1g0Hdn01c&google_cver=1&google_push=AXcoOmTo4RNJx0TVeSOh-A3Pz5hpCkLROEWa54TqM112Rj5dkUGSqgoLY1bkDaX-ie_Uc9mrD7xhVoJdUmYejUZBLoXTZM3kYuRo4w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY2NDIzNDUzOTk1NzEwODcyNQ&google_push=AXcoOmTo4RNJx0TVeSOh-A3Pz5hpCkLROEWa54TqM112Rj5dkUGSqgoLY1bkDaX-ie_Uc9mrD7xhVoJdUmYejUZBLoXTZM3kYuRo4w
Request Chain 109
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENOWA24WNW45n776_qQQ9C0&google_cver=1&google_push=AXcoOmRVBn4SP6__r_7GGxRyi2gtO97Mbtr0_4Ury0YlgsMXDLRDLnc-tzSfLTaTqW8rnjwBKilhmUQLaDFVQJb0ryv5HTHMfrtxBA HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENOWA24WNW45n776_qQQ9C0&google_cver=1&google_push=AXcoOmRVBn4SP6__r_7GGxRyi2gtO97Mbtr0_4Ury0YlgsMXDLRDLnc-tzSfLTaTqW8rnjwBKilhmUQLaDFVQJb0ryv5HTHMfrtxBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dFl3dDJ4U00xUmdEaHk1&google_gid=CAESENOWA24WNW45n776_qQQ9C0&google_cver=1&google_push=AXcoOmRVBn4SP6__r_7GGxRyi2gtO97Mbtr0_4Ury0YlgsMXDLRDLnc-tzSfLTaTqW8rnjwBKilhmUQLaDFVQJb0ryv5HTHMfrtxBA
Request Chain 111
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDzowZC0slH0Xl1g0Hdn01c&google_cver=1&google_push=AXcoOmSctEjxixTX3s4UnWdPSh7c7MhM5RrrlEoOJpmUIo47JUw6bkWnrE4m5p6PbftPUPNjFAXo8TWgmVNrYZU0101rWAFVokUL HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDzowZC0slH0Xl1g0Hdn01c&google_cver=1&google_push=AXcoOmSctEjxixTX3s4UnWdPSh7c7MhM5RrrlEoOJpmUIo47JUw6bkWnrE4m5p6PbftPUPNjFAXo8TWgmVNrYZU0101rWAFVokUL HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE1MjA5OTc4NTIyMzAzMTkyMQ&google_push=AXcoOmSctEjxixTX3s4UnWdPSh7c7MhM5RrrlEoOJpmUIo47JUw6bkWnrE4m5p6PbftPUPNjFAXo8TWgmVNrYZU0101rWAFVokUL
Request Chain 112
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGjB83VX9zOJkylftHhzN50&google_cver=1&google_push=AXcoOmTbIHis3f5iRo1Rtye1QO3Fy9NYoW_bF72t1J3MU5ha7mT8FuD3pwEnvKQK0bsdpanxgj-LMkyUPhzHsVwq4tVmIsIEh7MRgQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTbIHis3f5iRo1Rtye1QO3Fy9NYoW_bF72t1J3MU5ha7mT8FuD3pwEnvKQK0bsdpanxgj-LMkyUPhzHsVwq4tVmIsIEh7MRgQ
Request Chain 114
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEGjB83VX9zOJkylftHhzN50&google_cver=1&google_push=AXcoOmQVIWzthtTkxA8c8HBcNjr-hZn41gAUeVkDWPNs7uaV2XGDK4B1oLvCyKdIWJDmGnFbhAxk05AJoEMNzinrMssyl6_m-4i3XuY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQVIWzthtTkxA8c8HBcNjr-hZn41gAUeVkDWPNs7uaV2XGDK4B1oLvCyKdIWJDmGnFbhAxk05AJoEMNzinrMssyl6_m-4i3XuY HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 115
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEHy36zJnR_DAkjxjrYqmApg&google_cver=1&google_push=AXcoOmQ5n31CY4nsMiI7gxbEHWPRs4oTypQ_V59lwwIreKHX_71FepCwHQHYVm5WWbFiOLfBpEh6XC0bw67JdodB6qcsPDlHmNSoSSM HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEHy36zJnR_DAkjxjrYqmApg%26google_cver%3D1%26google_push%3DAXcoOmQ5n31CY4nsMiI7gxbEHWPRs4oTypQ_V59lwwIreKHX_71FepCwHQHYVm5WWbFiOLfBpEh6XC0bw67JdodB6qcsPDlHmNSoSSM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODk1MTMwMTA1MzgzMzQ2ODQ3MQ%3D%3D&google_gid=CAESEHy36zJnR_DAkjxjrYqmApg&google_cver=1&google_push=AXcoOmQ5n31CY4nsMiI7gxbEHWPRs4oTypQ_V59lwwIreKHX_71FepCwHQHYVm5WWbFiOLfBpEh6XC0bw67JdodB6qcsPDlHmNSoSSM
Request Chain 127
  • https://um.simpli.fi/gp_match?google_gid=CAESEKmSpIvl-YexYsFoLlkhQE0&google_cver=1&google_push=AXcoOmRwEdqCWl_cMOToOQSbkruWq1mkUU3ZftmOZ9b-dsVsgwRmrq9T9cdRix-oQ1Id3Vnk8MuG2pVwAwpZz0Z34S5HKXRmacZc5g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=92094092DF0A4340841270F42541A162&google_push=AXcoOmRwEdqCWl_cMOToOQSbkruWq1mkUU3ZftmOZ9b-dsVsgwRmrq9T9cdRix-oQ1Id3Vnk8MuG2pVwAwpZz0Z34S5HKXRmacZc5g
Request Chain 129
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEF3whesNpTaY2nAdBWPVuq0&google_cver=1&google_push=AXcoOmTiL3bqPBsge0_BcoGhfbdDmpqaNV7tcCzchgn_eadnjgFWGomNObr_ybiQ1GUvm-PEs4RoQVR55T-yFPD3n43O3sMjQZzJYA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=eUdPJzhESZUasSGxOfHOtQ&google_push=AXcoOmTiL3bqPBsge0_BcoGhfbdDmpqaNV7tcCzchgn_eadnjgFWGomNObr_ybiQ1GUvm-PEs4RoQVR55T-yFPD3n43O3sMjQZzJYA
Request Chain 130
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHGPse3mVBIJjZz8IhpC3To&google_cver=1&google_push=AXcoOmR_DBDEvQ-_Q2qWk57lGsWrtJeEUhu1jFqrVC9r-lriXSVBxOur-h74dzn8XiHTureDCXW3O9rWDGPE-yfzekBlcSCtS4uzhA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFHSVVCNkstTi1KSTZD&google_push=AXcoOmR_DBDEvQ-_Q2qWk57lGsWrtJeEUhu1jFqrVC9r-lriXSVBxOur-h74dzn8XiHTureDCXW3O9rWDGPE-yfzekBlcSCtS4uzhA
Request Chain 132
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEGjB83VX9zOJkylftHhzN50&google_cver=1&google_push=AXcoOmTj9pg-JJZ8kXaVdpdCf5KgZ9cUH5CkUbkyluDhYHgeyTH7ZjnhmD1yTl69fUQ5X6hP5oVVgeT3_bMNU-P9JtG8dp-iJO67BA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTj9pg-JJZ8kXaVdpdCf5KgZ9cUH5CkUbkyluDhYHgeyTH7ZjnhmD1yTl69fUQ5X6hP5oVVgeT3_bMNU-P9JtG8dp-iJO67BA HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 133
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECemMGPmCgcqx9igCXHewZM&google_cver=1&google_push=AXcoOmTG1z9fmphCuxvEr7JBETxo6h9NOclQpwae6jEcQyyUuKNY9_z32pJH7ivjGNq0JAgINybP3xQdFVsvR_bYWg1iL7az6ALQHIY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmTG1z9fmphCuxvEr7JBETxo6h9NOclQpwae6jEcQyyUuKNY9_z32pJH7ivjGNq0JAgINybP3xQdFVsvR_bYWg1iL7az6ALQHIY HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 161
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENOWA24WNW45n776_qQQ9C0&google_cver=1&google_push=AXcoOmQBhgBTYefk3KopEw5FkhHmsYzBPftBBAVVw-wCZLmrPoEJgnHQBtXYFS5hRTNULK-pdAZaV_-QFzzUft0cKIKAX4VtlxCH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dFl3dDJ4U00xUmdEaHk1&google_gid=CAESENOWA24WNW45n776_qQQ9C0&google_cver=1&google_push=AXcoOmQBhgBTYefk3KopEw5FkhHmsYzBPftBBAVVw-wCZLmrPoEJgnHQBtXYFS5hRTNULK-pdAZaV_-QFzzUft0cKIKAX4VtlxCH
Request Chain 162
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEL1LUNv8Asv3W_BguzJpGjg&google_cver=1&google_push=AXcoOmTNXWZ3DQmPeeH4560SL09GeMIBKGaLSDEwHdx_FAlWiuySsd8mm2yIAKm_FGEVv1yiXc9ecAvw_VIM-hqLryCo-iPXqehx HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEL1LUNv8Asv3W_BguzJpGjg&google_cver=1&google_push=AXcoOmTNXWZ3DQmPeeH4560SL09GeMIBKGaLSDEwHdx_FAlWiuySsd8mm2yIAKm_FGEVv1yiXc9ecAvw_VIM-hqLryCo-iPXqehx HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTNXWZ3DQmPeeH4560SL09GeMIBKGaLSDEwHdx_FAlWiuySsd8mm2yIAKm_FGEVv1yiXc9ecAvw_VIM-hqLryCo-iPXqehx
Request Chain 163
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDzowZC0slH0Xl1g0Hdn01c&google_cver=1&google_push=AXcoOmQ4jAz9hHXapgdM9_-9llrZlM7gzBvtvXzxJPKmIFroJ8OVdryauQCyzj6w-cjYOnRP6C6blKXQSRBje3IClYsGqip7yVCn HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY2NDIzNDUzOTk1NzEwODcyNQ&google_push=AXcoOmQ4jAz9hHXapgdM9_-9llrZlM7gzBvtvXzxJPKmIFroJ8OVdryauQCyzj6w-cjYOnRP6C6blKXQSRBje3IClYsGqip7yVCn
Request Chain 165
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESECmWUtjcDRrWtRnouhs5HeQ&google_cver=1&google_push=AXcoOmRNhMqqXYMMclnIZBtirKgkbTblI8Cc9FXdZxz4Wcf4Gos2eVfxrt4XiXNQVPbO-XAcVYYXodKWiaeqkP7F-2LUVrdwPbI HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRNhMqqXYMMclnIZBtirKgkbTblI8Cc9FXdZxz4Wcf4Gos2eVfxrt4XiXNQVPbO-XAcVYYXodKWiaeqkP7F-2LUVrdwPbI&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1703242893219 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1e27c462-4877-430c-a868-93eb3e6f316e-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRNhMqqXYMMclnIZBtirKgkbTblI8Cc9FXdZxz4Wcf4Gos2eVfxrt4XiXNQVPbO-XAcVYYXodKWiaeqkP7F-2LUVrdwPbI%26google_hm%3DAx4nxGJId0MMqGiT6z5vMW4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRNhMqqXYMMclnIZBtirKgkbTblI8Cc9FXdZxz4Wcf4Gos2eVfxrt4XiXNQVPbO-XAcVYYXodKWiaeqkP7F-2LUVrdwPbI&google_hm=Ax4nxGJId0MMqGiT6z5vMW4
Request Chain 166
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECemMGPmCgcqx9igCXHewZM&google_cver=1&google_push=AXcoOmTOoJkt-JlUa27kBpikmwLt7awp87fsgh28HTE48eKTHJjib9sK6H0im81v_jNRyNQrZ3fc-tMUV24bf67TisnDMN3S-l0Xbg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmTOoJkt-JlUa27kBpikmwLt7awp87fsgh28HTE48eKTHJjib9sK6H0im81v_jNRyNQrZ3fc-tMUV24bf67TisnDMN3S-l0Xbg HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 170
  • https://um.simpli.fi/gp_match?google_gid=CAESEKmSpIvl-YexYsFoLlkhQE0&google_cver=1&google_push=AXcoOmSgRVTv0rI6pUJTIZWbi5VrWm_OH4CNJOS8r5XdtJhUcEe3YxDAzGQYSkwy_Vp_9VfyFTA5s7J52i70HiJCyfqaKMTcSVig HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=92094092DF0A4340841270F42541A162&google_push=AXcoOmSgRVTv0rI6pUJTIZWbi5VrWm_OH4CNJOS8r5XdtJhUcEe3YxDAzGQYSkwy_Vp_9VfyFTA5s7J52i70HiJCyfqaKMTcSVig
Request Chain 172
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHGPse3mVBIJjZz8IhpC3To&google_cver=1&google_push=AXcoOmT2xEj12KW8NAj4bi78artyaKuHwdpFcF7EiPK-xcbJiVRkDDrpHjlOWIKoGQvEI5vTE0bIY2MZkLcsMYEDKXXU5Z8G6Lo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFHSVVCOE8tMTMtSzA3Sw==&google_push=AXcoOmT2xEj12KW8NAj4bi78artyaKuHwdpFcF7EiPK-xcbJiVRkDDrpHjlOWIKoGQvEI5vTE0bIY2MZkLcsMYEDKXXU5Z8G6Lo
Request Chain 173
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOhiMUubKFKX2a_EPnTAuDU&google_cver=1&google_push=AXcoOmRM38dVldt7SdXZ-TVbLOzqH3JjwnSOI-egYKK6pW86dv5_JjD7DsbRLhpw7MH3k5bjnlAWs-Rkt3UB3J42Qm2IeU0-6Y2B HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOhiMUubKFKX2a_EPnTAuDU&google_push=AXcoOmRM38dVldt7SdXZ-TVbLOzqH3JjwnSOI-egYKK6pW86dv5_JjD7DsbRLhpw7MH3k5bjnlAWs-Rkt3UB3J42Qm2IeU0-6Y2B&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOhiMUubKFKX2a_EPnTAuDU&google_hm=ZYVsjfZiGd6ghCryqwmsHwAAFKoAAAAB&google_nid=index&google_push=AXcoOmRM38dVldt7SdXZ-TVbLOzqH3JjwnSOI-egYKK6pW86dv5_JjD7DsbRLhpw7MH3k5bjnlAWs-Rkt3UB3J42Qm2IeU0-6Y2B
Request Chain 174
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEGjB83VX9zOJkylftHhzN50&google_cver=1&google_push=AXcoOmSi1kVz64WPryjs4GSKl6XvzzY5ra6xkoMAOEhwcNrfXIh7ERk4fjWXE6arZT74PZ3CdZkKcLmesiq5n91dEnwGNLwxkOoyrg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSi1kVz64WPryjs4GSKl6XvzzY5ra6xkoMAOEhwcNrfXIh7ERk4fjWXE6arZT74PZ3CdZkKcLmesiq5n91dEnwGNLwxkOoyrg HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 175
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEHy36zJnR_DAkjxjrYqmApg&google_cver=1&google_push=AXcoOmTBD2ELzsoj6ek979Hy4QP_C6qfOgndxCYVQAsARbjlIQfY9WjxDudttW_LW2GH-DiZMSfDeEtg2lfOxysNUCMbVv7e1qfXzw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODk1MTMwMTA1MzgzMzQ2ODQ3MQ%3D%3D&google_gid=CAESEHy36zJnR_DAkjxjrYqmApg&google_cver=1&google_push=AXcoOmTBD2ELzsoj6ek979Hy4QP_C6qfOgndxCYVQAsARbjlIQfY9WjxDudttW_LW2GH-DiZMSfDeEtg2lfOxysNUCMbVv7e1qfXzw
Request Chain 242
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CJDqi53yooMDFc-T_QcddFUF7w;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1703242893_77f2d161-a0b9-11ee-a9f2-22382f104756
Request Chain 256
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneiddk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPWoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1703242893_77e20880-a0b9-11ee-86a2-223889379c61&insert=AW&&gdpr=0&gdpr_consent=

261 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
www.xgcartoon.com/detail/
97 KB
20 KB
Document
General
Full URL
https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6131dc1f5f4917d39d60cc5a0acdf6cc86983144801036d6a6dfde7e265a1b00

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 22 Dec 2023 11:01:27 GMT
etag
"185c0-2Hx2wRUQtLI9BfquBbcMEeI0Sgs"
expires
Fri, 22 Dec 2023 11:02:27 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/
278 KB
72 KB
Script
General
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0435079f9a4a1280a9ccfbb593d29768c3f96b4cd7b0c6ee2134f820b5f65cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 22 Dec 2023 11:01:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73141
x-xss-protection
0
server
sffe
etag
"20620290c9309704"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 22 Dec 2023 11:01:27 GMT
amp-ad-0.1.js
cdn.ampproject.org/v0/
82 KB
24 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-ad-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb22b6f1eaa16879c8550599bc09f556bba897ecd3826a49db742558c1e0751a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 22 Dec 2023 11:01:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23125
x-xss-protection
0
server
sffe
etag
"03885caa855825de"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 22 Dec 2023 11:01:27 GMT
amp-autocomplete-0.1.js
cdn.ampproject.org/v0/
29 KB
9 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
878a2cd75957206fa5958be9c549e0b8f9adf16b6ae5aa305b1405649f2d84a5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 22 Dec 2023 11:01:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9459
x-xss-protection
0
server
sffe
etag
"8a483731af74fd28"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 22 Dec 2023 11:01:27 GMT
amp-form-0.1.js
cdn.ampproject.org/v0/
50 KB
15 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-form-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e40d97b983b5756bf934b6b97d8d3fbb7cd719406bf82fee6e8a2c1acced376d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 22 Dec 2023 11:01:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14979
x-xss-protection
0
server
sffe
etag
"5c37322451a9f07d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 22 Dec 2023 11:01:27 GMT
amp-mustache-0.2.js
cdn.ampproject.org/v0/
45 KB
15 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-mustache-0.2.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83af0c09a4f51158ec41f22995415aad509db6ef38d91c7feda2503acf5c49f6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 22 Dec 2023 11:01:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15383
x-xss-protection
0
server
sffe
etag
"10ecb1b2e6eeaabe"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 22 Dec 2023 11:01:27 GMT
amp-social-share-0.1.js
cdn.ampproject.org/v0/
14 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-social-share-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dfc3120b346b740f323485e3711448804353c1c5c213ec822a6ff76e0c7b8ad
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 22 Dec 2023 11:01:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4740
x-xss-protection
0
server
sffe
etag
"e23d2a0d990fab56"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 22 Dec 2023 11:01:27 GMT
amp-sticky-ad-1.0.js
cdn.ampproject.org/v0/
40 KB
10 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dca1a0dc1f2b52f18cf46789de016d2937b1829b3f2db9a19aa78f31a9694e5a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 22 Dec 2023 11:01:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10344
x-xss-protection
0
server
sffe
etag
"710c75735c511774"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 22 Dec 2023 11:01:27 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/
110 KB
32 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10a9496c968fb01e420759b953e1c683c7620261d4d04ae9a290d42dd63d4455
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 22 Dec 2023 11:01:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32187
x-xss-protection
0
server
sffe
etag
"f62e83b3b94bc414"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 22 Dec 2023 11:01:27 GMT
/
c.statcounter.com/12916097/0/c55d9f9f/1/
49 B
468 B
Image
General
Full URL
https://c.statcounter.com/12916097/0/c55d9f9f/1/
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
cf-ray
8397ddf09bc67188-FRA
content-length
49
expires
Mon, 26 Jul 1997 05:00:00 GMT
logo.png
www.xgcartoon.com/img/
13 KB
13 KB
Image
General
Full URL
https://www.xgcartoon.com/img/logo.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:27 GMT
last-modified
Sun, 28 Aug 2022 14:10:33 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"3473-182e4ca3706"
content-type
image/png
cache-control
max-age=180
accept-ranges
bytes
content-length
13427
expires
Fri, 22 Dec 2023 11:04:27 GMT
guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan.jpg
static-a.xgcartoon.com/cover/
169 KB
170 KB
Image
General
Full URL
https://static-a.xgcartoon.com/cover/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan.jpg?w=230&h=280&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de6f3845be49878afb5314dd5297e48423a4e952b0ad7fc367627de0338d49d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:28 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 01:35:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
29224
etag
"86FC2EE28560ED1682496CF88EE9E17C"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4yz4dzq726K6DFek4PDKuYNpK9BW9C6QR6ecPZljRWy50JYo%2B%2FipPiEyPQftyKrMAp%2BP6Pb3DoA4W7gbgNstvPVXy%2FlqgqNy4JETm%2B%2B%2BTug3%2FKksU%2BldR4ReYegopgeTvhvr4Avynfg5ETQYYFyQR%2FkRrEo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
8397ddf2df369b49-FRA
content-length
173219
expires
Sun, 24 Dec 2023 12:02:29 GMT
play.png
www.xgcartoon.com/img/
470 B
667 B
Image
General
Full URL
https://www.xgcartoon.com/img/play.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:28 GMT
last-modified
Wed, 17 Aug 2022 11:09:20 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"1d6-182ab7e5700"
content-type
image/png
cache-control
max-age=180
accept-ranges
bytes
content-length
470
expires
Fri, 22 Dec 2023 11:04:28 GMT
star.png
www.xgcartoon.com/img/
424 B
621 B
Image
General
Full URL
https://www.xgcartoon.com/img/star.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:28 GMT
last-modified
Wed, 17 Aug 2022 11:09:12 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"1a8-182ab7e37c0"
content-type
image/png
cache-control
max-age=180
accept-ranges
bytes
content-length
424
expires
Fri, 22 Dec 2023 11:04:28 GMT
guangzhimeishaonvjuchangbanhejiriyu-dongtangquan.jpg
static-a.xgcartoon.com/cover/
91 KB
92 KB
Image
General
Full URL
https://static-a.xgcartoon.com/cover/guangzhimeishaonvjuchangbanhejiriyu-dongtangquan.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8013407130f3d1c34679b5d4a3ca7d56ce95e0a656d501bf0920e8bd8732b6a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:28 GMT
cf-cache-status
HIT
last-modified
Tue, 19 Sep 2023 00:30:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
43086
etag
"940062558EBFE44CF53ED01AE9AC1FEA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jC%2B6E2BA8rsI3khNd6My4IY3DlSh80OWQvtFAPrVn6OSMVk7cizQTgIGojGoXiQtmR4BVlW%2FJ%2BPlNb9D1C%2FhP79kFZbgO0nHQR0NtB8B%2BENxp%2BpGQ%2FPmbKu7nuCjaKMsyOchvXUAAYcnGC%2BKk3jKdSpc0U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
8397ddf2df3b9b49-FRA
content-length
93564
expires
Sat, 23 Dec 2023 05:39:09 GMT
youxiwang_di5ji_arc-vyouxiwanghuguang-wuriyu-gaoqiaohexi.jpg
static-a.xgcartoon.com/cover/
25 KB
26 KB
Image
General
Full URL
https://static-a.xgcartoon.com/cover/youxiwang_di5ji_arc-vyouxiwanghuguang-wuriyu-gaoqiaohexi.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b8fd957271a7089ccbf728bf63e93fd5de3d78b076ad856a91bed46b09d5abf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
29226
content-length
25636
cf-bgj
h2pri
last-modified
Tue, 03 Jan 2023 09:34:10 GMT
server
cloudflare
etag
"9D5579EF044E32A5D2AD4C4FAE6EEBDD"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMDXz4Oq1E67A5o0CShHildgSTxNtN5f%2BZFpok48bb6sGICjxnJj5RavRgrddxM5X4pXXl61hwNcQ3DIVo8ZRIukHU7YmlrV2BA941l%2FpWe%2BKJX5%2FDFZqCE7PObkzXcj5YtOqnE%2BskOrDrSXiNOVlQHQMDc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
8397ddf2df379b49-FRA
expires
Sat, 23 Dec 2023 14:05:50 GMT
guangzhimeishaonv_shishangtianxinkirakiraguangzhimeishaonv_a_la_modekirakirapretty_cure_a_la_moderiyu-tianzhongren.jpg
static-a.xgcartoon.com/cover/
95 KB
96 KB
Image
General
Full URL
https://static-a.xgcartoon.com/cover/guangzhimeishaonv_shishangtianxinkirakiraguangzhimeishaonv_a_la_modekirakirapretty_cure_a_la_moderiyu-tianzhongren.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95f9669f86fe28fac80e3a754575893953ce4880b37490c44fb603257ccfd95b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:28 GMT
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 00:54:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
29225
etag
"44B8FC9869B28AC50168C1C25FE7400B"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EKkNYjWLv%2BHAwwW6btQz45Tj9OAYE1UDO%2BrKDMPqJq9mYJcr5pEuOMAxLIP3BFYEdB5h1wrjAaHjbD5kaFsBjB72gejqBUDC8SaHgI76KeD%2BeArqQeFvxrmoSmL21vinEJTCvV7AHOwZcJYyN5YPM7SHB6w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
8397ddf2df399b49-FRA
content-length
97771
expires
Sat, 23 Dec 2023 07:30:27 GMT
xitongbiwozuohuanghou_dongtaimanhua-liuyuexuegongzuoshi.jpg
static-a.xgcartoon.com/cover/
83 KB
83 KB
Image
General
Full URL
https://static-a.xgcartoon.com/cover/xitongbiwozuohuanghou_dongtaimanhua-liuyuexuegongzuoshi.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac79466527bbddc1f62ebc9439506bf48c8c6f19cfbb8e2bb71541c45e0e032d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:28 GMT
cf-cache-status
HIT
last-modified
Thu, 15 Dec 2022 12:57:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
29225
etag
"E81F01E9640F73669094983EFA490030"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shZ6Nal%2BikGWeCHibvNxsVN6oOPBnCqf%2BveGGkMZeyM8qp%2BTXSdKsr6eXBNufyvhiSH8byDpA2JUXUiqtHrEH7SposJe%2B%2BYy4S0i6wNcBRvPQht5oeSDiRn6hmbZ2xT9%2BIkzb3%2Fq6BY8arPWS8kElnDBCsQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
8397ddf2df3c9b49-FRA
content-length
84563
expires
Fri, 22 Dec 2023 08:48:36 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012312012346000/v0/
8 KB
3 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012312012346000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e2aa31ea0b4c14103915ba7d906536f68d021c22d3038b36c145bc2e6a2cc1d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 19 Dec 2023 17:16:01 GMT
age
236727
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2975
x-xss-protection
0
server
sffe
etag
"a9f93cfafa19b094"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 18 Dec 2024 17:16:01 GMT
truncated
/
393 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
953 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
792 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
440 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
394 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
308 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
227 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
154 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
amp-ad-network-doubleclick-impl-0.1.js
cdn.ampproject.org/rtv/012312012346000/v0/
237 KB
62 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012312012346000/v0/amp-ad-network-doubleclick-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d50653c6b567749e8af96b01371c0830a1ab0731ac3e13230bc12913e00c4f52
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 19 Dec 2023 17:16:24 GMT
age
236704
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63654
x-xss-protection
0
server
sffe
etag
"7d5e78ba8c7d5e5d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 18 Dec 2024 17:16:24 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012312012346000/v0/
12 KB
4 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012312012346000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c54442f21c2cbd18f8e6e2508129e77dab00b67022621679202cfe3b9baa4e9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 18 Dec 2023 06:27:05 GMT
age
362063
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3942
x-xss-protection
0
server
sffe
etag
"4694a1430564add5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 17 Dec 2024 06:27:05 GMT
ads
securepubads.g.doubleclick.net/gampad/
33 KB
14 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_header&adk=1412529771&sz=728x90%7C728x90&output=html&impl=ifr&ifi=1&msz=1200x-1&psz=1200x-1&fws=4&adf=2815854195&nhd=0&adx=436&ady=120&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=7005904&ga_cid=amp-XbxgKKOQKxwjR7osDQVOig&ga_hid=5904&dt=1703242888208&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan&bdt=542&dtd=9&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d3334cb8e61a3c61e708b657e644941f8f70d86f10d9b8d9f2a8308b39b6701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:28 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13696
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
CKzozpryooMDFT8sVQgdjCkD-Q
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
107027455233
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Fri, 22 Dec 2023 11:01:28 GMT
ads
securepubads.g.doubleclick.net/gampad/
32 KB
14 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_vrec_1&adk=3018598273&sz=320x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=2&fluid=height&msz=232x-1&psz=232x-1&fws=4&adf=1409058554&nhd=0&adx=350&ady=819&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=7005904&ga_cid=amp-XbxgKKOQKxwjR7osDQVOig&ga_hid=5904&dt=1703242888208&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan&bdt=542&dtd=10&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
acec4320ad0885b9cbfe0e0c48f053349f07b44ca764cacf2b5940bbdd0b90c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:29 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
x-creativesize
120x600
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13680
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
COuFz5ryooMDFRP_EQgdT40LXg
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
138351399062
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Fri, 22 Dec 2023 11:01:29 GMT
ads
securepubads.g.doubleclick.net/gampad/
33 KB
14 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_hrec_1&adk=948107268&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=3&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=2674978360&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=7005904&ga_cid=amp-XbxgKKOQKxwjR7osDQVOig&ga_hid=5904&dt=1703242888208&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan&bdt=542&dtd=10&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c016b97948d1832765d77dccc9eec9db6da68e15bd39e904ba2ad86c7d11c20c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:28 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
google-mediationgroup-id
-2
x-creativesize
300x100
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13706
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
CLnRzpryooMDFYwyVQgdysgFcA
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
138353942502
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Fri, 22 Dec 2023 11:01:28 GMT
ads
securepubads.g.doubleclick.net/gampad/
33 KB
14 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_vrec_1&adk=132656383&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=4&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=1627611741&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=7005904&ga_cid=amp-XbxgKKOQKxwjR7osDQVOig&ga_hid=5904&dt=1703242888208&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan&bdt=542&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f1ea0482ac03225cda20a2b6ac7672db9066ca26dd0ac9c2e2be6e27ed2544c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:28 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
x-creativesize
300x50
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13709
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
CIPLzpryooMDFSUwVQgdRZEItA
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
138353942361
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Fri, 22 Dec 2023 11:01:28 GMT
ads
securepubads.g.doubleclick.net/gampad/
33 KB
14 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_hrec_1&adk=156774037&sz=320x50%7C728x90%7C468x60&output=html&impl=ifr&ifi=5&fluid=height&msz=892x-1&psz=892x-1&fws=4&adf=1662822972&nhd=0&adx=954&ady=1033&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=7005904&ga_cid=amp-XbxgKKOQKxwjR7osDQVOig&ga_hid=5904&dt=1703242888208&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan&bdt=542&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3374f10dfed2ff562a68ac020cd5f30365b4d23d56dcf688698bd16b9121eaf1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:28 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
x-creativesize
468x60
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13691
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
CO_XzpryooMDFXgAVQgdBzYKYg
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
138353942298
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Fri, 22 Dec 2023 11:01:28 GMT
googleanalytics.json
cdn.ampproject.org/rtv/012312012346000/v0/analytics-vendors/
2 KB
886 B
Fetch
General
Full URL
https://cdn.ampproject.org/rtv/012312012346000/v0/analytics-vendors/googleanalytics.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.xgcartoon.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 21 Dec 2023 16:06:47 GMT
age
68081
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
856
x-xss-protection
0
server
sffe
etag
"e666ca0e175b1b23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 20 Dec 2024 16:06:47 GMT
ga4.json
www.xgcartoon.com/js/
4 KB
2 KB
Fetch
General
Full URL
https://www.xgcartoon.com/js/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2

Request headers

Accept
application/json
Referer
https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
AMP-Same-Origin
true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:28 GMT
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 10:49:40 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"11d8-187c255423d"
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
cache-control
max-age=180
accept-ranges
bytes
expires
Fri, 22 Dec 2023 11:04:28 GMT
container.html
204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/
0
0
Other
General
Full URL
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

collect
region1.google-analytics.com/g/
0
256 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-8WE8LSVZQB&ds=AMP&_p=5904&cid=amp-XbxgKKOQKxwjR7osDQVOig&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan&dr=&dt=%F0%9F%8D%B8%E5%85%89%E4%B9%8B%E7%BE%8E%E5%B0%91%E5%A5%B3%20%E7%AC%AC12%E5%AD%A3%EF%BC%88Go%EF%BC%81PRINCESS%E5%85%89%E4%B9%8B%E7%BE%8E%E5%B0%91%E5%A5%B3%EF%BC%81%EF%BC%89%E3%80%90%E6%97%A5%E8%AA%9E%E3%80%91%20%E5%85%8D%E8%B2%BB%E9%AB%98%E6%B8%85%E5%8D%A1%E9%80%9A%E5%8B%95%E6%BC%AB%E5%9C%A8%E7%B7%9A%E7%9C%8B%20-%20%E8%A5%BF%E7%93%9C%E5%8D%A1%E9%80%9A&_fv=1&_ss=1&__dbg=1&en=page_view&sid=1703242889&sct=1&seg=1&_et=0&gcs=
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.xgcartoon.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:01:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.xgcartoon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C1D6
6 KB
3 KB
Document
General
Full URL
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:01:28 GMT
expires
Sat, 21 Dec 2024 11:01:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A043
6 KB
3 KB
Document
General
Full URL
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:01:28 GMT
expires
Sat, 21 Dec 2024 11:01:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C1D6
24 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 10:17:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
2624
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 21 Dec 2024 10:17:44 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame C1D6
25 KB
10 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
94aea748a7ee24920e714e2e7f90b23d48298e7a79ae1c666308e020ab157a3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10281
x-xss-protection
0
server
cafe
etag
4475361942733572661
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:01:28 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C1D6
203 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:01:28 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A043
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 10:17:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
2624
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 21 Dec 2024 10:17:44 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame A043
25 KB
10 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4644c8170155f76f5c8812e6de5625011b0dab3ea1dccc9ea1df6ead950243c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10277
x-xss-protection
0
server
cafe
etag
7950335512591570027
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:01:28 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A043
203 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:01:28 GMT
container.html
204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3138
6 KB
3 KB
Document
General
Full URL
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:01:28 GMT
expires
Sat, 21 Dec 2024 11:01:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame C1D6
0
438 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkfS9m6RtY48_CPot_qXR4AiDto_bf_zCdNmr3p0DAx-VwToYIUfg2XVmS71kKbdx6NNo8Zw8euH3HX_AFMhzMFbgk-SSn8_CQTNsuxg9q2KrZnsas02eNFk9TeNfEm1BvCiWGjFoZWzSNEZovZE8VdJPstF-uUHvuk0vDEtj7S4qe4Ba2gphaq7EcVw1_SB_ObvDUBgn_reFTNmZHRadO-kQ12miyb04GC77rAtvquKwEhCAPOvl5F3VYRlmWLwNZY3U_JjDX6kruo7m_a_bGRnOUZOiM3qETX3MKivkiBOGSvwqgTrVhfdkSEKiiI7UmABYXjlPO1b67hbJER3jwg6r2RIANfVXW6H0q5uWphvzThbZHU2nR9rKFxpOgf_3X7mD8FIZi5oMkoTQVUw&sai=AMfl-YS5ioulVk0isRUELJPnHZX3glNfSsAGFE3BR2Q2aCDmfV8Lj_K3MqwXYUhmoQwfIo8mWwFD99k8npjj2R8&sig=Cg0ArKJSzMbGhHXEZoftEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 22 Dec 2023 11:01:28 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame C1D6
145 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25032c8c8a338369d566c3325a7395222ce48fa86a4f78ddc0b75c739b175927
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51247
x-xss-protection
0
server
cafe
etag
7098985119399978114
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:01:28 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A043
0
292 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvF0LtW66vQ5KGQINiCQCO7uy_Ogc0YPAgG306xhoykCQGrscMXzhLjXF1R9q8MtAYwm3GPjnejl1vJ4sy14t5TySnjuqMlY4TFydvJdbJANuecrl22Do0Rrj8k8K6806cIiOY-bi77IzmjX2qldeUrtRfsPdcT5MxNNHf9llqcrWFPpkJbs4j1_Xo6qrbNOJRkkVPGVsA009jDkEg2SeLkYYpRkMWProLSr_7b8Tp-hAFQDSmnhhZIeNeSl7Po2edUPWE6rgUM70eyJb45Et8wPpWIs8cMWR2X8cYXODC2aRU5wdodzQ9WGBksQXIFwnp7_O4i6PoEy8aMuU7Hz6k9CLMxbiWwYAXUWqtV63kWA78DxhniHBTmyXEQ4ZrpoIxavmazTKoP9_5aoERs&sai=AMfl-YT6Ttqq8rK4CpxgMqNH9BGxpN3tbFrACkUEqBCGG4DxjkNJSF_TLHtmXPS_bQhsDlqXoVCu3aKVDfWbGHk&sig=Cg0ArKJSzEDuPMFm2b3nEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 22 Dec 2023 11:01:28 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3138
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 10:17:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
2624
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 21 Dec 2024 10:17:44 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 3138
25 KB
10 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4644c8170155f76f5c8812e6de5625011b0dab3ea1dccc9ea1df6ead950243c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10277
x-xss-protection
0
server
cafe
etag
7950335512591570027
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:01:28 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3138
203 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:01:28 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame A043
145 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf7e7f92b22ca9527fe6cfea0ca1578a6422262631baed0f863136a8d18a12d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51250
x-xss-protection
0
server
cafe
etag
7996861451762423474
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:01:29 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3138
0
314 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsutujnnkmTkIL7q-EM5IPzARD63GPLrh3UcGSzU1z_DWoZec55ug6iztHW9dYeWQ_LZt5tRIz892HgU4a_mFVWBWhezVJe7BQ1atCJ5IF4HVnhkBAPLMKbLg-aa44zY8oMQ_wHAm3NsYHvcKK4HX-U9aXkXkobAV_e3qjv3dMN_duig2vOzaPAKoTQ4QBmpMaXk2zcq7qC4h0doEYvMIvj-ivKhxDhN_bxKV338aowQcQ3ShIMV8JzAs2MC0TlQCmK2qbxJ3KmGJ0t8OW-vkCCDzbX5lWfpBUGPxPvBiStYyX2lSeWG10ZLYib_rHY8A6QpBKajgJ4eewNfspOCLXMf2HlkfjYiHOaTt01PJgQnzK9buNUGun9idVbOJ2mC8JT1SO3xXkHjGIQ5QzTZQA&sai=AMfl-YTxwCnwdzYkq8dCCu5CKGSlGfN67jUZ5Iz3CXSw2kJ9VkNKZfYR05WIHX7wtXbAt1jY1GKZwfH6eiWV2I4&sig=Cg0ArKJSzOuoG0hYK5wkEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 22 Dec 2023 11:01:29 GMT
container.html
204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F791
6 KB
3 KB
Document
General
Full URL
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:01:28 GMT
expires
Sat, 21 Dec 2024 11:01:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 3138
145 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f5ae660a918eba08ad016ea2851d5f712d6f0d8bbddd7c64191e39796c65efa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51247
x-xss-protection
0
server
cafe
etag
11810279139941555738
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:01:29 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F791
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 10:17:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
2625
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 21 Dec 2024 10:17:44 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame F791
25 KB
10 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c93dd298a227decbcbc5fcc458c787f081db10425e322950458c08e0656384d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10277
x-xss-protection
0
server
cafe
etag
8188157995017847591
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:01:29 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F791
203 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:01:29 GMT
truncated
/ Frame C1D6
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8871a6898febb707d23932c32a71b4b21eabdb61a08888195f7e408001ee9f5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame C1D6
399 KB
135 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00ec1365c05b2843c4e57ff0b5006e9501b19c4138d7d1286a7d42ab133b0d03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137955
x-xss-protection
0
server
cafe
etag
8860941966186872456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:01:29 GMT
zrt_lookup_inhead_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 0FA0
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_inhead_fy2021.html?hello=world
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05e08c808879f06b105eb9a706db9efc115a1ad6a3bdd536d8cac7868012ef4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
23693
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4124
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 04:26:39 GMT
etag
17470903016016266172
expires
Fri, 05 Jan 2024 04:26:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3138
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0cbb4a1e80cdad6d5c96c1353aff383e743af61e8d5b157e3379694684b66ade

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
container.html
204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E8EF
6 KB
3 KB
Document
General
Full URL
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:01:28 GMT
expires
Sat, 21 Dec 2024 11:01:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame F791
0
26 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUVVtq3VPDbsIpCdOcKPDo5qUZjFPgAKqqThtRa261AFKGQFyy8wwfbMoctoLIC6BTAbuxfc7gJUsCygBjDZhWqM38MySfDqReobreV1mA53uaj0hZcwDH3_X4ADsaYgY41IppnKHQ1uZhYDKtC2tVig4J5dLZt8w_x35oyUv-Bd34_Zvy-RLPcRiVwRTRMVIlXqms0f012wtlxpWr25FRL1sdQCVmS4v0sNi0bObanO-JDUGVvpmVaxSN8mqG7e5f5NW2ktyX1xDk07wM4N_P3BPHdocIMgEw_y5yliJJBtL3CsG6kY9viTuHpZMWaAaomhGxF6vFtzDdlRSvtcMPF74Yi98IrP2UaGsSziMVhMOrIVkEpEBO7UYkZAG5y0qzUmZ4KIfOUoSmdKnn&sai=AMfl-YRkbaKk44IbD0oJCfdtEemPj-x0uS6MgYcT-mNOR-Lx6wHv2yO6OSHyMCWawMu9pYUmhKCs3aN0nIuDdOI&sig=Cg0ArKJSzB2gNzMnXjktEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame F791
145 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61b795b4b86772a190d146eabb64cfc867f858c9311ddbbecee0a76e4ce2b57b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51247
x-xss-protection
0
server
cafe
etag
16413138946788925854
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:01:29 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame A043
399 KB
135 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
657f06943a34735f0a25f30c9ea05c15e24c0985bbdb771e615182b03e03fa9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137959
x-xss-protection
0
server
cafe
etag
4616032106021055364
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:01:31 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame 3138
399 KB
135 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00ec1365c05b2843c4e57ff0b5006e9501b19c4138d7d1286a7d42ab133b0d03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137955
x-xss-protection
0
server
cafe
etag
8860941966186872456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:01:32 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame E8EF
25 KB
10 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4644c8170155f76f5c8812e6de5625011b0dab3ea1dccc9ea1df6ead950243c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10277
x-xss-protection
0
server
cafe
etag
7950335512591570027
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:01:32 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E8EF
203 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:01:32 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E8EF
0
26 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOPQsg10CN1fgUn78FuoGyTAbwY9jTWeMz0cZIJLNQV4SfkSGQCvwcwPl3o8imF5Uhs1sXVKACtiYb1bTfIwHddvwmy40EQdltyo5VnipOx8XhJb2lqhVlaKZnq3Vf40bmn8jUPxyvd4fpJVhDJGwvCm6Kcz0knOuBBwIZx0lKsaVlq5taRIgddTVSm01k--ILFLopNEhMPs3EeiQOoJ095xkfRWg_43iiZ4ZcDOIRSv8QW2jtBTvMHliiqlLPCS0FCP2zu3cAdyWIj5_9qyQmUpuQVwrst2Oc5eSiE79PCCTDW7BYbIJxlNvtrU8i4HC1gt91ielIFxSmO5_mmayJXslXOjPGzWiM3RDDWy13nphDfbcfLOkqlag6Lab5aXDnVzTe7Wny55Hj9YDRig&sai=AMfl-YRy0kVFrqtvJDr849F2ZKuCd05rPuhcVy7y-2-No0EIx22QKJCPp8bdzQJc5mAYkBDAWGmX2hESSRGTUNg&sig=Cg0ArKJSzFFypUlEPcvUEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
URL: https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame E8EF
145 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58307ba9ff94049bd067f1f1c986f76144e3b77c87ef8776f2b3c8f523f2bf44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51247
x-xss-protection
0
server
cafe
etag
13535122144597701529
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:01:32 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame F791
399 KB
135 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
48996e74bebf44867bdf2ad3fc3a2fd7a9f7f7b9317e6a652f8e6191cfef90e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137965
x-xss-protection
0
server
cafe
etag
3206125949629391187
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:01:32 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 36F1
48 KB
17 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1280467831&adf=3173046732&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888920&bpp=178&bdt=150&idt=3222&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=1137090130&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079979%2C44795921%2C44809004%2C95320884&oid=2&pvsid=4053400509795091&tmod=1632843462&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ktek2ykiwrgc&fsb=1&dtd=3231
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c79ac6cfee8e008a056c553c31aebea9faf21e90d1f8ca4e5fcf7367531aa868
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
17233
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:01:32 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame E8EF
221 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f5458d67488ccf7174d16072d151922758b6f084626a799a242ca5cb28d02526

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
ads
googleads.g.doubleclick.net/pagead/ Frame 5518
39 KB
16 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=482000826&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888951&bpp=216&bdt=166&idt=3212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=3970707060804890&tmod=349667132&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iblt9knfzq7t&fsb=1&dtd=3219
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf13e4e510802d75f0c3f6062d74bfdd1c4e2a0d6e54de7a92e1b0005c23e38b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
16278
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:01:32 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame E8EF
399 KB
135 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1db88f073601d3e30002743d54a64924a0719eef98c5462c34215148781b79b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137966
x-xss-protection
0
server
cafe
etag
5134237550300926796
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:01:32 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 079F
38 KB
16 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889044&bpp=2941&bdt=115&idt=3202&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3422866323&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079759%2C42532523%2C44795921%2C95320884&oid=2&pvsid=510619576081689&tmod=930227628&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ocue0moz9rkc&fsb=1&dtd=3204
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95db46ef48897d5028f019e9089af3e8e0b8aad3fe358fc3d1e19cfce72da8ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
16122
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:01:32 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 13BF
48 KB
17 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889134&bpp=2967&bdt=88&idt=3265&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C31079979%2C44809531%2C95320869%2C95320884&oid=2&pvsid=1570296872092261&tmod=982348649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ojcf858v2p6&fsb=1&dtd=3272
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d03f4d2bc051e30a3e7200e115681be89ce1525e56ae6040c0f2ef93e4df328f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
17199
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:01:32 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7DBE
39 KB
16 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242892081&bpp=131&bdt=92&idt=332&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1137205606&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531706%2C95320884&oid=2&pvsid=2231393102354728&tmod=1615939969&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ciatwd3whlet&fsb=1&dtd=337
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b44d8b78b9da842ebc8110ce6ab2389ae44f9704c9de7f5e72cf72b9b1a35388
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
16376
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:01:32 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
error_handler.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5518
8 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/error_handler.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=482000826&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888951&bpp=216&bdt=166&idt=3212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=3970707060804890&tmod=349667132&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iblt9knfzq7t&fsb=1&dtd=3219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98943ace7e40462eae22caf1645fadbf7e7d59b696cd3ed0391837e0efa41801
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 20:51:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
50986
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3480
x-xss-protection
0
server
cafe
etag
1596694241577312856
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 20:51:46 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5518
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=482000826&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888951&bpp=216&bdt=166&idt=3212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=3970707060804890&tmod=349667132&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iblt9knfzq7t&fsb=1&dtd=3219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 10:17:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
2627
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 10:17:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5518
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=482000826&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888951&bpp=216&bdt=166&idt=3212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=3970707060804890&tmod=349667132&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iblt9knfzq7t&fsb=1&dtd=3219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
32833
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 01:54:19 GMT
l
www.google.com/ads/measurement/ Frame 5518
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRrY5p4Et37-udpAkL6HA3ID9doZdySaJ00y_hwWm9vFb_N6br2x56353bULVaSqrSBnD0dyTUJN4qx8u8EBuj-M1q1Fg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=482000826&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888951&bpp=216&bdt=166&idt=3212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=3970707060804890&tmod=349667132&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iblt9knfzq7t&fsb=1&dtd=3219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 5518
203 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=482000826&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888951&bpp=216&bdt=166&idt=3212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=3970707060804890&tmod=349667132&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iblt9knfzq7t&fsb=1&dtd=3219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:01:32 GMT
error_handler.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 36F1
8 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/error_handler.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1280467831&adf=3173046732&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888920&bpp=178&bdt=150&idt=3222&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=1137090130&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079979%2C44795921%2C44809004%2C95320884&oid=2&pvsid=4053400509795091&tmod=1632843462&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ktek2ykiwrgc&fsb=1&dtd=3231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98943ace7e40462eae22caf1645fadbf7e7d59b696cd3ed0391837e0efa41801
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 20:51:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
50986
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3480
x-xss-protection
0
server
cafe
etag
1596694241577312856
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 20:51:46 GMT
dr
as.ad4m.at/ad/ Frame 4527
2 KB
3 KB
Document
General
Full URL
https://as.ad4m.at/ad/dr?ed=1hyrtxbjtezax0agkm65gpxaydgp7z5bm5r0dbsbvzw7jpkk71hre35yerz6tghgw275m26qzk3a2a4vf0gb9nsq46hs364dzd27bsj6965esr3w1jt04h08ab4hwmdgyyg2924rgz0yhhg5s6nz7xymvwvmptbrh7av1k69gc9fd5w1wys6cvzsk115x10smj3knp0sry42wzp24q9crr4kmc8k2ctqq1tjsspg720523zhscer2cqjtjqcytx65eenksgsryhj1w94xz0s9cy9vma0sbehar5a8exv7cb73mq9fpkfk1jvg63htwpdybrj31hhz4b1r08w7arzgwgpdjv1ptym7ntmsb4erxpp0p69ywavxz7arcds8txeakd3jb0snwnqpkcrwfhpg1xsap1c5rbzdqzgerx7j56kfj7wf60sycjkczj7b1m09m13nk5s&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCagb0jGyFZdm8DMSn9u8P9v6bsAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0BxRWrgw_MqYX9BGT2-o6yEZpeftb8751Zup5jUCqeLvwxusBrZlEk5LxdcX8Qr2LSN1mxVY4EBr9LWE7kCeGvMrvSqygzW3W8JU0wKWNTPbUNv_OpF7jo6gzDfi647ZTN2Y9wFbuxBn-0iprfEJ4JWgD3gFplj9QPQEmGvzvNh7C0bK7z2QlCPEqxLrcXnmncekBeWVmxfO6c4oD9eP_TagmTSTO2bU3U1C-TgiCoRuk8owVKPWg3EsAoKuox1j-asZ0i8L16n7DTsNyD6ABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYnIy5nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1OM4sUSYYTQ2D54aP0AKfuApn0Pg%26client%3Dca-pub-5884294479391638%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=482000826&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888951&bpp=216&bdt=166&idt=3212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=3970707060804890&tmod=349667132&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iblt9knfzq7t&fsb=1&dtd=3219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c6b8f3b05a27a98bb5b8ef987e24599301129f33bfccc8f67a744faac72264f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
8397de0eaea99131-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:01:32 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 66E3
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=482000826&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888951&bpp=216&bdt=166&idt=3212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=3970707060804890&tmod=349667132&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iblt9knfzq7t&fsb=1&dtd=3219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51698
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 20:39:54 GMT
etag
48472445140208031
expires
Fri, 22 Dec 2023 20:39:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
error_handler.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 25B9
8 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/error_handler.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1280467831&adf=3173046732&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888920&bpp=178&bdt=150&idt=3222&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=1137090130&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079979%2C44795921%2C44809004%2C95320884&oid=2&pvsid=4053400509795091&tmod=1632843462&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ktek2ykiwrgc&fsb=1&dtd=3231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98943ace7e40462eae22caf1645fadbf7e7d59b696cd3ed0391837e0efa41801
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 20:51:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
50986
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3480
x-xss-protection
0
server
cafe
etag
1596694241577312856
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 20:51:46 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 25B9
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1280467831&adf=3173046732&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888920&bpp=178&bdt=150&idt=3222&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=1137090130&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079979%2C44795921%2C44809004%2C95320884&oid=2&pvsid=4053400509795091&tmod=1632843462&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ktek2ykiwrgc&fsb=1&dtd=3231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 10:17:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
2627
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 10:17:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 25B9
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1280467831&adf=3173046732&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888920&bpp=178&bdt=150&idt=3222&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=1137090130&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079979%2C44795921%2C44809004%2C95320884&oid=2&pvsid=4053400509795091&tmod=1632843462&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ktek2ykiwrgc&fsb=1&dtd=3231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
32833
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 01:54:19 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 25B9
203 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1280467831&adf=3173046732&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888920&bpp=178&bdt=150&idt=3222&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=1137090130&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079979%2C44795921%2C44809004%2C95320884&oid=2&pvsid=4053400509795091&tmod=1632843462&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ktek2ykiwrgc&fsb=1&dtd=3231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:01:32 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 66E3
0
104 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDNWXNF6YnE-jKEp9D4tA7Y&google_cver=1&google_push=AXcoOmT8o4avp3QQrZlqO3q6SOxINFUQDpSVToNy95OwGOzoMDpcmsuTEjiUxgplQqVaHqkfibdGQNPgz182FY8UUTcMc1R7zMzk5A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=482000826&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888951&bpp=216&bdt=166&idt=3212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=3970707060804890&tmod=349667132&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iblt9knfzq7t&fsb=1&dtd=3219
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:01:32 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
google
match.adsrvr.org/track/cmf/ Frame 66E3
70 B
149 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEM1ZEHeCyYX_q6gfgaZadmY&google_cver=1&google_push=AXcoOmQaOjZLjE_dm1fThT-dYcYNWBL_T-GSnw5Zh9CkwWT6UAjaYZ1F1nWBgT_rdYXir6hyc-RA5RqU-xAIN51_t5NmtBUCXe0vuA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=482000826&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888951&bpp=216&bdt=166&idt=3212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=3970707060804890&tmod=349667132&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iblt9knfzq7t&fsb=1&dtd=3219
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
x.bidswitch.net/ Frame 66E3
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECYvfkuZ2NzqlKKUplezVjY&google_cver=1&google_push=AXcoOmS2Us36H3p3yEHHhYidmyHYJCkapZvFTTt3_cNgpzasdIXYcB0cl7qyJYDJ-k-SUG3h2sxyBpzsRCSHnuf-4e8ZPT33wOVDuQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=482000826&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888951&bpp=216&bdt=166&idt=3212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=3970707060804890&tmod=349667132&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iblt9knfzq7t&fsb=1&dtd=3219
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.41.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-41-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 66E3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDzowZC0slH0Xl1g0Hdn01c&google_cver=1&google_push=AXcoOmTo4RNJx0TVeSOh-A3Pz5hpCkLROEWa54TqM112Rj5dkUGSqgoLY1bkDaX-ie_Uc9mrD7xhVoJd...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDzowZC0slH0Xl1g0Hdn01c&google_cver=1&google_push=AXcoOmTo4RNJx0TVeSOh-A3Pz5hpCkLROEWa54TqM112Rj5dkUGSqgoLY1bkDaX-ie_Uc9mrD7x...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY2NDIzNDUzOTk1NzEwODcyNQ&google_push=AXcoOmTo4RNJx0TVeSOh-A3Pz5hpCkLROEWa54TqM112Rj5dkUGSqgoLY1bkDaX-ie_Uc9mrD7xhVo...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY2NDIzNDUzOTk1NzEwODcyNQ&google_push=AXcoOmTo4RNJx0TVeSOh-A3Pz5hpCkLROEWa54TqM112Rj5dkUGSqgoLY1bkDaX-ie_Uc9mrD7xhVoJdUmYejUZBLoXTZM3kYuRo4w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=482000826&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888951&bpp=216&bdt=166&idt=3212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=3970707060804890&tmod=349667132&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iblt9knfzq7t&fsb=1&dtd=3219
Protocol
H2
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:01:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:01:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY2NDIzNDUzOTk1NzEwODcyNQ&google_push=AXcoOmTo4RNJx0TVeSOh-A3Pz5hpCkLROEWa54TqM112Rj5dkUGSqgoLY1bkDaX-ie_Uc9mrD7xhVoJdUmYejUZBLoXTZM3kYuRo4w
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame 66E3
43 B
236 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEFp6HZkT19Jb-EL1NnD_AgA&google_cver=1&google_push=AXcoOmRJAvSFzQq9__n6y5hM_p0EDuH5pmSoJkp0lOnjts0kWyKdMQUtq5pXF9rVOIIwG9CuQhdEwmOd0-nMaD7j3gWPNchQzeK-
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=482000826&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888951&bpp=216&bdt=166&idt=3212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=3970707060804890&tmod=349667132&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iblt9knfzq7t&fsb=1&dtd=3219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:01:32 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
sync
ssbsync.smartadserver.com/api/ Frame 66E3
0
45 B
Image
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGdB86LPRBbQI9lVAPzZWc8&google_cver=1&google_push=AXcoOmSDifOPrVMq3xTHohUbyjDVVgL_48dqU-EZ7T_ma7UEwgQQXoth5TiD20KJDgfJppTeS0clmbf8Wt0UAwun6fdNKz4_NRP5QA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=482000826&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888951&bpp=216&bdt=166&idt=3212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=3970707060804890&tmod=349667132&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iblt9knfzq7t&fsb=1&dtd=3219
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.182.178.228 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
content-length
0
https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 66E3
43 B
146 B
Image
General
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJ0uOcH9pILQwopB74d6Asc&google_cver=1&google_push=AXcoOmTXGj_mcOexHMRP-Q0TFqDLme_Lkh2eC1ZWZt6nZrg9pLAd2DZNCtzpoqP0A7sZFTtFhUoIgiTPDfILAUCT-w4q1kxggU9YC_k
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=482000826&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888951&bpp=216&bdt=166&idt=3212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=3970707060804890&tmod=349667132&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iblt9knfzq7t&fsb=1&dtd=3219
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.41.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-41-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame 66E3
0
40 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I-757RlMjKE6Egl-9wPcfVFqv9JrhnzWignpT26SLj4evpm9rFR_dcl9y1KYSvK3PFFfurxw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=482000826&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888951&bpp=216&bdt=166&idt=3212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=3970707060804890&tmod=349667132&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iblt9knfzq7t&fsb=1&dtd=3219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
dr
as.ad4m.at/ad/ Frame C718
2 KB
1 KB
Document
General
Full URL
https://as.ad4m.at/ad/dr?ed=1jpn3p0px50wjyek0mgx94504erwhbn8jxppejjryqf7wzq53evtp6ajbe3exkh3wg20dt0pve17prnx2ttt8yvc13h42wmj2cwc1stms6k1ybnq08wg3gyes1bhqksdxc25gw5pmxda92zms50abkjh8ng1dgm54vygpkvqh0prv9h2yn4sw8gvfm79z22dkzt1nnazjt7tw9pt57w39msbvkarmwyxg89tdzehx22am05h2ks27h9xp5wjj6h9e3mdhz9wyg5wqjvzkxq06ewyz5vebhawcn6r9ax0epf2a0kx4a7kjq1j841xn2zh9mcsy1dvc3fpmqh2ve6rtqjn1zqmb19f6ss3szmcs6j8pknkaykv96xse3tqt6df898a7dksnq686cfhehpea8nh1ywgpy1ep1xyr8y9r1ag13h34f24cfax4x7fjdbz2fkfps60&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz158jGyFZZ20C4S99u8PtKOYoAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0IQNZADTwm0SdaKP45aHfDXOps8PlSRTHBi0TnKiX8uZOupqyLMABMgddSc0wwnkI-qNoXEEGHh2PgIj2hCiRS93av71pId0pyTE6ux5dk6R0f7siuMMJUyuDtkXSWYAEAGRUn45tBcUXppWEwUve4_dKzX9h9ajg4K2kHVlFP-p2xK_fTqxEFXBsxUdUoUoJbhj8Fzg128SM77iu6vaGxXqEUpr6RUozeBUD-UBeNrjVWeGgrqpuroWKuVlCsOsLfUeB1dvyKaIn_e2NumABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYzZC4nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2id-X13hiHACaKYAL5s4ftSpou9w%26client%3Dca-pub-5884294479391638%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1280467831&adf=3173046732&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888920&bpp=178&bdt=150&idt=3222&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=1137090130&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079979%2C44795921%2C44809004%2C95320884&oid=2&pvsid=4053400509795091&tmod=1632843462&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ktek2ykiwrgc&fsb=1&dtd=3231
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
930e3672504293e5810a58b53c4470f2d4ffcd345a68e608de29e0eaa459897d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
8397de0eaeab9131-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:01:32 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C52E
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1280467831&adf=3173046732&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888920&bpp=178&bdt=150&idt=3222&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=1137090130&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079979%2C44795921%2C44809004%2C95320884&oid=2&pvsid=4053400509795091&tmod=1632843462&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ktek2ykiwrgc&fsb=1&dtd=3231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51698
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 20:39:54 GMT
etag
48472445140208031
expires
Fri, 22 Dec 2023 20:39:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 5518
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cd-VpjGyFZdm8DMSn9u8P9v6bsAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzAFP0BxRWrgw_MqYX9BGT2-o6yEZpeftb8751Zup5jUCqeLvwxusBrZlEk5LxdcX8Qr2LSN1mxVY4EBr9LWE7kCeGvMrvSqygzW3W8JU0wKWNTPbUNv_OpF7jo6gzDfi647ZTN2Y9wFbuxBn-0iprfEJ4JWgD3gFplj9QPQEmGvzvNh7C0bK7z2QlCPEqxLrcXnmncekBeWVmxfO6c4oD9eP_TagmTSTeWT1T5q7fnjqjcz4SYOipprCidwmLJpzI98qa1ONzAMTAnVkTfOABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYnIy5nPKigwOACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTg4NDI5NDQ3OTM5MTYzOBiZ0iE&sigh=OoLSB_3unOo&uach_m=%5BUACH%5D&cid=CAQSKQAvHhf_u_Wl-5yKLK0n3MatJBt86nOVzmWYYOG2WsU0ye8UEScbFUOlGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=482000826&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888951&bpp=216&bdt=166&idt=3212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=3970707060804890&tmod=349667132&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iblt9knfzq7t&fsb=1&dtd=3219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=482000826&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888951&bpp=216&bdt=166&idt=3212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=3970707060804890&tmod=349667132&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iblt9knfzq7t&fsb=1&dtd=3219
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 22 Dec 2023 11:01:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 5518
0
39 B
Image
General
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1hz9fp66xwtnzy4ncwfp8k0h195gsfx4f5h06jhyeebf24j5n3e4w5rn5wp9r6n9xma0j0y2vqrwdjx6ggd7nexxv7156cnaptwfr8d4syndv3b6vj4d70yjwfqdaspy72knkvfngckjas4za4pqtbxeyy12356qxg8trk9xz0scecca6fxc2sp5fnzt98x8bhf54w7ddt0xfkqjz74xptpt40dbxbqewcym8w1xfr8z2x2n861ee2y60r2qmrhtccq7c428cgsacjen2800t4j5b7pg5068bmg7yqgw80z18y7z410t1qwqwwwpwc4k8hta74kws5y4cxt13nzj85783jj4gas8cg16khq1dc5ffqkthk0e4ep23qm5pqnjwd6pn0v7shwhz9g&b=ZYVsjAADHlkH_ZPEAAb_dqxVDsE6jh-VmYw05g&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=482000826&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888951&bpp=216&bdt=166&idt=3212&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320885&oid=2&pvsid=3970707060804890&tmod=349667132&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.iblt9knfzq7t&fsb=1&dtd=3219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 22 Dec 2023 11:01:32 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
truncated
/ Frame 25B9
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83e7677e066db996c90646e6a3c9b367f199ca7abd4b98135b412473c6e5a715

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
error_handler.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 079F
8 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/error_handler.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889044&bpp=2941&bdt=115&idt=3202&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3422866323&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079759%2C42532523%2C44795921%2C95320884&oid=2&pvsid=510619576081689&tmod=930227628&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ocue0moz9rkc&fsb=1&dtd=3204
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98943ace7e40462eae22caf1645fadbf7e7d59b696cd3ed0391837e0efa41801
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 20:51:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
50986
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3480
x-xss-protection
0
server
cafe
etag
1596694241577312856
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 20:51:46 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 079F
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889044&bpp=2941&bdt=115&idt=3202&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3422866323&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079759%2C42532523%2C44795921%2C95320884&oid=2&pvsid=510619576081689&tmod=930227628&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ocue0moz9rkc&fsb=1&dtd=3204
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 10:17:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
2627
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 10:17:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 079F
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889044&bpp=2941&bdt=115&idt=3202&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3422866323&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079759%2C42532523%2C44795921%2C95320884&oid=2&pvsid=510619576081689&tmod=930227628&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ocue0moz9rkc&fsb=1&dtd=3204
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
32833
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 01:54:19 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 079F
203 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889044&bpp=2941&bdt=115&idt=3202&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3422866323&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079759%2C42532523%2C44795921%2C95320884&oid=2&pvsid=510619576081689&tmod=930227628&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ocue0moz9rkc&fsb=1&dtd=3204
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:01:32 GMT
pixel
cm.g.doubleclick.net/ Frame C52E
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENOWA24WNW45n776_qQQ9C0&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENOWA24WNW45n776_qQQ9C0&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dFl3dDJ4U00xUmdEaHk1&google_gid=CAESENOWA24WNW45n776_qQQ9C0&google_cver=1&google_push=AXcoOmRVBn4SP6__r_7GGxRyi2gtO97Mbtr0_4Ury0YlgsM...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dFl3dDJ4U00xUmdEaHk1&google_gid=CAESENOWA24WNW45n776_qQQ9C0&google_cver=1&google_push=AXcoOmRVBn4SP6__r_7GGxRyi2gtO97Mbtr0_4Ury0YlgsMXDLRDLnc-tzSfLTaTqW8rnjwBKilhmUQLaDFVQJb0ryv5HTHMfrtxBA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1280467831&adf=3173046732&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888920&bpp=178&bdt=150&idt=3222&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=1137090130&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079979%2C44795921%2C44809004%2C95320884&oid=2&pvsid=4053400509795091&tmod=1632843462&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ktek2ykiwrgc&fsb=1&dtd=3231
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:01:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 22 Dec 2023 11:01:32 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-029f22d856dc4e10e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dFl3dDJ4U00xUmdEaHk1&google_gid=CAESENOWA24WNW45n776_qQQ9C0&google_cver=1&google_push=AXcoOmRVBn4SP6__r_7GGxRyi2gtO97Mbtr0_4Ury0YlgsMXDLRDLnc-tzSfLTaTqW8rnjwBKilhmUQLaDFVQJb0ryv5HTHMfrtxBA
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame C52E
43 B
363 B
Image
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQkqPtWp0GXoXH7vhwKMDPfy96hB_xfxlFkjH4DyVDGf-Q0CXQtPM9qH__reE8SDBLQXlgbTzf9FtNp_N5dW22LPlQHmY1BqA&google_gid=CAESEHMkx1PcI7xWWJkVBJtasQA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1280467831&adf=3173046732&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888920&bpp=178&bdt=150&idt=3222&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=1137090130&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079979%2C44795921%2C44809004%2C95320884&oid=2&pvsid=4053400509795091&tmod=1632843462&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ktek2ykiwrgc&fsb=1&dtd=3231
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:01:32 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
335438
expires
Fri, 22 Dec 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C52E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDzowZC0slH0Xl1g0Hdn01c&google_cver=1&google_push=AXcoOmSctEjxixTX3s4UnWdPSh7c7MhM5RrrlEoOJpmUIo47JUw6bkWnrE4m5p6PbftPUPNjFAXo8TWg...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDzowZC0slH0Xl1g0Hdn01c&google_cver=1&google_push=AXcoOmSctEjxixTX3s4UnWdPSh7c7MhM5RrrlEoOJpmUIo47JUw6bkWnrE4m5p6PbftPUPNjFAX...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE1MjA5OTc4NTIyMzAzMTkyMQ&google_push=AXcoOmSctEjxixTX3s4UnWdPSh7c7MhM5RrrlEoOJpmUIo47JUw6bkWnrE4m5p6PbftPUPNjFAXo8T...
170 B
329 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE1MjA5OTc4NTIyMzAzMTkyMQ&google_push=AXcoOmSctEjxixTX3s4UnWdPSh7c7MhM5RrrlEoOJpmUIo47JUw6bkWnrE4m5p6PbftPUPNjFAXo8TWgmVNrYZU0101rWAFVokUL
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1280467831&adf=3173046732&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888920&bpp=178&bdt=150&idt=3222&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=1137090130&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079979%2C44795921%2C44809004%2C95320884&oid=2&pvsid=4053400509795091&tmod=1632843462&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ktek2ykiwrgc&fsb=1&dtd=3231
Protocol
H2
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:01:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:01:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTE1MjA5OTc4NTIyMzAzMTkyMQ&google_push=AXcoOmSctEjxixTX3s4UnWdPSh7c7MhM5RrrlEoOJpmUIo47JUw6bkWnrE4m5p6PbftPUPNjFAXo8TWgmVNrYZU0101rWAFVokUL
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame C52E
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGjB83VX9zOJkylftHhzN50&google_cver=1&google_push=AXcoOmTbIHis3f5iRo1Rtye1QO3Fy9NYoW_bF72t1J3MU5ha7mT8FuD3pwEnvKQK0bsdpanxgj-LMkyUPhzH...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTbIHis3f5iRo1Rtye1QO3Fy9NYoW_bF72t1J3MU5ha7mT8FuD3pwEnvKQK0bsdpanxgj-LMkyUPhzHsVwq4tVmIsIEh7MRgQ
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTbIHis3f5iRo1Rtye1QO3Fy9NYoW_bF72t1J3MU5ha7mT8FuD3pwEnvKQK0bsdpanxgj-LMkyUPhzHsVwq4tVmIsIEh7MRgQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1280467831&adf=3173046732&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888920&bpp=178&bdt=150&idt=3222&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=1137090130&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079979%2C44795921%2C44809004%2C95320884&oid=2&pvsid=4053400509795091&tmod=1632843462&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ktek2ykiwrgc&fsb=1&dtd=3231
Protocol
H2
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:01:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTbIHis3f5iRo1Rtye1QO3Fy9NYoW_bF72t1J3MU5ha7mT8FuD3pwEnvKQK0bsdpanxgj-LMkyUPhzHsVwq4tVmIsIEh7MRgQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ebda
match.360yield.com/match/ Frame C52E
43 B
199 B
Image
General
Full URL
https://match.360yield.com/match/ebda?google_gid=CAESEF9EG8dk3CYte7udUyIfmDU&google_cver=1&google_push=AXcoOmSzJyB2FYk9_eRU76O53IEp0oe_HA9jRDEq_5v3eaOjf6L6QIvjxBwLlG1T16ReSUpac432QkBZxNnb9t0Z2GGaHZZTZ6o5-Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1280467831&adf=3173046732&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888920&bpp=178&bdt=150&idt=3222&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=1137090130&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079979%2C44795921%2C44809004%2C95320884&oid=2&pvsid=4053400509795091&tmod=1632843462&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ktek2ykiwrgc&fsb=1&dtd=3231
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.229.5.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-5-240.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 22 Dec 2023 11:01:32 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
onetag-sys.com/match/ Frame C52E
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEGjB83VX9zOJkylftHhzN50&google_cver=1&google_push=AXcoOmQVIWzthtTkxA8c8HBcNjr-hZn41gAUeVkDWPNs7uaV2XGDK4B1oLvCyKdIWJDmGnFbhAxk05AJoEM...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQVIWzthtTkxA8c8HBcNjr-hZn41gAUeVkDWPNs7uaV2XGDK4B1oLvCyKdIWJDmGnFbhAxk05AJoEMNzinrMssyl6_m-4i3XuY
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1280467831&adf=3173046732&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888920&bpp=178&bdt=150&idt=3222&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=1137090130&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079979%2C44795921%2C44809004%2C95320884&oid=2&pvsid=4053400509795091&tmod=1632843462&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ktek2ykiwrgc&fsb=1&dtd=3231
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:01:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C52E
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEHy36zJnR_DAkjxjrYqmApg&google_cver=1&google_push=AXcoOmQ5n31CY4nsM...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEHy36zJnR_DAkjxjrYqmApg%26goo...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODk1MTMwMTA1MzgzMzQ2ODQ3MQ%3D%3D&google_gid=CAESEHy36zJnR_DAkjxjrYqmApg&google_cver=1&google_push=AXcoOmQ5n31CY4nsMiI7gxbEHWPRs4oTyp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODk1MTMwMTA1MzgzMzQ2ODQ3MQ%3D%3D&google_gid=CAESEHy36zJnR_DAkjxjrYqmApg&google_cver=1&google_push=AXcoOmQ5n31CY4nsMiI7gxbEHWPRs4oTypQ_V59lwwIreKHX_71FepCwHQHYVm5WWbFiOLfBpEh6XC0bw67JdodB6qcsPDlHmNSoSSM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1280467831&adf=3173046732&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888920&bpp=178&bdt=150&idt=3222&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=1137090130&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079979%2C44795921%2C44809004%2C95320884&oid=2&pvsid=4053400509795091&tmod=1632843462&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ktek2ykiwrgc&fsb=1&dtd=3231
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:01:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:01:32 GMT
an-x-request-uuid
2043e93a-cb7e-4882-a0af-40572ed07bd3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODk1MTMwMTA1MzgzMzQ2ODQ3MQ%3D%3D&google_gid=CAESEHy36zJnR_DAkjxjrYqmApg&google_cver=1&google_push=AXcoOmQ5n31CY4nsMiI7gxbEHWPRs4oTypQ_V59lwwIreKHX_71FepCwHQHYVm5WWbFiOLfBpEh6XC0bw67JdodB6qcsPDlHmNSoSSM
x-proxy-origin
80.255.7.100; 80.255.7.100; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame C52E
0
139 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LLwxBRY4sEM16xSJL46TePxmhBzRJNGOb0-2Zo339MdAmCUkLViiZ0Cy1G2nI-hGoGGYBRGHc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1280467831&adf=3173046732&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888920&bpp=178&bdt=150&idt=3222&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=1137090130&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079979%2C44795921%2C44809004%2C95320884&oid=2&pvsid=4053400509795091&tmod=1632843462&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ktek2ykiwrgc&fsb=1&dtd=3231
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
dr
as.ad4m.at/ad/ Frame C500
2 KB
1 KB
Document
General
Full URL
https://as.ad4m.at/ad/dr?ed=1kyed8k67exvqz66enq0ateb4ngactzsqtxkjj0p7y5zy0t4642bge25e75636knbksdhkngzm219hdj48h40k8k58k4agbpe9xn87j454k5avds7tpwnacg4ypnfn1cywq3eshtwjtdhhgzg45byvpfj3gp5zk1nvytzkft17m7hagcrakpxggdc8dvs7nfrrgmmr2915hk3k8kdda0z7q8v321s3vjh6vh6sdqqyn6vnrd2ph9a7yee285dcpw8p7mx06bz99wrpn5wqdp2vspdpqttw7kqyqzf3amsnrstt1623nps3npmbvgmqas0z9zqzcc2m32cyqgcg01z9va7ez7h9nktth4vcf65g3fvsexch7cwb00jxq8sg4w02d8eh8204esyfd2t41pd7agkb8bc6t6x892ztmvz5ednsf4tt7xjv7xsrzd4ywhjbtrz0mz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%26client%3Dca-pub-5884294479391638%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889044&bpp=2941&bdt=115&idt=3202&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3422866323&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079759%2C42532523%2C44795921%2C95320884&oid=2&pvsid=510619576081689&tmod=930227628&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ocue0moz9rkc&fsb=1&dtd=3204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32889607a9ca0ff509db1a6f3610a9e2b5e63cae6850fc208bd06c000d733db6
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
8397de0f0f7f9131-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:01:32 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 92ED
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889044&bpp=2941&bdt=115&idt=3202&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3422866323&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079759%2C42532523%2C44795921%2C95320884&oid=2&pvsid=510619576081689&tmod=930227628&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ocue0moz9rkc&fsb=1&dtd=3204
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51698
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 20:39:54 GMT
etag
48472445140208031
expires
Fri, 22 Dec 2023 20:39:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 079F
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b86d265a0bfafc113ce244f87cd497d3a164c87e97b9ff2bb8693217272e959

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 25B9
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C5zoGjGyFZZ20C4S99u8PtKOYoAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzAFP0IQNZADTwm0SdaKP45aHfDXOps8PlSRTHBi0TnKiX8uZOupqyLMABMgddSc0wwnkI-qNoXEEGHh2PgIj2hCiRS93av71pId0pyTE6ux5dk6R0f7siuMMJUyuDtkXSWYAEAGRUn45tBcUXppWEwUve4_dKzX9h9ajg4K2kHVlFP-p2xK_fTqxEFXBsxUdUoUoJbhj8Fzg128SM77iu6vaGxXqEUprqxcJXzetiKXJ_5J1jy4UcIO9sBccBP24igHlvw2KGXt3HXoX3z-ABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYzZC4nPKigwOACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTg4NDI5NDQ3OTM5MTYzOBiZ0iE&sigh=cs6wh8ex6-A&uach_m=%5BUACH%5D&cid=CAQSKQAvHhf_lJn2YdbQFnCruTKr56mvkpRhBV0BsFNnNQkzpY7ZuHwft_lqGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1280467831&adf=3173046732&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888920&bpp=178&bdt=150&idt=3222&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=1137090130&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079979%2C44795921%2C44809004%2C95320884&oid=2&pvsid=4053400509795091&tmod=1632843462&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ktek2ykiwrgc&fsb=1&dtd=3231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1280467831&adf=3173046732&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888920&bpp=178&bdt=150&idt=3222&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=1137090130&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079979%2C44795921%2C44809004%2C95320884&oid=2&pvsid=4053400509795091&tmod=1632843462&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ktek2ykiwrgc&fsb=1&dtd=3231
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 22 Dec 2023 11:01:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 25B9
0
103 B
Image
General
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1kwz9zkw8pjtj22qr1z7y1d53fqp86vzjcz67f9aeqvkw15y93np4zfppkpbsxgtmrxgz3rw583m89p2rrx0sks71wvktwdvexytwd3dhh4n5hdvnwdmv7ep9m2pnntb0pzmk0qngfn1g1009qjx7d7q10rmgb4d859zjve7vtj5dty0te56rgv2akn2rs0jf58nq7amk416ftt0hqcgekznefddnae3jvsvcw1y8ga55j2j7r6c1w43e20h3n6tkf8hq743zek3ywgvj022k6g589ktpxk9rcr57txcb74spj3y56cxn1tp6ybdmbppeytwz12nhfqsnp2fsz8d7wephm5pr7xfssc0yvs1mz6tn50apb3zdrbq2ty8dvg0vt076w4yc68rkf8&b=ZYVsjAAC2h0H_Z6EAAYRtNNAvVNoIj8euXkaBg&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=60&slotname=3654094576&adk=1280467831&adf=3173046732&pi=t.ma~as.3654094576&w=460&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242888920&bpp=178&bdt=150&idt=3222&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=468&ish=0&ifk=1137090130&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079979%2C44795921%2C44809004%2C95320884&oid=2&pvsid=4053400509795091&tmod=1632843462&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C468%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ktek2ykiwrgc&fsb=1&dtd=3231
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 22 Dec 2023 11:01:32 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 4527
115 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hyrtxbjtezax0agkm65gpxaydgp7z5bm5r0dbsbvzw7jpkk71hre35yerz6tghgw275m26qzk3a2a4vf0gb9nsq46hs364dzd27bsj6965esr3w1jt04h08ab4hwmdgyyg2924rgz0yhhg5s6nz7xymvwvmptbrh7av1k69gc9fd5w1wys6cvzsk115x10smj3knp0sry42wzp24q9crr4kmc8k2ctqq1tjsspg720523zhscer2cqjtjqcytx65eenksgsryhj1w94xz0s9cy9vma0sbehar5a8exv7cb73mq9fpkfk1jvg63htwpdybrj31hhz4b1r08w7arzgwgpdjv1ptym7ntmsb4erxpp0p69ywavxz7arcds8txeakd3jb0snwnqpkcrwfhpg1xsap1c5rbzdqzgerx7j56kfj7wf60sycjkczj7b1m09m13nk5s&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCagb0jGyFZdm8DMSn9u8P9v6bsAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0BxRWrgw_MqYX9BGT2-o6yEZpeftb8751Zup5jUCqeLvwxusBrZlEk5LxdcX8Qr2LSN1mxVY4EBr9LWE7kCeGvMrvSqygzW3W8JU0wKWNTPbUNv_OpF7jo6gzDfi647ZTN2Y9wFbuxBn-0iprfEJ4JWgD3gFplj9QPQEmGvzvNh7C0bK7z2QlCPEqxLrcXnmncekBeWVmxfO6c4oD9eP_TagmTSTO2bU3U1C-TgiCoRuk8owVKPWg3EsAoKuox1j-asZ0i8L16n7DTsNyD6ABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYnIy5nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1OM4sUSYYTQ2D54aP0AKfuApn0Pg%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hyrtxbjtezax0agkm65gpxaydgp7z5bm5r0dbsbvzw7jpkk71hre35yerz6tghgw275m26qzk3a2a4vf0gb9nsq46hs364dzd27bsj6965esr3w1jt04h08ab4hwmdgyyg2924rgz0yhhg5s6nz7xymvwvmptbrh7av1k69gc9fd5w1wys6cvzsk115x10smj3knp0sry42wzp24q9crr4kmc8k2ctqq1tjsspg720523zhscer2cqjtjqcytx65eenksgsryhj1w94xz0s9cy9vma0sbehar5a8exv7cb73mq9fpkfk1jvg63htwpdybrj31hhz4b1r08w7arzgwgpdjv1ptym7ntmsb4erxpp0p69ywavxz7arcds8txeakd3jb0snwnqpkcrwfhpg1xsap1c5rbzdqzgerx7j56kfj7wf60sycjkczj7b1m09m13nk5s&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCagb0jGyFZdm8DMSn9u8P9v6bsAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0BxRWrgw_MqYX9BGT2-o6yEZpeftb8751Zup5jUCqeLvwxusBrZlEk5LxdcX8Qr2LSN1mxVY4EBr9LWE7kCeGvMrvSqygzW3W8JU0wKWNTPbUNv_OpF7jo6gzDfi647ZTN2Y9wFbuxBn-0iprfEJ4JWgD3gFplj9QPQEmGvzvNh7C0bK7z2QlCPEqxLrcXnmncekBeWVmxfO6c4oD9eP_TagmTSTO2bU3U1C-TgiCoRuk8owVKPWg3EsAoKuox1j-asZ0i8L16n7DTsNyD6ABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYnIy5nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1OM4sUSYYTQ2D54aP0AKfuApn0Pg%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
541053
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2FqVwx0di8fAvAv90KFO2VkD1gKO9ofGvnDLHPpEqd%2FSkaIqVCl4snP7pG8cw1RYSA%2FIraniGyOODzu9ULH1sT3EJiea7969fAu7%2BsGYp6L4t4DQrzixRqgp%2Fg%2BMmL0I%2FDCfhWTvpYI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
8397de0f3fe79131-FRA
expires
Sat, 23 Dec 2023 11:01:32 GMT
r62eglto.js
ad4m.at/ Frame 4527
24 KB
9 KB
Script
General
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hyrtxbjtezax0agkm65gpxaydgp7z5bm5r0dbsbvzw7jpkk71hre35yerz6tghgw275m26qzk3a2a4vf0gb9nsq46hs364dzd27bsj6965esr3w1jt04h08ab4hwmdgyyg2924rgz0yhhg5s6nz7xymvwvmptbrh7av1k69gc9fd5w1wys6cvzsk115x10smj3knp0sry42wzp24q9crr4kmc8k2ctqq1tjsspg720523zhscer2cqjtjqcytx65eenksgsryhj1w94xz0s9cy9vma0sbehar5a8exv7cb73mq9fpkfk1jvg63htwpdybrj31hhz4b1r08w7arzgwgpdjv1ptym7ntmsb4erxpp0p69ywavxz7arcds8txeakd3jb0snwnqpkcrwfhpg1xsap1c5rbzdqzgerx7j56kfj7wf60sycjkczj7b1m09m13nk5s&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCagb0jGyFZdm8DMSn9u8P9v6bsAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0BxRWrgw_MqYX9BGT2-o6yEZpeftb8751Zup5jUCqeLvwxusBrZlEk5LxdcX8Qr2LSN1mxVY4EBr9LWE7kCeGvMrvSqygzW3W8JU0wKWNTPbUNv_OpF7jo6gzDfi647ZTN2Y9wFbuxBn-0iprfEJ4JWgD3gFplj9QPQEmGvzvNh7C0bK7z2QlCPEqxLrcXnmncekBeWVmxfO6c4oD9eP_TagmTSTO2bU3U1C-TgiCoRuk8owVKPWg3EsAoKuox1j-asZ0i8L16n7DTsNyD6ABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYnIy5nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1OM4sUSYYTQ2D54aP0AKfuApn0Pg%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 09:14:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
179202
etag
W/"aa3e81d21ff1f0e18f4862e53a794952"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYs0QkxGg3QXP7snE3BKJAPtXwAy3%2F%2BdyHQghL0zbKS1wWVl2hOcaEGamTtyFheBeI4v11v2%2BRfI%2FltWlUF0lcWjOXw%2B10FiZI2642mQaorBC%2Fyu1ZujCbOFadbWC9mpIV2MwVI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
8397de0f580f9131-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 13 Dec 2023 09:16:49 GMT
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame C718
115 KB
13 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jpn3p0px50wjyek0mgx94504erwhbn8jxppejjryqf7wzq53evtp6ajbe3exkh3wg20dt0pve17prnx2ttt8yvc13h42wmj2cwc1stms6k1ybnq08wg3gyes1bhqksdxc25gw5pmxda92zms50abkjh8ng1dgm54vygpkvqh0prv9h2yn4sw8gvfm79z22dkzt1nnazjt7tw9pt57w39msbvkarmwyxg89tdzehx22am05h2ks27h9xp5wjj6h9e3mdhz9wyg5wqjvzkxq06ewyz5vebhawcn6r9ax0epf2a0kx4a7kjq1j841xn2zh9mcsy1dvc3fpmqh2ve6rtqjn1zqmb19f6ss3szmcs6j8pknkaykv96xse3tqt6df898a7dksnq686cfhehpea8nh1ywgpy1ep1xyr8y9r1ag13h34f24cfax4x7fjdbz2fkfps60&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz158jGyFZZ20C4S99u8PtKOYoAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0IQNZADTwm0SdaKP45aHfDXOps8PlSRTHBi0TnKiX8uZOupqyLMABMgddSc0wwnkI-qNoXEEGHh2PgIj2hCiRS93av71pId0pyTE6ux5dk6R0f7siuMMJUyuDtkXSWYAEAGRUn45tBcUXppWEwUve4_dKzX9h9ajg4K2kHVlFP-p2xK_fTqxEFXBsxUdUoUoJbhj8Fzg128SM77iu6vaGxXqEUpr6RUozeBUD-UBeNrjVWeGgrqpuroWKuVlCsOsLfUeB1dvyKaIn_e2NumABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYzZC4nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2id-X13hiHACaKYAL5s4ftSpou9w%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jpn3p0px50wjyek0mgx94504erwhbn8jxppejjryqf7wzq53evtp6ajbe3exkh3wg20dt0pve17prnx2ttt8yvc13h42wmj2cwc1stms6k1ybnq08wg3gyes1bhqksdxc25gw5pmxda92zms50abkjh8ng1dgm54vygpkvqh0prv9h2yn4sw8gvfm79z22dkzt1nnazjt7tw9pt57w39msbvkarmwyxg89tdzehx22am05h2ks27h9xp5wjj6h9e3mdhz9wyg5wqjvzkxq06ewyz5vebhawcn6r9ax0epf2a0kx4a7kjq1j841xn2zh9mcsy1dvc3fpmqh2ve6rtqjn1zqmb19f6ss3szmcs6j8pknkaykv96xse3tqt6df898a7dksnq686cfhehpea8nh1ywgpy1ep1xyr8y9r1ag13h34f24cfax4x7fjdbz2fkfps60&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz158jGyFZZ20C4S99u8PtKOYoAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0IQNZADTwm0SdaKP45aHfDXOps8PlSRTHBi0TnKiX8uZOupqyLMABMgddSc0wwnkI-qNoXEEGHh2PgIj2hCiRS93av71pId0pyTE6ux5dk6R0f7siuMMJUyuDtkXSWYAEAGRUn45tBcUXppWEwUve4_dKzX9h9ajg4K2kHVlFP-p2xK_fTqxEFXBsxUdUoUoJbhj8Fzg128SM77iu6vaGxXqEUpr6RUozeBUD-UBeNrjVWeGgrqpuroWKuVlCsOsLfUeB1dvyKaIn_e2NumABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYzZC4nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2id-X13hiHACaKYAL5s4ftSpou9w%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
541053
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4lL1KACvAg2sJt9xTc22kYwWwQIYAgvJHiiJMaYYFcQrL6tNxr2LZWb99DYk4NYm%2F8G5FnWYrB%2BdXVO5ermdXQmLsN%2BpJM7WlMbChf0pW6kpwmF96hDx75OwjKmg4hGtiX930ooN0o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
8397de0f3ff09131-FRA
expires
Sat, 23 Dec 2023 11:01:32 GMT
r62eglto.js
ad4m.at/ Frame C718
24 KB
10 KB
Script
General
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jpn3p0px50wjyek0mgx94504erwhbn8jxppejjryqf7wzq53evtp6ajbe3exkh3wg20dt0pve17prnx2ttt8yvc13h42wmj2cwc1stms6k1ybnq08wg3gyes1bhqksdxc25gw5pmxda92zms50abkjh8ng1dgm54vygpkvqh0prv9h2yn4sw8gvfm79z22dkzt1nnazjt7tw9pt57w39msbvkarmwyxg89tdzehx22am05h2ks27h9xp5wjj6h9e3mdhz9wyg5wqjvzkxq06ewyz5vebhawcn6r9ax0epf2a0kx4a7kjq1j841xn2zh9mcsy1dvc3fpmqh2ve6rtqjn1zqmb19f6ss3szmcs6j8pknkaykv96xse3tqt6df898a7dksnq686cfhehpea8nh1ywgpy1ep1xyr8y9r1ag13h34f24cfax4x7fjdbz2fkfps60&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz158jGyFZZ20C4S99u8PtKOYoAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0IQNZADTwm0SdaKP45aHfDXOps8PlSRTHBi0TnKiX8uZOupqyLMABMgddSc0wwnkI-qNoXEEGHh2PgIj2hCiRS93av71pId0pyTE6ux5dk6R0f7siuMMJUyuDtkXSWYAEAGRUn45tBcUXppWEwUve4_dKzX9h9ajg4K2kHVlFP-p2xK_fTqxEFXBsxUdUoUoJbhj8Fzg128SM77iu6vaGxXqEUpr6RUozeBUD-UBeNrjVWeGgrqpuroWKuVlCsOsLfUeB1dvyKaIn_e2NumABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYzZC4nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2id-X13hiHACaKYAL5s4ftSpou9w%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 09:14:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
179202
etag
W/"aa3e81d21ff1f0e18f4862e53a794952"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tDkz7jUyo7nU5Z6I562KrxF4nzTn3OVFO9%2BSmzRjg8qpvB0T4SHhmYdIkGSmA3P21jaby1gyBrvSSqkP5QsQgHsGG7X1EINRaJqPLvSeeYXo4RAu2343sxABFR6pP9AlE7OjkFQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
8397de0f580c9131-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 13 Dec 2023 09:16:49 GMT
error_handler.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 13BF
8 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/error_handler.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889134&bpp=2967&bdt=88&idt=3265&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C31079979%2C44809531%2C95320869%2C95320884&oid=2&pvsid=1570296872092261&tmod=982348649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ojcf858v2p6&fsb=1&dtd=3272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98943ace7e40462eae22caf1645fadbf7e7d59b696cd3ed0391837e0efa41801
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 20:51:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
50986
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3480
x-xss-protection
0
server
cafe
etag
1596694241577312856
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 20:51:46 GMT
pixel
cm.g.doubleclick.net/ Frame 92ED
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEKmSpIvl-YexYsFoLlkhQE0&google_cver=1&google_push=AXcoOmRwEdqCWl_cMOToOQSbkruWq1mkUU3ZftmOZ9b-dsVsgwRmrq9T9cdRix-oQ1Id3Vnk8MuG2pVwAwpZz0Z34S5HKXRmacZc5g
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=92094092DF0A4340841270F42541A162&google_push=AXcoOmRwEdqCWl_cMOToOQSbkruWq1mkUU3ZftmOZ9b-dsVsgwRmrq9T9cdRix-oQ1Id3Vnk8MuG2pVwAwpZz0Z...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=92094092DF0A4340841270F42541A162&google_push=AXcoOmRwEdqCWl_cMOToOQSbkruWq1mkUU3ZftmOZ9b-dsVsgwRmrq9T9cdRix-oQ1Id3Vnk8MuG2pVwAwpZz0Z34S5HKXRmacZc5g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889044&bpp=2941&bdt=115&idt=3202&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3422866323&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079759%2C42532523%2C44795921%2C95320884&oid=2&pvsid=510619576081689&tmod=930227628&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ocue0moz9rkc&fsb=1&dtd=3204
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:01:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 22 Dec 2023 11:01:32 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=92094092DF0A4340841270F42541A162&google_push=AXcoOmRwEdqCWl_cMOToOQSbkruWq1mkUU3ZftmOZ9b-dsVsgwRmrq9T9cdRix-oQ1Id3Vnk8MuG2pVwAwpZz0Z34S5HKXRmacZc5g
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 21 Dec 2023 11:01:32 GMT
google
match.adsrvr.org/track/cmf/ Frame 92ED
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEM1ZEHeCyYX_q6gfgaZadmY&google_cver=1&google_push=AXcoOmQZtPJhbNJfU2ixxhRsfSIQkD5Kuokgxu7jRpZBbpAuQmNZbjIg1VONdh_4jKfTkUOYmwUEARHgCNYc2yUBaKBOXC7xTOqp
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889044&bpp=2941&bdt=115&idt=3202&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3422866323&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079759%2C42532523%2C44795921%2C95320884&oid=2&pvsid=510619576081689&tmod=930227628&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ocue0moz9rkc&fsb=1&dtd=3204
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 92ED
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEF3whesNpTaY2nAdBWPVuq0&google_cver=1&google_push=AXcoOmTiL3bqPBsge0_BcoGhfbdDmpqaNV7tcCzchgn_eadnjgFWGomNObr_ybiQ1GUvm-PEs4RoQVR55T-yFPD3...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=eUdPJzhESZUasSGxOfHOtQ&google_push=AXcoOmTiL3bqPBsge0_BcoGhfbdDmpqaNV7tcCzchgn_eadnjgFWGomNObr_ybiQ1GUvm-PEs4RoQVR55T-yFPD3n43O3sMjQZzJYA
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=eUdPJzhESZUasSGxOfHOtQ&google_push=AXcoOmTiL3bqPBsge0_BcoGhfbdDmpqaNV7tcCzchgn_eadnjgFWGomNObr_ybiQ1GUvm-PEs4RoQVR55T-yFPD3n43O3sMjQZzJYA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889044&bpp=2941&bdt=115&idt=3202&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3422866323&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079759%2C42532523%2C44795921%2C95320884&oid=2&pvsid=510619576081689&tmod=930227628&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ocue0moz9rkc&fsb=1&dtd=3204
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:01:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 22 Dec 2023 11:01:32 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=eUdPJzhESZUasSGxOfHOtQ&google_push=AXcoOmTiL3bqPBsge0_BcoGhfbdDmpqaNV7tcCzchgn_eadnjgFWGomNObr_ybiQ1GUvm-PEs4RoQVR55T-yFPD3n43O3sMjQZzJYA
x-host
tde-deliveryengine-production-59dc4ccdb-f7dcr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 92ED
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHGPse3mVBIJjZz8IhpC3To&google_cver=1&google_push=AXcoOmR_DBDEvQ-_Q2qWk57lGsWrtJeEUhu1jFqrVC9r-lriXSVBxOur-h74dzn8XiHTureDCXW...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFHSVVCNkstTi1KSTZD&google_push=AXcoOmR_DBDEvQ-_Q2qWk57lGsWrtJeEUhu1jFqrVC9r-lriXSVBxOur-h74dzn8XiHTureDCXW3O9rWDGPE-yfzekBlcSCtS4uzhA
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFHSVVCNkstTi1KSTZD&google_push=AXcoOmR_DBDEvQ-_Q2qWk57lGsWrtJeEUhu1jFqrVC9r-lriXSVBxOur-h74dzn8XiHTureDCXW3O9rWDGPE-yfzekBlcSCtS4uzhA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889044&bpp=2941&bdt=115&idt=3202&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3422866323&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079759%2C42532523%2C44795921%2C95320884&oid=2&pvsid=510619576081689&tmod=930227628&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ocue0moz9rkc&fsb=1&dtd=3204
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:01:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFHSVVCNkstTi1KSTZD&google_push=AXcoOmR_DBDEvQ-_Q2qWk57lGsWrtJeEUhu1jFqrVC9r-lriXSVBxOur-h74dzn8XiHTureDCXW3O9rWDGPE-yfzekBlcSCtS4uzhA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
Expires
0
ebda
match.360yield.com/match/ Frame 92ED
43 B
198 B
Image
General
Full URL
https://match.360yield.com/match/ebda?google_gid=CAESEF9EG8dk3CYte7udUyIfmDU&google_cver=1&google_push=AXcoOmQQr6E8KegsKf9mJ_NWJYl2P3yhBS3nKjHBFCqyblVgJ8CJY6jF1Blwgs_gqwZhbq9tnqwTsWcipwXKx2NlK2Oe-u_nWrg7
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889044&bpp=2941&bdt=115&idt=3202&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3422866323&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079759%2C42532523%2C44795921%2C95320884&oid=2&pvsid=510619576081689&tmod=930227628&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ocue0moz9rkc&fsb=1&dtd=3204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.229.5.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-5-240.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 22 Dec 2023 11:01:32 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
onetag-sys.com/match/ Frame 92ED
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEGjB83VX9zOJkylftHhzN50&google_cver=1&google_push=AXcoOmTj9pg-JJZ8kXaVdpdCf5KgZ9cUH5CkUbkyluDhYHgeyTH7ZjnhmD1yTl69fUQ5X6hP5oVVgeT3_bM...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTj9pg-JJZ8kXaVdpdCf5KgZ9cUH5CkUbkyluDhYHgeyTH7ZjnhmD1yTl69fUQ5X6hP5oVVgeT3_bMNU-P9JtG8dp-iJO67BA
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889044&bpp=2941&bdt=115&idt=3202&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3422866323&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079759%2C42532523%2C44795921%2C95320884&oid=2&pvsid=510619576081689&tmod=930227628&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ocue0moz9rkc&fsb=1&dtd=3204
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:01:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
report
sync.teads.tv/um/ Frame 92ED
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECemMGPmCgcq...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmTG1z9fmphCuxvEr7JBETxo6h9NOclQpwae6jEcQyyUuKNY9_z32pJH7ivjGNq0JAgINybP3xQdFVsvR_bYWg1iL7az6ALQHIY
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B
Image
General
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889044&bpp=2941&bdt=115&idt=3202&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3422866323&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079759%2C42532523%2C44795921%2C95320884&oid=2&pvsid=510619576081689&tmod=930227628&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ocue0moz9rkc&fsb=1&dtd=3204
Protocol
H2
Server
2.19.104.4 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-104-4.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Fri, 22 Dec 2023 11:01:32 GMT
pragma
no-cache
date
Fri, 22 Dec 2023 11:01:32 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:01:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 92ED
0
40 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K2UC_PVNd3PrewoXOp92e86mPZil-iCLTv1uGPaJ_UMijANSbYh9D8CkkSmiAp6u_ucexGo5I
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889044&bpp=2941&bdt=115&idt=3202&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3422866323&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079759%2C42532523%2C44795921%2C95320884&oid=2&pvsid=510619576081689&tmod=930227628&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ocue0moz9rkc&fsb=1&dtd=3204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
error_handler.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7DBE
8 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/error_handler.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242892081&bpp=131&bdt=92&idt=332&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1137205606&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531706%2C95320884&oid=2&pvsid=2231393102354728&tmod=1615939969&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ciatwd3whlet&fsb=1&dtd=337
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98943ace7e40462eae22caf1645fadbf7e7d59b696cd3ed0391837e0efa41801
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 20:51:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
50986
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3480
x-xss-protection
0
server
cafe
etag
1596694241577312856
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 20:51:46 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7DBE
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242892081&bpp=131&bdt=92&idt=332&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1137205606&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531706%2C95320884&oid=2&pvsid=2231393102354728&tmod=1615939969&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ciatwd3whlet&fsb=1&dtd=337
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 10:17:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
2627
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 10:17:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7DBE
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242892081&bpp=131&bdt=92&idt=332&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1137205606&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531706%2C95320884&oid=2&pvsid=2231393102354728&tmod=1615939969&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ciatwd3whlet&fsb=1&dtd=337
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
32833
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 01:54:19 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 7DBE
203 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242892081&bpp=131&bdt=92&idt=332&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1137205606&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531706%2C95320884&oid=2&pvsid=2231393102354728&tmod=1615939969&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ciatwd3whlet&fsb=1&dtd=337
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:01:32 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 079F
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CVxwTjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzAFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QMkhwqsWM3SbYehKHzZjEba0GvVnFlDPbR3kxHOwTIQrjlM0cEVpmABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwOACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTg4NDI5NDQ3OTM5MTYzOBiZ0iE&sigh=ahXzkq_o6Vw&uach_m=%5BUACH%5D&cid=CAQSKQAvHhf_qMDfm-jOAltJXcYpBapCKqh0a8bQc6VzXAvO9qUU-pqEDQLPGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889044&bpp=2941&bdt=115&idt=3202&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3422866323&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079759%2C42532523%2C44795921%2C95320884&oid=2&pvsid=510619576081689&tmod=930227628&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ocue0moz9rkc&fsb=1&dtd=3204
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889044&bpp=2941&bdt=115&idt=3202&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3422866323&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079759%2C42532523%2C44795921%2C95320884&oid=2&pvsid=510619576081689&tmod=930227628&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ocue0moz9rkc&fsb=1&dtd=3204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 22 Dec 2023 11:01:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 079F
0
39 B
Image
General
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1j9jafp4kn9ah8v1n2rpnxc35zvkshszf68qa878bgbvcksk25z698ndgypfxq7strpn9vqpcw9x2rbsv5y4nw35cdn9axsaknpcsz93fn2rjy0chtmsgq5exfshj7w3bs20v1n2zrgznm845jmtrfra202810wq4y17sz3n4x9898dfyvfyjwx1masbtjm82wsgrrwhsj79m04sx5vnymmndmtnd1tmzaym3freqax1azsdvnry5ca8qra92156nnjwf4t869qd84gnspmckbnc7na9f8e6fyw15c2n0517jy27awd4m28bbdvb5kq616g8rc1d662h0hxs1kpezkw0q71wjr7s6v38y0458aq4vg9zv98akkp79pzrnffxn1hg6qqa97rkqr8&b=ZYVsjAAETzwH_aMtAAMvh-ZQ1wKQ-bcsEPyIpg&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046730&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889044&bpp=2941&bdt=115&idt=3202&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=3422866323&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079759%2C42532523%2C44795921%2C95320884&oid=2&pvsid=510619576081689&tmod=930227628&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ocue0moz9rkc&fsb=1&dtd=3204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 22 Dec 2023 11:01:32 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame C500
115 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kyed8k67exvqz66enq0ateb4ngactzsqtxkjj0p7y5zy0t4642bge25e75636knbksdhkngzm219hdj48h40k8k58k4agbpe9xn87j454k5avds7tpwnacg4ypnfn1cywq3eshtwjtdhhgzg45byvpfj3gp5zk1nvytzkft17m7hagcrakpxggdc8dvs7nfrrgmmr2915hk3k8kdda0z7q8v321s3vjh6vh6sdqqyn6vnrd2ph9a7yee285dcpw8p7mx06bz99wrpn5wqdp2vspdpqttw7kqyqzf3amsnrstt1623nps3npmbvgmqas0z9zqzcc2m32cyqgcg01z9va7ez7h9nktth4vcf65g3fvsexch7cwb00jxq8sg4w02d8eh8204esyfd2t41pd7agkb8bc6t6x892ztmvz5ednsf4tt7xjv7xsrzd4ywhjbtrz0mz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kyed8k67exvqz66enq0ateb4ngactzsqtxkjj0p7y5zy0t4642bge25e75636knbksdhkngzm219hdj48h40k8k58k4agbpe9xn87j454k5avds7tpwnacg4ypnfn1cywq3eshtwjtdhhgzg45byvpfj3gp5zk1nvytzkft17m7hagcrakpxggdc8dvs7nfrrgmmr2915hk3k8kdda0z7q8v321s3vjh6vh6sdqqyn6vnrd2ph9a7yee285dcpw8p7mx06bz99wrpn5wqdp2vspdpqttw7kqyqzf3amsnrstt1623nps3npmbvgmqas0z9zqzcc2m32cyqgcg01z9va7ez7h9nktth4vcf65g3fvsexch7cwb00jxq8sg4w02d8eh8204esyfd2t41pd7agkb8bc6t6x892ztmvz5ednsf4tt7xjv7xsrzd4ywhjbtrz0mz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
810711
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EzVV%2FmsdTdxaraCIblCcdbWI6Fjzp%2B5Vb1uuUfNaZLJIjdVYvOOHDYdjn6a5DfamnkPUA1MZ0EHsRn4WXvyPRiabyyuMuG9oB28amxGBN3Ng4z8kH2hYOqj0fE6KSIIOzRLykHprKEk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
8397de0f8a56696a-FRA
expires
Sat, 23 Dec 2023 11:01:32 GMT
r62eglto.js
ad4m.at/ Frame C500
24 KB
9 KB
Script
General
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kyed8k67exvqz66enq0ateb4ngactzsqtxkjj0p7y5zy0t4642bge25e75636knbksdhkngzm219hdj48h40k8k58k4agbpe9xn87j454k5avds7tpwnacg4ypnfn1cywq3eshtwjtdhhgzg45byvpfj3gp5zk1nvytzkft17m7hagcrakpxggdc8dvs7nfrrgmmr2915hk3k8kdda0z7q8v321s3vjh6vh6sdqqyn6vnrd2ph9a7yee285dcpw8p7mx06bz99wrpn5wqdp2vspdpqttw7kqyqzf3amsnrstt1623nps3npmbvgmqas0z9zqzcc2m32cyqgcg01z9va7ez7h9nktth4vcf65g3fvsexch7cwb00jxq8sg4w02d8eh8204esyfd2t41pd7agkb8bc6t6x892ztmvz5ednsf4tt7xjv7xsrzd4ywhjbtrz0mz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 09:14:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
179202
etag
W/"aa3e81d21ff1f0e18f4862e53a794952"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xIupzRKK4BsYJ2GK4lvjOS4vU0SjMj8TJn2%2FOxEr%2FCpBrv0XRIcqkHeYeqfrwlH0tBl69RrsCTVBF1bjJWeYJXJ00gRaIz8uIGoclfmpt75bzK75xHchwO6kk9NG9TdP12WW1wg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
8397de0f88859131-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 13 Dec 2023 09:16:49 GMT
error_handler.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4287
8 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/error_handler.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889134&bpp=2967&bdt=88&idt=3265&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C31079979%2C44809531%2C95320869%2C95320884&oid=2&pvsid=1570296872092261&tmod=982348649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ojcf858v2p6&fsb=1&dtd=3272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98943ace7e40462eae22caf1645fadbf7e7d59b696cd3ed0391837e0efa41801
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 20:51:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
50986
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3480
x-xss-protection
0
server
cafe
etag
1596694241577312856
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 20:51:46 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4287
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889134&bpp=2967&bdt=88&idt=3265&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C31079979%2C44809531%2C95320869%2C95320884&oid=2&pvsid=1570296872092261&tmod=982348649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ojcf858v2p6&fsb=1&dtd=3272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 10:17:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
2627
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 10:17:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4287
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889134&bpp=2967&bdt=88&idt=3265&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C31079979%2C44809531%2C95320869%2C95320884&oid=2&pvsid=1570296872092261&tmod=982348649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ojcf858v2p6&fsb=1&dtd=3272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
32833
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 01:54:19 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 4287
203 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889134&bpp=2967&bdt=88&idt=3265&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C31079979%2C44809531%2C95320869%2C95320884&oid=2&pvsid=1570296872092261&tmod=982348649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ojcf858v2p6&fsb=1&dtd=3272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:01:32 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame C718
350 B
910 B
Image
General
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61b -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1926737
alt-svc
h3=":443"; ma=86400
content-length
350
last-modified
Mon, 20 Nov 2023 11:04:04 GMT
server
cloudflare
etag
"e7fc49b61cae983db8c3a1dccf923b93"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iW0O2GocBck41XaxW1pU9ITugwXVNI62yVxzXnh5zDNMY0o7U1vgfoAwLcS0BfZ6K8YY%2Ba2Jg4UaiOJh%2FoCBuHOd5P0CZQZSu5Bp91v3rZXwTlHMFUc33fALxoQjqwKIrSXdxnfCgW%2Fv6lmjmPY%2BqMz8"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8397de105e30694c-FRA
expires
Fri, 29 Nov 2024 03:49:15 GMT
cookie-frame.html
ad4m.at/ Frame 50F6
2 KB
1 KB
Document
General
Full URL
https://ad4m.at/cookie-frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2013481
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status
HIT
cf-ray
8397de0fba7f696a-FRA
content-encoding
br
content-language
en
content-type
text/html
date
Fri, 22 Dec 2023 11:01:32 GMT
expires
Wed, 29 Nov 2023 04:43:03 GMT
last-modified
Tue, 28 Nov 2023 11:49:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z9PEUL7xAcULcYdSU8EM0Vkqglapgd6oq2MQAw2ggsxcQlFqJSUANML5mROiPg3EnPOOh3ciNGNPZl0Fp7Rix6OFAzsXkP4W6%2FQZygWHpYReOUw6mzxx6q4fSv4pDiI6vEOkYRY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
dr
as.ad4m.at/ad/ Frame A75C
2 KB
2 KB
Document
General
Full URL
https://as.ad4m.at/ad/dr?ed=1g75fdxqbvphc982ghfse6v3n1rfe4yj6dqy8se0nwj72v4vy32jajr89v10858n13a4qvfywdfv72p1a2qccnec3nqsm6js0vg576q17zn0tp8sq5mmnz1wh0c2z1gtwvdkvbegvz3s7qb5mjbxbrhjt3yjzdd6eknsg4w7szrf9mfh9gahbsjfzq8t4erabzt1cnym2kthhf93ax0cwp7a1yzmajtz2g8tqx8hx345vmkp7bzqckg0wf19tawmckb6d1ac6fp8ah18myfmsa618m02q31q3fqvascarrqjk8zvqk9120mg6axhjr482741bbkfwwkfaeksd3tkm8vyc9kwgjmm5veaanesdtqgwmp0er2z8tbkzxg38cbmph37zqetxr7gsdx27ntg383ptgqb7zntaxq1113nqvmkrkjdw7qkb3vbwbtk1wbr8cs2gth7v8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%26client%3Dca-pub-5884294479391638%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242892081&bpp=131&bdt=92&idt=332&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1137205606&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531706%2C95320884&oid=2&pvsid=2231393102354728&tmod=1615939969&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ciatwd3whlet&fsb=1&dtd=337
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e0f46b2918e477200be87cb94fe5fcefd6709ca57d8af751446b14a8d0ce298
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
8397de0fba84696a-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:01:32 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 330A
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242892081&bpp=131&bdt=92&idt=332&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1137205606&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531706%2C95320884&oid=2&pvsid=2231393102354728&tmod=1615939969&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ciatwd3whlet&fsb=1&dtd=337
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51698
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 20:39:54 GMT
etag
48472445140208031
expires
Fri, 22 Dec 2023 20:39:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame A043
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssO75IlrGfP3kD2yvIY67gp7ax34yJBKk9hcNztKp_jTq-PW4oLUCoHVO4sy5jsN3cRibmOzfPnTuRS5M9Ftj3lCZ2KQ3wLWllC89uQ8o3wagY_sUujLdDWA7_QjrIjHDMgYVp1GhEUN8jh_3iOiGrjvJeWbkwgEYq-JGVotfrM7S64e8aqaIkZwNZmT5r9qxalsZ4nUiqYxy0alc16B5M-KvTAf5nN1KM7HeaRHOVrBg6_h-rMExQRNiad9oNcp5n5g3_ue1YKsyOGsw_mF3dkuQ6gth7zB0cWBiqKmR_vTEV4HFqG5XKoOwTBpYYMWBZAnwfY6lqvTV3TDwNEBFzcIj7JgF-CGWkkc04M3TwPMRRuPExLRDKn0JoGSqWQUe1yQ9Prj327J6uUdNHyT4U&sai=AMfl-YTH09xM5Eq36puLoWJ1pcTUzOy-hpOyFsbr9hr2I8a_OcTADLBPVhk84hxbGvssndskXHyZIS0JHS6Gr7A&sig=Cg0ArKJSzM1GgDYlxSQIEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 22 Dec 2023 11:01:32 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A043
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc1152c6791393462d034fa657eaf36ac8dcc73b4e22c6258628d55c9ed15481
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12214
x-xss-protection
0
cookie-frame.html
ad4m.at/ Frame BF7D
2 KB
1 KB
Document
General
Full URL
https://ad4m.at/cookie-frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2013481
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status
HIT
cf-ray
8397de0fca96696a-FRA
content-encoding
br
content-language
en
content-type
text/html
date
Fri, 22 Dec 2023 11:01:32 GMT
expires
Wed, 29 Nov 2023 04:43:03 GMT
last-modified
Tue, 28 Nov 2023 11:49:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1eAYO1nfMMQ1PRk49jPdI7IWvSPTgBD9BlpX2A6BS2rOD%2B%2FmgS8PxScCE%2Fjr2vJk6sT316OFksuJ4uFu9MhjwARQBIDblxntleOc5Dl8ZxcG%2BB8xTjnG3QK26XZlSCOgfdQywE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
truncated
/ Frame 7DBE
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42422cb1706c506eb32f3e19a4875cfa09172363192641c062a035d4f46309b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
dr
as.ad4m.at/ad/ Frame C428
2 KB
2 KB
Document
General
Full URL
https://as.ad4m.at/ad/dr?ed=1jz04agx21t9ams746q5g4pjncjm7kvrmvgcs99w3fd1kgb7n2kd4e04m3t7gprnhsd43102ahp1r8p476wj8vas1n0v61s30s4k66pxdzf8vf32dwq9tt3v1wmfnhdq3v7reetcs5vwsyy0c3kjr1wafxyvrdfx42hkvn089znjp5411t35m1zj4v4dmdh2cng9cnbgmnde6xdn2pw5cx118fgf06crq3a1n4arsxzm95kkv0yx2cmw18t8f613y5r8f7rb95ks81q2aw2g32qn4p4tre55wbcknzs0mcvb2tn280yqrtz18cns51qmmc3waad2ny11dgcvh0be7n7d79nhedy7awk8fgzv7rya0gmxdzd0gnespc4zey2rhpbws5d43jq2fxv2yd6cw5b701ckwe76f20n981gazd5j5cky5xf9rkv71va9e6364700vj3&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-lwejGyFZfPvGuKe7_UPzNCDiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0Pa18-Gn5sKix6c_kPnCh-TZdD5h9YMlIv5mPqA18d5yzX2osEflVvrzg5R4kxNTo1uBZD-zKluzx0EoT0jdYq2sMPUo1du29zzeYA7iRoGCXjEY8MxKL-ol_qiNHx4Y644lbmZ41gLF_KsN1XgI30u9ShSUm0ipLW35u7XnVIUE0xIlbz6HE81P4JLfXv8YXS7-38as4WRKGdPEQWh1ifHP2Ubx2dJHT--sJcPN5ctYhMZLvRLP-1W81RPdB7oYkIT7fRhC38RbP4A-tNwTgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN3Ax5zyooMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_16pC8lVHUJk3gPGqrBYOqDnfSAbg%26client%3Dca-pub-5884294479391638%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889134&bpp=2967&bdt=88&idt=3265&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C31079979%2C44809531%2C95320869%2C95320884&oid=2&pvsid=1570296872092261&tmod=982348649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ojcf858v2p6&fsb=1&dtd=3272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
867c548cca19b22658f84703546e5bfd0f399bdb4d0d68ac45b2ff9597e7c97b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
8397de0feab5696a-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:01:32 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4AE4
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889134&bpp=2967&bdt=88&idt=3265&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C31079979%2C44809531%2C95320869%2C95320884&oid=2&pvsid=1570296872092261&tmod=982348649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ojcf858v2p6&fsb=1&dtd=3272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51698
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 20:39:54 GMT
etag
48472445140208031
expires
Fri, 22 Dec 2023 20:39:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame A75C
115 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g75fdxqbvphc982ghfse6v3n1rfe4yj6dqy8se0nwj72v4vy32jajr89v10858n13a4qvfywdfv72p1a2qccnec3nqsm6js0vg576q17zn0tp8sq5mmnz1wh0c2z1gtwvdkvbegvz3s7qb5mjbxbrhjt3yjzdd6eknsg4w7szrf9mfh9gahbsjfzq8t4erabzt1cnym2kthhf93ax0cwp7a1yzmajtz2g8tqx8hx345vmkp7bzqckg0wf19tawmckb6d1ac6fp8ah18myfmsa618m02q31q3fqvascarrqjk8zvqk9120mg6axhjr482741bbkfwwkfaeksd3tkm8vyc9kwgjmm5veaanesdtqgwmp0er2z8tbkzxg38cbmph37zqetxr7gsdx27ntg383ptgqb7zntaxq1113nqvmkrkjdw7qkb3vbwbtk1wbr8cs2gth7v8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1g75fdxqbvphc982ghfse6v3n1rfe4yj6dqy8se0nwj72v4vy32jajr89v10858n13a4qvfywdfv72p1a2qccnec3nqsm6js0vg576q17zn0tp8sq5mmnz1wh0c2z1gtwvdkvbegvz3s7qb5mjbxbrhjt3yjzdd6eknsg4w7szrf9mfh9gahbsjfzq8t4erabzt1cnym2kthhf93ax0cwp7a1yzmajtz2g8tqx8hx345vmkp7bzqckg0wf19tawmckb6d1ac6fp8ah18myfmsa618m02q31q3fqvascarrqjk8zvqk9120mg6axhjr482741bbkfwwkfaeksd3tkm8vyc9kwgjmm5veaanesdtqgwmp0er2z8tbkzxg38cbmph37zqetxr7gsdx27ntg383ptgqb7zntaxq1113nqvmkrkjdw7qkb3vbwbtk1wbr8cs2gth7v8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
810711
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vn9Tq8%2FPALRZ8%2Bno2KGl%2FGA8yzLY83D5DYcugYGG1sACpRGOpdI1ThCd2aP3M%2Fx5Vz0hkv%2FeiP5DDe60mLFk03xIqsSj7jOlaZ8HJ%2FMFdtLRt5MvJtb5%2F2JH5hn3IEKaArPsXxyVZdQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
8397de106b33696a-FRA
expires
Sat, 23 Dec 2023 11:01:32 GMT
r62eglto.js
ad4m.at/ Frame A75C
24 KB
10 KB
Script
General
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g75fdxqbvphc982ghfse6v3n1rfe4yj6dqy8se0nwj72v4vy32jajr89v10858n13a4qvfywdfv72p1a2qccnec3nqsm6js0vg576q17zn0tp8sq5mmnz1wh0c2z1gtwvdkvbegvz3s7qb5mjbxbrhjt3yjzdd6eknsg4w7szrf9mfh9gahbsjfzq8t4erabzt1cnym2kthhf93ax0cwp7a1yzmajtz2g8tqx8hx345vmkp7bzqckg0wf19tawmckb6d1ac6fp8ah18myfmsa618m02q31q3fqvascarrqjk8zvqk9120mg6axhjr482741bbkfwwkfaeksd3tkm8vyc9kwgjmm5veaanesdtqgwmp0er2z8tbkzxg38cbmph37zqetxr7gsdx27ntg383ptgqb7zntaxq1113nqvmkrkjdw7qkb3vbwbtk1wbr8cs2gth7v8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 09:14:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
179202
etag
W/"aa3e81d21ff1f0e18f4862e53a794952"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MaXIjSF4GEVu1HyG2EMhoNnmDPYMKz0%2BlGSPDKXiJ%2BScy4Q%2F%2Fw%2BkGSI6zi3%2F49UCYmu8l9jWON3%2B2iVNkLuDyxIDxCNu6G7ANGufP2AOFizfT3BxljLgQ5CFhWSYxWECYKbzQd0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
8397de106b34696a-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 13 Dec 2023 09:16:49 GMT
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame C428
115 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jz04agx21t9ams746q5g4pjncjm7kvrmvgcs99w3fd1kgb7n2kd4e04m3t7gprnhsd43102ahp1r8p476wj8vas1n0v61s30s4k66pxdzf8vf32dwq9tt3v1wmfnhdq3v7reetcs5vwsyy0c3kjr1wafxyvrdfx42hkvn089znjp5411t35m1zj4v4dmdh2cng9cnbgmnde6xdn2pw5cx118fgf06crq3a1n4arsxzm95kkv0yx2cmw18t8f613y5r8f7rb95ks81q2aw2g32qn4p4tre55wbcknzs0mcvb2tn280yqrtz18cns51qmmc3waad2ny11dgcvh0be7n7d79nhedy7awk8fgzv7rya0gmxdzd0gnespc4zey2rhpbws5d43jq2fxv2yd6cw5b701ckwe76f20n981gazd5j5cky5xf9rkv71va9e6364700vj3&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-lwejGyFZfPvGuKe7_UPzNCDiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0Pa18-Gn5sKix6c_kPnCh-TZdD5h9YMlIv5mPqA18d5yzX2osEflVvrzg5R4kxNTo1uBZD-zKluzx0EoT0jdYq2sMPUo1du29zzeYA7iRoGCXjEY8MxKL-ol_qiNHx4Y644lbmZ41gLF_KsN1XgI30u9ShSUm0ipLW35u7XnVIUE0xIlbz6HE81P4JLfXv8YXS7-38as4WRKGdPEQWh1ifHP2Ubx2dJHT--sJcPN5ctYhMZLvRLP-1W81RPdB7oYkIT7fRhC38RbP4A-tNwTgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN3Ax5zyooMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_16pC8lVHUJk3gPGqrBYOqDnfSAbg%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jz04agx21t9ams746q5g4pjncjm7kvrmvgcs99w3fd1kgb7n2kd4e04m3t7gprnhsd43102ahp1r8p476wj8vas1n0v61s30s4k66pxdzf8vf32dwq9tt3v1wmfnhdq3v7reetcs5vwsyy0c3kjr1wafxyvrdfx42hkvn089znjp5411t35m1zj4v4dmdh2cng9cnbgmnde6xdn2pw5cx118fgf06crq3a1n4arsxzm95kkv0yx2cmw18t8f613y5r8f7rb95ks81q2aw2g32qn4p4tre55wbcknzs0mcvb2tn280yqrtz18cns51qmmc3waad2ny11dgcvh0be7n7d79nhedy7awk8fgzv7rya0gmxdzd0gnespc4zey2rhpbws5d43jq2fxv2yd6cw5b701ckwe76f20n981gazd5j5cky5xf9rkv71va9e6364700vj3&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-lwejGyFZfPvGuKe7_UPzNCDiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0Pa18-Gn5sKix6c_kPnCh-TZdD5h9YMlIv5mPqA18d5yzX2osEflVvrzg5R4kxNTo1uBZD-zKluzx0EoT0jdYq2sMPUo1du29zzeYA7iRoGCXjEY8MxKL-ol_qiNHx4Y644lbmZ41gLF_KsN1XgI30u9ShSUm0ipLW35u7XnVIUE0xIlbz6HE81P4JLfXv8YXS7-38as4WRKGdPEQWh1ifHP2Ubx2dJHT--sJcPN5ctYhMZLvRLP-1W81RPdB7oYkIT7fRhC38RbP4A-tNwTgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN3Ax5zyooMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_16pC8lVHUJk3gPGqrBYOqDnfSAbg%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
810711
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ddxGHYHYGKCXwAjYye94JmX8MsgJoqfmUoZ1KSqkX%2FbQ8b5OsrUqLwHiF4GXF96Jg9TlUpTocDr4VRkV7oa5KAenYZ4cbCXAlzfT13ppMAdpHnUUNleYDxMZ8af4QLHIjvKPfqP%2F8lA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
8397de106b35696a-FRA
expires
Sat, 23 Dec 2023 11:01:32 GMT
r62eglto.js
ad4m.at/ Frame C428
24 KB
10 KB
Script
General
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jz04agx21t9ams746q5g4pjncjm7kvrmvgcs99w3fd1kgb7n2kd4e04m3t7gprnhsd43102ahp1r8p476wj8vas1n0v61s30s4k66pxdzf8vf32dwq9tt3v1wmfnhdq3v7reetcs5vwsyy0c3kjr1wafxyvrdfx42hkvn089znjp5411t35m1zj4v4dmdh2cng9cnbgmnde6xdn2pw5cx118fgf06crq3a1n4arsxzm95kkv0yx2cmw18t8f613y5r8f7rb95ks81q2aw2g32qn4p4tre55wbcknzs0mcvb2tn280yqrtz18cns51qmmc3waad2ny11dgcvh0be7n7d79nhedy7awk8fgzv7rya0gmxdzd0gnespc4zey2rhpbws5d43jq2fxv2yd6cw5b701ckwe76f20n981gazd5j5cky5xf9rkv71va9e6364700vj3&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-lwejGyFZfPvGuKe7_UPzNCDiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0Pa18-Gn5sKix6c_kPnCh-TZdD5h9YMlIv5mPqA18d5yzX2osEflVvrzg5R4kxNTo1uBZD-zKluzx0EoT0jdYq2sMPUo1du29zzeYA7iRoGCXjEY8MxKL-ol_qiNHx4Y644lbmZ41gLF_KsN1XgI30u9ShSUm0ipLW35u7XnVIUE0xIlbz6HE81P4JLfXv8YXS7-38as4WRKGdPEQWh1ifHP2Ubx2dJHT--sJcPN5ctYhMZLvRLP-1W81RPdB7oYkIT7fRhC38RbP4A-tNwTgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN3Ax5zyooMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_16pC8lVHUJk3gPGqrBYOqDnfSAbg%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 09:14:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
179202
etag
W/"aa3e81d21ff1f0e18f4862e53a794952"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wPG0v3afkOOULHgXNtl2jGfbCYkxHZHAEUf%2Fzg5r%2BOnJJsnAy3TVVPfnOiknAg34xmXHQWuZ%2BmCe81wV6PGCr1vHgnfrTeRFBguL%2FKhy7j8DiaNgXj3STT2k35q8SyYt%2BnyCRnk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
8397de106b36696a-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 13 Dec 2023 09:16:49 GMT
pixel
cm.g.doubleclick.net/ Frame 330A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESENOWA24WNW45n776_qQQ9C0&google_cve...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dFl3dDJ4U00xUmdEaHk1&google_gid=CAESENOWA24WNW45n776_qQQ9C0&google_cver=1&google_push=AXcoOmQBhgBTYefk3KopEw5FkhHmsYzBPftBBAVVw-wCZLm...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dFl3dDJ4U00xUmdEaHk1&google_gid=CAESENOWA24WNW45n776_qQQ9C0&google_cver=1&google_push=AXcoOmQBhgBTYefk3KopEw5FkhHmsYzBPftBBAVVw-wCZLmrPoEJgnHQBtXYFS5hRTNULK-pdAZaV_-QFzzUft0cKIKAX4VtlxCH
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242892081&bpp=131&bdt=92&idt=332&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1137205606&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531706%2C95320884&oid=2&pvsid=2231393102354728&tmod=1615939969&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ciatwd3whlet&fsb=1&dtd=337
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:01:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 22 Dec 2023 11:01:32 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-006fa252bd7417634@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dFl3dDJ4U00xUmdEaHk1&google_gid=CAESENOWA24WNW45n776_qQQ9C0&google_cver=1&google_push=AXcoOmQBhgBTYefk3KopEw5FkhHmsYzBPftBBAVVw-wCZLmrPoEJgnHQBtXYFS5hRTNULK-pdAZaV_-QFzzUft0cKIKAX4VtlxCH
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 330A
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEL1LUNv8Asv3W_BguzJpGjg&google_cver=1&google_push=AXcoOmTNXWZ3DQmPeeH4560SL09GeMIBKGaLSDEwHdx_FAlWiuySsd8mm2yIAKm_FGEVv1yiXc9ecAvw_VIM-hqLryCo-iP...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEL1LUNv8Asv3W_BguzJpGjg&google_cver=1&google_push=AXcoOmTNXWZ3DQmPeeH4560SL09GeMIBKGaLSDEwHdx_FAlWiuySsd8mm2yIAKm_FGEVv1yiXc9ecAvw_VIM-hqLryCo-...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTNXWZ3DQmPeeH4560SL09GeMIBKGaLSDEwHdx_FAlWiuySsd8mm2yIAKm_FGEVv1yiXc9ecAvw_VIM-hqLryCo-iPXqehx
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTNXWZ3DQmPeeH4560SL09GeMIBKGaLSDEwHdx_FAlWiuySsd8mm2yIAKm_FGEVv1yiXc9ecAvw_VIM-hqLryCo-iPXqehx
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:01:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTNXWZ3DQmPeeH4560SL09GeMIBKGaLSDEwHdx_FAlWiuySsd8mm2yIAKm_FGEVv1yiXc9ecAvw_VIM-hqLryCo-iPXqehx
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 330A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDzowZC0slH0Xl1g0Hdn01c&google_cver=1&google_push=AXcoOmQ4jAz9hHXapgdM9_-9llrZlM7gzBvtvXzxJPKmIFroJ8OVdryauQCyzj6w-cjYOnRP6C6blKXQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY2NDIzNDUzOTk1NzEwODcyNQ&google_push=AXcoOmQ4jAz9hHXapgdM9_-9llrZlM7gzBvtvXzxJPKmIFroJ8OVdryauQCyzj6w-cjYOnRP6C6blK...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY2NDIzNDUzOTk1NzEwODcyNQ&google_push=AXcoOmQ4jAz9hHXapgdM9_-9llrZlM7gzBvtvXzxJPKmIFroJ8OVdryauQCyzj6w-cjYOnRP6C6blKXQSRBje3IClYsGqip7yVCn
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242892081&bpp=131&bdt=92&idt=332&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1137205606&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531706%2C95320884&oid=2&pvsid=2231393102354728&tmod=1615939969&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ciatwd3whlet&fsb=1&dtd=337
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:01:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:01:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY2NDIzNDUzOTk1NzEwODcyNQ&google_push=AXcoOmQ4jAz9hHXapgdM9_-9llrZlM7gzBvtvXzxJPKmIFroJ8OVdryauQCyzj6w-cjYOnRP6C6blKXQSRBje3IClYsGqip7yVCn
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
-
s.ad.smaato.net/c/n/// Frame 330A
0
236 B
Image
General
Full URL
https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEDlLTQvT6OS2pO2z6MwAMYE&google_cver=1&google_push=AXcoOmTi2BEaLi-rq1hpxVCD5pha2WeTD0UqMHILvm2baM27wC6fqTQHw6s3n8dqcOlzMCfY1zgwW0hE2LTYGNfwLywOnQvzpXs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242892081&bpp=131&bdt=92&idt=332&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1137205606&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531706%2C95320884&oid=2&pvsid=2231393102354728&tmod=1615939969&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ciatwd3whlet&fsb=1&dtd=337
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25e8:3400:1b:5138:8a40:93a1 -, , ASN (),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
cache-control
no-cache, must-revalidate
via
1.1 e07bd6386c24c4e98bde2dc8881304ee.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS1-P3
x-amz-cf-id
Dax2bfplvYFuju12mVYjGYM0GZCWxVzDMj2lT6R_eTkKuBbjcKUptA==
x-cache
Miss from cloudfront
pixel
cm.g.doubleclick.net/ Frame 330A
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEC...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRNhMqqXYMMclnIZBtirKgkbTblI8Cc9FXdZxz4Wcf4Gos2eVfxrt4XiXNQVPbO-XAcVYYXodKWiaeqkP7F-2LUVrdwPbI&redir=https%3A%2F%2Fcm.g.double...
  • https://sync.targeting.unrulymedia.com/csync/RX-1e27c462-4877-430c-a868-93eb3e6f316e-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRNhMqqXYMMclnIZBtir...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRNhMqqXYMMclnIZBtirKgkbTblI8Cc9FXdZxz4Wcf4Gos2eVfxrt4XiXNQVPbO-XAcVYYXodKWiaeqkP7F-2LUVrdwPbI&google_hm=Ax4nxGJId0MMqGiT6z5vMW4
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRNhMqqXYMMclnIZBtirKgkbTblI8Cc9FXdZxz4Wcf4Gos2eVfxrt4XiXNQVPbO-XAcVYYXodKWiaeqkP7F-2LUVrdwPbI&google_hm=Ax4nxGJId0MMqGiT6z5vMW4
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:01:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRNhMqqXYMMclnIZBtirKgkbTblI8Cc9FXdZxz4Wcf4Gos2eVfxrt4XiXNQVPbO-XAcVYYXodKWiaeqkP7F-2LUVrdwPbI&google_hm=Ax4nxGJId0MMqGiT6z5vMW4
date
Fri, 22 Dec 2023 11:01:33 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX1e27c4624877430ca86893eb3e6f316e003
content-type
text/html
report
sync.teads.tv/um/ Frame 330A
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESECemMGPmCgcq...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmTOoJkt-JlUa27kBpikmwLt7awp87fsgh28HTE48eKTHJjib9sK6H0im81v_jNRyNQrZ3fc-tMUV24bf67TisnDMN3S-l0Xbg
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B
Image
General
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242892081&bpp=131&bdt=92&idt=332&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1137205606&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531706%2C95320884&oid=2&pvsid=2231393102354728&tmod=1615939969&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ciatwd3whlet&fsb=1&dtd=337
Protocol
H2
Server
2.19.104.4 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-104-4.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Fri, 22 Dec 2023 11:01:33 GMT
pragma
no-cache
date
Fri, 22 Dec 2023 11:01:33 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:01:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 330A
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJ0uOcH9pILQwopB74d6Asc&google_cver=1&google_push=AXcoOmRgTRGDNSFsGzKKdJpZbSIm1iT6Q7jnaE6pXaFKQ9gUGZDryJ7Td3nd0bkotymuQk6pU92BmG-ZlHyI3SnKuwE-ka4xOQIaiw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242892081&bpp=131&bdt=92&idt=332&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1137205606&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531706%2C95320884&oid=2&pvsid=2231393102354728&tmod=1615939969&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ciatwd3whlet&fsb=1&dtd=337
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.41.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-41-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame 330A
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JcLtrBNfIU7l24EE0h0A1YoIMifzxDkD4Y-1hry7mp3FWNhWLV6fO4vn6O0Q5XXWWYL2k12Tg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242892081&bpp=131&bdt=92&idt=332&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1137205606&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531706%2C95320884&oid=2&pvsid=2231393102354728&tmod=1615939969&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ciatwd3whlet&fsb=1&dtd=337
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
current
dclk-match.dotomi.com/match/bounce/ Frame 4AE4
0
103 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDNWXNF6YnE-jKEp9D4tA7Y&google_cver=1&google_push=AXcoOmTQqNsSy0wMQBBLVhCCxuNNnpkzDJiTFrGOSzT81mjRGwvAVDSf6tHmW2DSGpNCQOkzQCMl_kbAIU_cvQbCDN5N6RTD0-B_
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889134&bpp=2967&bdt=88&idt=3265&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C31079979%2C44809531%2C95320869%2C95320884&oid=2&pvsid=1570296872092261&tmod=982348649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ojcf858v2p6&fsb=1&dtd=3272
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:01:32 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 4AE4
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEKmSpIvl-YexYsFoLlkhQE0&google_cver=1&google_push=AXcoOmSgRVTv0rI6pUJTIZWbi5VrWm_OH4CNJOS8r5XdtJhUcEe3YxDAzGQYSkwy_Vp_9VfyFTA5s7J52i70HiJCyfqaKMTcSVig
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=92094092DF0A4340841270F42541A162&google_push=AXcoOmSgRVTv0rI6pUJTIZWbi5VrWm_OH4CNJOS8r5XdtJhUcEe3YxDAzGQYSkwy_Vp_9VfyFTA5s7J52i70HiJ...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=92094092DF0A4340841270F42541A162&google_push=AXcoOmSgRVTv0rI6pUJTIZWbi5VrWm_OH4CNJOS8r5XdtJhUcEe3YxDAzGQYSkwy_Vp_9VfyFTA5s7J52i70HiJCyfqaKMTcSVig
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889134&bpp=2967&bdt=88&idt=3265&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C31079979%2C44809531%2C95320869%2C95320884&oid=2&pvsid=1570296872092261&tmod=982348649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ojcf858v2p6&fsb=1&dtd=3272
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:01:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 22 Dec 2023 11:01:32 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=92094092DF0A4340841270F42541A162&google_push=AXcoOmSgRVTv0rI6pUJTIZWbi5VrWm_OH4CNJOS8r5XdtJhUcEe3YxDAzGQYSkwy_Vp_9VfyFTA5s7J52i70HiJCyfqaKMTcSVig
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 21 Dec 2023 11:01:32 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 4AE4
43 B
362 B
Image
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSEyOU1LdU1hpsAStABOsffWzeY4uejfZ0r6ym8Ckvf7dAvpU-aYsFtGWvuycxoepqi5tRbcue0p5NrW3P6QniIMRaFex5i&google_gid=CAESEHMkx1PcI7xWWJkVBJtasQA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889134&bpp=2967&bdt=88&idt=3265&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C31079979%2C44809531%2C95320869%2C95320884&oid=2&pvsid=1570296872092261&tmod=982348649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ojcf858v2p6&fsb=1&dtd=3272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:01:32 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
250088
expires
Fri, 22 Dec 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4AE4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHGPse3mVBIJjZz8IhpC3To&google_cver=1&google_push=AXcoOmT2xEj12KW8NAj4bi78artyaKuHwdpFcF7EiPK-xcbJiVRkDDrpHjlOWIKoGQvEI5vTE0b...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFHSVVCOE8tMTMtSzA3Sw==&google_push=AXcoOmT2xEj12KW8NAj4bi78artyaKuHwdpFcF7EiPK-xcbJiVRkDDrpHjlOWIKoGQvEI5vTE0bIY2MZkLcsMYEDKXXU5Z8G6Lo
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFHSVVCOE8tMTMtSzA3Sw==&google_push=AXcoOmT2xEj12KW8NAj4bi78artyaKuHwdpFcF7EiPK-xcbJiVRkDDrpHjlOWIKoGQvEI5vTE0bIY2MZkLcsMYEDKXXU5Z8G6Lo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889134&bpp=2967&bdt=88&idt=3265&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C31079979%2C44809531%2C95320869%2C95320884&oid=2&pvsid=1570296872092261&tmod=982348649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ojcf858v2p6&fsb=1&dtd=3272
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:01:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFHSVVCOE8tMTMtSzA3Sw==&google_push=AXcoOmT2xEj12KW8NAj4bi78artyaKuHwdpFcF7EiPK-xcbJiVRkDDrpHjlOWIKoGQvEI5vTE0bIY2MZkLcsMYEDKXXU5Z8G6Lo
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
Expires
0
pixel
cm.g.doubleclick.net/ Frame 4AE4
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOhiMUubKFKX2a_EPnTAuDU&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOhiMUubKFKX2a_EPnTAuDU&google_push=AX...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOhiMUubKFKX2a_EPnTAuDU&google_hm=ZYVsjfZiGd6ghCryqwmsHwAAFKoAAAAB&google_nid=index&google_push=AXcoOmRM38dVldt7SdXZ-TVbLOzqH3JjwnSOI...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOhiMUubKFKX2a_EPnTAuDU&google_hm=ZYVsjfZiGd6ghCryqwmsHwAAFKoAAAAB&google_nid=index&google_push=AXcoOmRM38dVldt7SdXZ-TVbLOzqH3JjwnSOI-egYKK6pW86dv5_JjD7DsbRLhpw7MH3k5bjnlAWs-Rkt3UB3J42Qm2IeU0-6Y2B
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:01:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MABe3L%2Bv%2BImRMjlFv0E%2FWPXDA%2BLz4CkVh3jMrggZPR1DXJisgsyR7xSAwmLhdNlFRlcCykm1Jh%2B66MKWrh7V5EIPpAvhAa5JgtxyLYwrVQmN%2BWXQT%2B4B8UfJufNY3EVXMDPJu03U%2B8HetA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOhiMUubKFKX2a_EPnTAuDU&google_hm=ZYVsjfZiGd6ghCryqwmsHwAAFKoAAAAB&google_nid=index&google_push=AXcoOmRM38dVldt7SdXZ-TVbLOzqH3JjwnSOI-egYKK6pW86dv5_JjD7DsbRLhpw7MH3k5bjnlAWs-Rkt3UB3J42Qm2IeU0-6Y2B
cache-control
no-cache
cf-ray
8397de12fed5453a-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
/
onetag-sys.com/match/ Frame 4AE4
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEGjB83VX9zOJkylftHhzN50&google_cver=1&google_push=AXcoOmSi1kVz64WPryjs4GSKl6XvzzY5ra6xkoMAOEhwcNrfXIh7ERk4fjWXE6arZT74PZ3CdZkKcLmesiq...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSi1kVz64WPryjs4GSKl6XvzzY5ra6xkoMAOEhwcNrfXIh7ERk4fjWXE6arZT74PZ3CdZkKcLmesiq5n91dEnwGNLwxkOoyrg
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889134&bpp=2967&bdt=88&idt=3265&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C31079979%2C44809531%2C95320869%2C95320884&oid=2&pvsid=1570296872092261&tmod=982348649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ojcf858v2p6&fsb=1&dtd=3272
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:01:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4AE4
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEHy36zJnR_DAkjxjrYqmApg&google_cver=1&google_push=AXcoOmTBD2ELzsoj6...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODk1MTMwMTA1MzgzMzQ2ODQ3MQ%3D%3D&google_gid=CAESEHy36zJnR_DAkjxjrYqmApg&google_cver=1&google_push=AXcoOmTBD2ELzsoj6ek979Hy4QP_C6qfOg...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODk1MTMwMTA1MzgzMzQ2ODQ3MQ%3D%3D&google_gid=CAESEHy36zJnR_DAkjxjrYqmApg&google_cver=1&google_push=AXcoOmTBD2ELzsoj6ek979Hy4QP_C6qfOgndxCYVQAsARbjlIQfY9WjxDudttW_LW2GH-DiZMSfDeEtg2lfOxysNUCMbVv7e1qfXzw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889134&bpp=2967&bdt=88&idt=3265&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C31079979%2C44809531%2C95320869%2C95320884&oid=2&pvsid=1570296872092261&tmod=982348649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ojcf858v2p6&fsb=1&dtd=3272
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:01:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:01:32 GMT
an-x-request-uuid
124b91cc-3758-4ed6-84f2-7655fa00ea76
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODk1MTMwMTA1MzgzMzQ2ODQ3MQ%3D%3D&google_gid=CAESEHy36zJnR_DAkjxjrYqmApg&google_cver=1&google_push=AXcoOmTBD2ELzsoj6ek979Hy4QP_C6qfOgndxCYVQAsARbjlIQfY9WjxDudttW_LW2GH-DiZMSfDeEtg2lfOxysNUCMbVv7e1qfXzw
x-proxy-origin
80.255.7.100; 80.255.7.100; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 4AE4
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LbChtnDqC8ptXE9LRqKTBPYtI9QQMeyrldJwJsnVVbK1DCyzaJ7JpwoiPAXv4udq5JM7tcBy0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889134&bpp=2967&bdt=88&idt=3265&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C31079979%2C44809531%2C95320869%2C95320884&oid=2&pvsid=1570296872092261&tmod=982348649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ojcf858v2p6&fsb=1&dtd=3272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame C500
350 B
639 B
Image
General
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61b -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1926737
alt-svc
h3=":443"; ma=86400
content-length
350
last-modified
Mon, 20 Nov 2023 11:04:04 GMT
server
cloudflare
etag
"e7fc49b61cae983db8c3a1dccf923b93"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WVjMXlpIvj2QY32XmOQOVrkWS6mqpQiASnxVGYuMejVRL9qg3c6NDWjPzjPWT0O6VO%2Fe5cVdeB26TyNDmtyD4z0W8kamKI2A%2FeLXGIfvWW1ncEzIgLlz%2BCZEkoluG0iANwBfrCcKXxQ6cXs6i%2BOvxKUB"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8397de10be7a694c-FRA
expires
Fri, 29 Nov 2024 03:49:15 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C1D6
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvm--swa5_uj6Lw_QjYc07bDEYFzmjdhRDXXtSi2Jqpp4T9LCE18rPjBByUm3orTTdlfGlv6IkNPM6nC6eId6fxXb8MKtlyq7t9uVP6Cnz-ZV0MD_KNu0earKxgTOQcOHoyIJ5t9fkdmsglluEqblMQTdRwAC2T5XGtFar2dH7GYFkmcSdKKy9tl9uv4pXnSaZUq2cPuget84j4GZ_IVdPARD5GMt5RkIlbAJFkjyJTOsiGcNGeh7w-D5qnbtJwcNowMWop0pN9TOr5IQHWFELQpSA9em7VyJjMxBWl3zzPMxHJfsJBRs5qdYHzsoYuxLhAUeqr78DAMUkG2hbByTV2CECo_YqrzBfk_vR6-Bf1zYjgZ2Cm4EKciJVBB-tQpO0F_h8d_57YG6Ugeq1n46SN&sai=AMfl-YQ_19glfGPCK4l_EjmEM8VFFN3qDcYiHL2MDpB1Ku3ZOGKKWVlI2tYaJe2AyI3yIBMKCRquckTZHNMzQYA&sig=Cg0ArKJSzGua9Aih0G_iEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 22 Dec 2023 11:01:32 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C1D6
15 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
94fd0fbd71fd2b1ebc82c0404b3bd76c9099bbee0c5361a7069822f889728be4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11939
x-xss-protection
0
cookie-frame.html
ad4m.at/ Frame A4C6
2 KB
1 KB
Document
General
Full URL
https://ad4m.at/cookie-frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2013481
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status
HIT
cf-ray
8397de10cb95696a-FRA
content-encoding
br
content-language
en
content-type
text/html
date
Fri, 22 Dec 2023 11:01:32 GMT
expires
Wed, 29 Nov 2023 04:43:03 GMT
last-modified
Tue, 28 Nov 2023 11:49:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2d7R8sPslbi7itYtP7JCnQVl5vVqYIFcAi3JkroNC7eQU1LPlUf28UrrTtxG4qzCL3koBMzBmHUOgmV9Fmh9RwvOCk83RrUv7XsIwwguSf0X6epISy%2BGBRCTjTCBbMY%2F8mLRr4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
rs
ad4m.at/ Frame
0
0
Preflight
General
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8397de1288dc3644-FRA
content-length
24
content-type
text/plain
date
Fri, 22 Dec 2023 11:01:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4SVxT0Y4ROBnfyIZ5s%2FCZVGWMC7KlzHJlcFo670zVDPBhquHslB4%2Ff7Lagss74XcYjeWj8Aci%2FUdq6lPCaSAUicy4nF%2FCOrLeoE8aXSP71%2FCT7BtZS3RNEdt9%2FCJKHi8ubhSqv0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-qqr2
rs
ad4m.at/ Frame C718
1 KB
1 KB
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
19b72a92913062223f56ea8d20589267234fd8ee714fb46607968711a9d6d63d

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jFQp36NAJs1dxey5BbTMXs%2FPYV9FM3pAuVJkAIT7qeik9hSumMbsEfBAJIZsvoX6QZHpSArSdC2365v8skHGUUNRoPSnsUqkMx8xVCG7zAZ8oyGCV5JdqN5NKRvLFuOWUoKxycE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
8397de12f96b3644-FRA
x-backend-server
aa-reachservice-group-europe-west1-qqr2
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame 4527
1 KB
1 KB
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b2da1d8d97bf0f9c6b91a686f349e4ce0e46f0c24ce6ffede5568a2225139b8f

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1tAl2KYOYzZCdmCjqP6Fwbq6D7oaMsEgd2AvcZarGwgdcs2%2F3nTq6cmo5IFYt%2B2nuWk9t%2B9cSC1zL%2Bx8nnfTKMUcvVNlmEcuutbqTgPptjCZkTarf0xVUUzWMkj8CtLs2J5I0o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
8397de12f9663644-FRA
x-backend-server
aa-reachservice-group-europe-west1-p07n
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame
0
0
Preflight
General
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8397de1288e33644-FRA
content-length
24
content-type
text/plain
date
Fri, 22 Dec 2023 11:01:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FxvAfadGx23%2BiNtVGb8yiWLKr2D2EGKIf9NB%2FMXVDifN90EMKME%2BKmv1%2F%2FAGIBpfhlxXD71jBMFAPSyVbZcX4GMOtGyOLQRS32xuMCOM1Xre05nhXrodhfviqQvQhCN%2FeMXxwuU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-p07n
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A043
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 22 Dec 2023 11:01:32 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame A75C
350 B
639 B
Image
General
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61b -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1926737
alt-svc
h3=":443"; ma=86400
content-length
350
last-modified
Mon, 20 Nov 2023 11:04:04 GMT
server
cloudflare
etag
"e7fc49b61cae983db8c3a1dccf923b93"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ocoCB66YTcGVB%2BeI%2FGW2y9yCCNx5nc4U3cdOOmQRS6ALLAkGmcenOj6WTN8MQpIbQNW47ykvP2DJVSOiDPMj%2FUfyC0hlVY%2BB67rHM0Fiy1BsKBZbN%2F3YF19luLMH3FEVncnEHacnbT59sPm8tATtbR7L"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8397de10fec5694c-FRA
expires
Fri, 29 Nov 2024 03:49:15 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 4287
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cg1kOjGyFZfPvGuKe7_UPzNCDiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzQFP0Pa18-Gn5sKix6c_kPnCh-TZdD5h9YMlIv5mPqA18d5yzX2osEflVvrzg5R4kxNTo1uBZD-zKluzx0EoT0jdYq2sMPUo1du29zzeYA7iRoGCXjEY8MxKL-ol_qiNHx4Y644lbmZ41gLF_KsN1XgI30u9ShSUm0ipLW35u7XnVIUE0xIlbz6HE81P4JLfXv8YXS7-38as4WRKGdPEQWh1ifHP2Ubx2ZBFbn173ESNLUwQEhwCL-D2718R3z3F2jra2RYD6QZuxxGHoMD2gAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN3Ax5zyooMDgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU4ODQyOTQ0NzkzOTE2MzgYmdIh&sigh=yvTyaQaQekQ&uach_m=%5BUACH%5D&cid=CAQSKQAvHhf_9BEQedlX9m4weRpgTVXz4zseFG4p1UgPPDx02RaD9SDs-3svGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889134&bpp=2967&bdt=88&idt=3265&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C31079979%2C44809531%2C95320869%2C95320884&oid=2&pvsid=1570296872092261&tmod=982348649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ojcf858v2p6&fsb=1&dtd=3272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889134&bpp=2967&bdt=88&idt=3265&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C31079979%2C44809531%2C95320869%2C95320884&oid=2&pvsid=1570296872092261&tmod=982348649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ojcf858v2p6&fsb=1&dtd=3272
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 22 Dec 2023 11:01:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 4287
0
39 B
Image
General
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1hpj4zkpx7g8tdccjqj8k6g080k94tw1qjayxkv990ybwg3937h87d7nvrnz75gtsm9jn7ksb6zcqxx7zfkav11e5qvbc72a28ys2tzznwqey92kwvp13cps70rqrtb36h0ehk643nztdf8w1by7xc8c5xxf9pg6vr9wx3s05sx87xqfhc9qeb32k0qntjsg8cdtej05a5726c2pfwepzs7qdh17h5216csfx93h1mfxycnxkq9n12qjxctfyfsyne02mc8yxq9e23ejcabcc4eh06by8j5d91hqf8b9vfm00x6mgqrvsczvhatqzmp1pw5pmcbw5ghk0jahtn7vrmvdwrgmdgpqdtpt4v3vrbkkfm8q5xcgj2e6essf2pc157rykcr2zr6tjt0&b=ZYVsjAAGt_MIu89iAADoTLp-SSmIlEQ9d71lbg&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242889134&bpp=2967&bdt=88&idt=3265&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3124176779&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C31079979%2C44809531%2C95320869%2C95320884&oid=2&pvsid=1570296872092261&tmod=982348649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4ojcf858v2p6&fsb=1&dtd=3272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 22 Dec 2023 11:01:32 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
cookie-frame.html
ad4m.at/ Frame 6555
2 KB
1 KB
Document
General
Full URL
https://ad4m.at/cookie-frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2013481
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status
HIT
cf-ray
8397de110bc1696a-FRA
content-encoding
br
content-language
en
content-type
text/html
date
Fri, 22 Dec 2023 11:01:32 GMT
expires
Wed, 29 Nov 2023 04:43:03 GMT
last-modified
Tue, 28 Nov 2023 11:49:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfCjl6EENvE5kF2J67wyZR%2BnNuXQF7xF57WuClSzCF%2FRU%2FRWDfY8SStvHWdaHMYyX77IUjImPkXveIutEJ94b%2BD2YHWdirxco%2BruwA%2Bpc9DKxTLe1FMOpvH%2B62%2B%2FD54hB9uRBE4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
cookie-frame.html
ad4m.at/ Frame 8561
2 KB
1 KB
Document
General
Full URL
https://ad4m.at/cookie-frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2013481
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status
HIT
cf-ray
8397de110bc4696a-FRA
content-encoding
br
content-language
en
content-type
text/html
date
Fri, 22 Dec 2023 11:01:32 GMT
expires
Wed, 29 Nov 2023 04:43:03 GMT
last-modified
Tue, 28 Nov 2023 11:49:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUtptv0dH03EyCJ2nElYtbldarDddNtGWZwitMEn08GHh8u2UdWmhiY51d6SxS%2FGHx9K1MkbKXPaxmIkKtAzLttBFS%2FAnX%2FU6eCfbM9GNF8xsdiLQY6nI4i%2BvUC%2FEnAw6u4bBmE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C1D6
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 22 Dec 2023 11:01:33 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B569
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2506
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 10:19:47 GMT
expires
Sat, 21 Dec 2024 10:19:47 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B5DD
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
29ef0739d5603f89381de3d3cd955be635a16c212f5122ef604feefb145a19f3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ePmoiYu3h_0UYCnbug81tw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ePmoiYu3h_0UYCnbug81tw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:01:33 GMT
expires
Fri, 22 Dec 2023 11:01:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
view
securepubads.g.doubleclick.net/pcs/ Frame 3138
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIKP2UUA5dgz_i1jIDt_l8elvdj1yAv3Ie6sFLPEdDit2CcX8ZyqCXzM2kHTxxydqZqZuNiyoBnocR-WaUGRxuYEzUG7lVgS_kVMhHb1l8be9ybxbSFxZVeV82ymTRIa8_Sv5ie7n7GWZ5fI9uF5JQm53Q99B6eMjClssdmdsL4RNh8dTuffAWrkUKzpgAOV3UmU0C4wewNroTo1SsZRfQORwGFGSaGX31erKblHWNLeDif5g9nb4tAMZttJEngORjKwIfIoFGCjEnkngdod3g46wZ1dGeddHaof2bg4D_zRK7Z-V1enkO8MXdivY9yviYGQHxpguuRjW3qt_QPMN3QzPffV1kXeQY-CX3j9rsN_0VFGCXXwKek6PsarwAxc4t7g7Ek0OzjaFLpVqKodmz&sai=AMfl-YR7JjnIfEUegI7jhXOyil8ANoXkR4RbCo6J1Iq815ShaR4XjZpNQrpsHH6TKu8rpymmWUNrzIqMrRNnXpg&sig=Cg0ArKJSzM3Riq4K4nKvEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 22 Dec 2023 11:01:33 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3138
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78693fd6e7380b2962ece513f734b418641b263e302684660323b93961ce7bf2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12237
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame F791
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstdpBAYussLxI_Ko1cOjkIvPaUqC1P-_yikv6amIHD2oWZerrR5Y6o2RDmeU42N123Z9pyPkNpL7n-yxcYXXTrY5i3BUZoGvo3afSh7nmS_zHzrcf3_cdM7CaPsZxf8vrJGHKW3ThnUzGiGrRISYFl3dGeBaSPzpHc9sVk8qFJmZVESFda501CXrO9fykOUFvtWiwfH-3HpV0YVcUGaucelvnmQz828NDs4Ug6pMDcnHJT0qV22MQSj1EAUT9oN7UappBMWZ3U5EEusb0vkSY6kyEM-WYTw9eUH7K4C426j7gy-u4XKIj-gGOo7LDipYJSZbxwxwlsq_fP9DR9wkIdyVwC9RVl9P45Pz7v0Bx-zfCfONVmRqiqPhI06_9P2swJo8nrIHpjAmZEIOfKyjmw&sai=AMfl-YTyELNjPFVaD4o_uv9Tc3s6OfeGeZvqgaZ2qdHpMDQSysYh68P2O9c9H1OuRSG0cs3AkczR2-0MMwjF_z8&sig=Cg0ArKJSzGNA1m5qeWePEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 22 Dec 2023 11:01:33 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F791
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec227134d399227fe358e0086b7e5537b5274cd941b5b5fb0e565c4eb13a56b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12130
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 7DBE
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cbr5kjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzQFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_Yb33_1fjSZowh-7hH81-K9VITf8atQGn1AKqA3EL27NXU8KzIn1gAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwOACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTg4NDI5NDQ3OTM5MTYzOBiZ0iE&sigh=BBqnDqHhDZE&uach_m=%5BUACH%5D&cid=CAQSKQAvHhf_XPsKTJ06_Vi1oeLMb8hn04J9hXLc7KxEvNVhbcOr92Te5lx6GAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242892081&bpp=131&bdt=92&idt=332&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1137205606&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531706%2C95320884&oid=2&pvsid=2231393102354728&tmod=1615939969&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ciatwd3whlet&fsb=1&dtd=337
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242892081&bpp=131&bdt=92&idt=332&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1137205606&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531706%2C95320884&oid=2&pvsid=2231393102354728&tmod=1615939969&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ciatwd3whlet&fsb=1&dtd=337
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 22 Dec 2023 11:01:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 7DBE
0
11 B
Image
General
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1jnmkcsmhcskhz5zg09avxrarjks2t5n5gv1dncz50p8eqkg0ag55pmgq63ez7bmvs3swptxk5swshr3j7w8httdhmpnwwd48e0ap8qfmq4qjxd35trkqv0xtrn4gywcsxjqymp5sxrprjxq70yenmgztxt7njz9ymv1xb7nkccf5bdcxbbt7mhajfm9jnz85s8zehpyst5rz6h9cfs62mzj43be1vr2adf7weewxsyc1fy8s5js7xdc94ptkke348359yatg7q3h0ng70kby26xexbc02y8znvv052f2b95dppkhxpxm5ns9y6h2k9ygxcvgt8a39zs80ce24jcr8xw9z98pxwhqq2jf94b135qbf8wzzn26yev4da5psvfw99anzjq08qng4r&b=ZYVsjAAG8NoIu8PUAAKNszvlctmc_hJ4PED5eg&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046728&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703242892081&bpp=131&bdt=92&idt=332&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=5904&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=1137205606&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C42531706%2C95320884&oid=2&pvsid=2231393102354728&tmod=1615939969&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ciatwd3whlet&fsb=1&dtd=337
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 22 Dec 2023 11:01:33 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6085
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2506
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 10:19:47 GMT
expires
Sat, 21 Dec 2024 10:19:47 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8C25
829 B
769 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
26030c67cb2fdca21d7a79476616fdb6466ff96e9708a24c4c1f6677b6ad55f3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-f2pL2kudCwcKBwrwZn4x-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-f2pL2kudCwcKBwrwZn4x-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:01:33 GMT
expires
Fri, 22 Dec 2023 11:01:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
rs
ad4m.at/ Frame
0
0
Preflight
General
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8397de12b91f3644-FRA
content-length
24
content-type
text/plain
date
Fri, 22 Dec 2023 11:01:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cLsgdbk5SgHoh3TTKsHJvTixqirKRaESXKrCn3PIkDIYnRY8%2BZfRG%2BKtSQ%2BRCHR3s5AuE45dTI5u0RCyhFUEUcSiqtvga7oBQITLGOTpQLL03uQeT4UWPKw9ByPfv6iPXHUE3BY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-qqr2
rs
ad4m.at/ Frame C500
2 KB
2 KB
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e817fe0df75a2ccb8908c15918c041961d4dd252ed0ef6a33fc8aad26ca00161

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RXhEOBCiDW5ELpZXvPbeM8%2F%2BUbuG%2F9LlnZJWmpV93fIX4MjgZw0rGUiJdp8F%2FcytP35WLk8gi1T8MRPxGIrWZWpPihj%2BQLLVwqOS7QnOKkC1FcBSy1ocfkU0xMT2MACQ3K2gB7E%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
8397de1329aa3644-FRA
x-backend-server
aa-reachservice-group-europe-west1-p07n
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame C428
1 KB
1 KB
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
c8faf99fd993e58fc0a8cd69550d2a57eebf491b4a8bc7bbf9fa7fb2d7ac39b7

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EIk4UFWFAl5O8DYYwBFtr0YUAwJ96yMxBe%2FHIs%2F4v7XpRQvwwFwOO6WfJsCjSddbAcU6gALK4RyoyMqXCT6XqnW%2F%2FcBIfFJrCnea8pjmLYtxV7UCIp8HdMPGdKTJGyqEoKvdnbo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
8397de1329bb3644-FRA
x-backend-server
aa-reachservice-group-europe-west1-qqr2
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame
0
0
Preflight
General
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8397de12b9213644-FRA
content-length
24
content-type
text/plain
date
Fri, 22 Dec 2023 11:01:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6RK%2F3MIRftSo8EJCWbywTufBd1Ba6HhHc1BnLfS6CftFMatFhOxbWXMsL%2FQVMue7BohhWIOmADhG7xLCvS%2BPknE25m%2BDD8ZJsRUnO4TlN7ngcQ73FfvekhXgp8vfKt2lcuJW5zc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-p07n
rs
ad4m.at/ Frame A75C
2 KB
2 KB
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2d993f50ef7d1ef5baf8468fa8c632211a101343450e640468e3295396388d

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AV0wQ0QdAMZJ5XVZ1PIPQIoZFp%2BDS2fN0IdOf0KdrUZeGaVlDXKKRDs%2Fahvj3I1WuYmjU%2BfXNu2xjSqYFHWuF7ufeKJ72BBLAdT%2FnkjHIJrlakTItWQ44vSmRqKvut%2B60QxLrUI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
8397de1329ac3644-FRA
x-backend-server
aa-reachservice-group-europe-west1-qqr2
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame
0
0
Preflight
General
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8397de12b9233644-FRA
content-length
24
content-type
text/plain
date
Fri, 22 Dec 2023 11:01:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2EesA%2B51Yb3xIZdmk3VVvfs8JvVpf7y0pfUcRE88zoHWedPE2prFZg5oDBSxERsPKq7eifZJB3oSgflnIyyouVtqejTW93jUP1XmdVkLTxI%2Fq9ZU%2FN1oamzsQ7gn56UGjQDA%2Fg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-p07n
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame B569
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 13:10:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
78652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Dec 2024 13:10:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B5DD
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=3970707060804890&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 6085
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 13:10:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
78652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Dec 2024 13:10:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8C25
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=4053400509795091&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

view
securepubads.g.doubleclick.net/pcs/ Frame E8EF
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnCy11sAnygD950D2oUDn4DiXJYntFFtXmr_VecG54LGvf8t_430SvBLtozFwRUTGMdXXukIVB1wBdEYNFZg3YQkEN3DPx3IEsnvUcX9LZdtyozA7zM2jjoWznXvyBxQ0hQWRxEyB5C9AAYBleWHu0P1S8WarJREKt871uSWjdc9bkNVkBxg-qmt6ogl506yxZRJFuyo9uOMZjqVt3ujScKCas4IJPNMohoO609ko3vQVrRAY-wpzETW2Jbj9UnK_GkwISkDlapmUUiohfsOIEdyhczXthjT3jxqdReonH2S5B_dnqGDF7-OLGvwcghDPU-U1sBDWRpsB4uM_tybpl2loCmgEEYE_-lnVa2l4P0NFVzPzZCnHML_0HHeDa7w7xUErSg3zb7AdbgYmELEaP&sai=AMfl-YSX1gfet6FuYR3PBWoUORqCyCr9eNl1lO3KzPnuDJc87raqSpAzSP4trUrsAOz7aTAo8aD5HVAj9ElauaU&sig=Cg0ArKJSzMkMvhEAY2VWEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 22 Dec 2023 11:01:33 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame E8EF
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2178b3bd0c2cc7cfcd4b46abe1f019da9afc22b4b2de0ddd0f104de9b4e420e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12313
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3138
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 22 Dec 2023 11:01:33 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F791
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 22 Dec 2023 11:01:33 GMT
rar
as.ad4m.at/ad/ Frame AA4C
3 KB
3 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=15573&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=50&e=&g=19cccbff6ba55a50bb543fea0fdda0f7%2F15810034432410532909&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893147&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gxkax8vs8wwrz466bvm1cenqphnepcc09pphpvx93akwkbny9ajgbpacyx1qr2cted4766g5k56dsap8zyx2yrsy4nzdaf533mab14h3d43wjp6w854eyg551dm1egv7yep92jbb53aqveymhbkzcsp3agwdekx5dapn8cve6zcecpsmdcsqypk6dk615d2yam9jmcer08a7pbsxd2n0mcgbszevsss0prxa11025g7m19ba366beh580fwk66stagr746bfrfg4fd7z5dtjwv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCagb0jGyFZdm8DMSn9u8P9v6bsAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0BxRWrgw_MqYX9BGT2-o6yEZpeftb8751Zup5jUCqeLvwxusBrZlEk5LxdcX8Qr2LSN1mxVY4EBr9LWE7kCeGvMrvSqygzW3W8JU0wKWNTPbUNv_OpF7jo6gzDfi647ZTN2Y9wFbuxBn-0iprfEJ4JWgD3gFplj9QPQEmGvzvNh7C0bK7z2QlCPEqxLrcXnmncekBeWVmxfO6c4oD9eP_TagmTSTO2bU3U1C-TgiCoRuk8owVKPWg3EsAoKuox1j-asZ0i8L16n7DTsNyD6ABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYnIy5nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1OM4sUSYYTQ2D54aP0AKfuApn0Pg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d6654a62f272de17f6ecfcc755101b008d42ed334f70b653d5afd51495636f8
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1hyrtxbjtezax0agkm65gpxaydgp7z5bm5r0dbsbvzw7jpkk71hre35yerz6tghgw275m26qzk3a2a4vf0gb9nsq46hs364dzd27bsj6965esr3w1jt04h08ab4hwmdgyyg2924rgz0yhhg5s6nz7xymvwvmptbrh7av1k69gc9fd5w1wys6cvzsk115x10smj3knp0sry42wzp24q9crr4kmc8k2ctqq1tjsspg720523zhscer2cqjtjqcytx65eenksgsryhj1w94xz0s9cy9vma0sbehar5a8exv7cb73mq9fpkfk1jvg63htwpdybrj31hhz4b1r08w7arzgwgpdjv1ptym7ntmsb4erxpp0p69ywavxz7arcds8txeakd3jb0snwnqpkcrwfhpg1xsap1c5rbzdqzgerx7j56kfj7wf60sycjkczj7b1m09m13nk5s&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCagb0jGyFZdm8DMSn9u8P9v6bsAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0BxRWrgw_MqYX9BGT2-o6yEZpeftb8751Zup5jUCqeLvwxusBrZlEk5LxdcX8Qr2LSN1mxVY4EBr9LWE7kCeGvMrvSqygzW3W8JU0wKWNTPbUNv_OpF7jo6gzDfi647ZTN2Y9wFbuxBn-0iprfEJ4JWgD3gFplj9QPQEmGvzvNh7C0bK7z2QlCPEqxLrcXnmncekBeWVmxfO6c4oD9eP_TagmTSTO2bU3U1C-TgiCoRuk8owVKPWg3EsAoKuox1j-asZ0i8L16n7DTsNyD6ABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYnIy5nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1OM4sUSYYTQ2D54aP0AKfuApn0Pg%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
8397de136e0b696a-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:01:33 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame 93BA
3 KB
3 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=15573&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=50&e=&g=3ebec5b4d9a3d8de1a44d57c95ae6be1%2F8852330303997521108&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893270&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfrmkfj9ke73stsawqsjg0j29qh1tk4gjybgpvvjcqvt04eczkvtenyj0kwd0jmxzb42j9caqyf55ed104xh4je3baq7b30dmv1qmqt57yjzbh0cc18aaac0vhwrm4zzzvm91pdmxfj7ayjhc79hh2fn5wsvgak8cvszr8qbx33hz337q24zwewx77j8tv8mmagv5q510s2wdw747d6w7qp9q3xs2g8es8mya0yb6pehpsg740s8f1mzfcm8beenmc9t8zfz4k4sbn084b9eekm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz158jGyFZZ20C4S99u8PtKOYoAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0IQNZADTwm0SdaKP45aHfDXOps8PlSRTHBi0TnKiX8uZOupqyLMABMgddSc0wwnkI-qNoXEEGHh2PgIj2hCiRS93av71pId0pyTE6ux5dk6R0f7siuMMJUyuDtkXSWYAEAGRUn45tBcUXppWEwUve4_dKzX9h9ajg4K2kHVlFP-p2xK_fTqxEFXBsxUdUoUoJbhj8Fzg128SM77iu6vaGxXqEUpr6RUozeBUD-UBeNrjVWeGgrqpuroWKuVlCsOsLfUeB1dvyKaIn_e2NumABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYzZC4nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2id-X13hiHACaKYAL5s4ftSpou9w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fea91d88ec3a7a0e721f2a283f71aa532ab947d817a4e82f933b2e269e074739
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1jpn3p0px50wjyek0mgx94504erwhbn8jxppejjryqf7wzq53evtp6ajbe3exkh3wg20dt0pve17prnx2ttt8yvc13h42wmj2cwc1stms6k1ybnq08wg3gyes1bhqksdxc25gw5pmxda92zms50abkjh8ng1dgm54vygpkvqh0prv9h2yn4sw8gvfm79z22dkzt1nnazjt7tw9pt57w39msbvkarmwyxg89tdzehx22am05h2ks27h9xp5wjj6h9e3mdhz9wyg5wqjvzkxq06ewyz5vebhawcn6r9ax0epf2a0kx4a7kjq1j841xn2zh9mcsy1dvc3fpmqh2ve6rtqjn1zqmb19f6ss3szmcs6j8pknkaykv96xse3tqt6df898a7dksnq686cfhehpea8nh1ywgpy1ep1xyr8y9r1ag13h34f24cfax4x7fjdbz2fkfps60&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCz158jGyFZZ20C4S99u8PtKOYoAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0IQNZADTwm0SdaKP45aHfDXOps8PlSRTHBi0TnKiX8uZOupqyLMABMgddSc0wwnkI-qNoXEEGHh2PgIj2hCiRS93av71pId0pyTE6ux5dk6R0f7siuMMJUyuDtkXSWYAEAGRUn45tBcUXppWEwUve4_dKzX9h9ajg4K2kHVlFP-p2xK_fTqxEFXBsxUdUoUoJbhj8Fzg128SM77iu6vaGxXqEUpr6RUozeBUD-UBeNrjVWeGgrqpuroWKuVlCsOsLfUeB1dvyKaIn_e2NumABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYzZC4nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2id-X13hiHACaKYAL5s4ftSpou9w%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
8397de136e13696a-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:01:33 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
generate_204
tpc.googlesyndication.com/ Frame B569
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?6k4_Tg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rar
as.ad4m.at/ad/ Frame 5793
11 KB
5 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=117569%2C22451%2C43766&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M%2C791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x%2CEDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP&c=120&d=600&e=&g=321ec706a9e9084c47b143badf7f4031%2F15314562129382337961&i=29981%2C25174%2C24891&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893293&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm22q4b9444aejr3r6k9w1n2dvzxe0b3qnmwenxnk96q6kyadxr1vaapm438v4556zjm9437abmem008nc834ewqnqjcsmb070bh8ev7ap1e6q5s2vrhf4nyvbjtd0vj0etyx2a0p7qgysx4n6aeaj1jmnkjh44nwgdc2e9f9pjwnzjh7se4y15wc8bybw22npf60v0bewxjv540b98drpvzvj5hxwe4y0cc6mtnx58km4p4c1d9a8shsks4gxsht2gca8g08qbf5rh0r5sqwwb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e9a71de8640d1d2451c9db5982ca3d2ba217f13d0315baa04411287db42dae7
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1g75fdxqbvphc982ghfse6v3n1rfe4yj6dqy8se0nwj72v4vy32jajr89v10858n13a4qvfywdfv72p1a2qccnec3nqsm6js0vg576q17zn0tp8sq5mmnz1wh0c2z1gtwvdkvbegvz3s7qb5mjbxbrhjt3yjzdd6eknsg4w7szrf9mfh9gahbsjfzq8t4erabzt1cnym2kthhf93ax0cwp7a1yzmajtz2g8tqx8hx345vmkp7bzqckg0wf19tawmckb6d1ac6fp8ah18myfmsa618m02q31q3fqvascarrqjk8zvqk9120mg6axhjr482741bbkfwwkfaeksd3tkm8vyc9kwgjmm5veaanesdtqgwmp0er2z8tbkzxg38cbmph37zqetxr7gsdx27ntg383ptgqb7zntaxq1113nqvmkrkjdw7qkb3vbwbtk1wbr8cs2gth7v8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
8397de139e3b696a-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:01:33 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame 6EB7
11 KB
4 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=19769%2C197862%2C537178&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=0b6692431a0ccc8a3d007ad5020f0715%2F12881294171857800507&i=21630%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893182&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpcdsd441js1y7svjvzf0ya59emx4d97d82wfg1fncwqyhjya4dj4kkcerpemycstmvk4s65w0jjx2qaradsny5jvxvnmwh1r5hk83dcnj6crz87z98z2vzx66btzy1xx1mvh4hk5j3e31errx6bnsa53345qc4jsymbpb1xpfyqdvfyhbp898fkppxmtb9ckky5k1xc62gbfhakxaf3pxys19x0g567sqk5yfswpywhmbgrx59dea6vggcyahsvbjvw98rn781zzscfrft5907%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
539dcbf05829f814ac43ca279d55baaf1821174a080a32fa6e08d488a3f88358
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1kyed8k67exvqz66enq0ateb4ngactzsqtxkjj0p7y5zy0t4642bge25e75636knbksdhkngzm219hdj48h40k8k58k4agbpe9xn87j454k5avds7tpwnacg4ypnfn1cywq3eshtwjtdhhgzg45byvpfj3gp5zk1nvytzkft17m7hagcrakpxggdc8dvs7nfrrgmmr2915hk3k8kdda0z7q8v321s3vjh6vh6sdqqyn6vnrd2ph9a7yee285dcpw8p7mx06bz99wrpn5wqdp2vspdpqttw7kqyqzf3amsnrstt1623nps3npmbvgmqas0z9zqzcc2m32cyqgcg01z9va7ez7h9nktth4vcf65g3fvsexch7cwb00jxq8sg4w02d8eh8204esyfd2t41pd7agkb8bc6t6x892ztmvz5ednsf4tt7xjv7xsrzd4ywhjbtrz0mz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
8397de139e3d696a-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:01:33 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
generate_204
tpc.googlesyndication.com/ Frame 6085
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?TKgIhA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rar
as.ad4m.at/ad/ Frame B555
6 KB
3 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=183975&b=Z28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=50&e=&g=121c3689836262a14e893a5705835435%2F5587413522742643148&i=20597&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893301&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jzexnyx97018mp6hcfpggvcjhebj7r1t7h62fs0ts94mmtj548jk27brb9qkhwvj1qgnvyrnj3qw1p0edgar0ja435z66qjn8brm6z7m6bawm3qpxhfbf5hw5wk6tv9a0m10ctj525nj077ngg7j4frfqynq8aqtgtxh0hfk0zc9txcj0cj0cwz5dpz2rd32101vmeq2g0tkvtwvpq3tcytncjdst5xm808pet4vysz1whhxn5azs5reabkqjtjj148ysyktghz75qs3348zd3e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-lwejGyFZfPvGuKe7_UPzNCDiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0Pa18-Gn5sKix6c_kPnCh-TZdD5h9YMlIv5mPqA18d5yzX2osEflVvrzg5R4kxNTo1uBZD-zKluzx0EoT0jdYq2sMPUo1du29zzeYA7iRoGCXjEY8MxKL-ol_qiNHx4Y644lbmZ41gLF_KsN1XgI30u9ShSUm0ipLW35u7XnVIUE0xIlbz6HE81P4JLfXv8YXS7-38as4WRKGdPEQWh1ifHP2Ubx2dJHT--sJcPN5ctYhMZLvRLP-1W81RPdB7oYkIT7fRhC38RbP4A-tNwTgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN3Ax5zyooMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_16pC8lVHUJk3gPGqrBYOqDnfSAbg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c654b4d50ad1ad7a804399b703554bcbd7f5882c126a21f0798de1a9e99df18c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1jz04agx21t9ams746q5g4pjncjm7kvrmvgcs99w3fd1kgb7n2kd4e04m3t7gprnhsd43102ahp1r8p476wj8vas1n0v61s30s4k66pxdzf8vf32dwq9tt3v1wmfnhdq3v7reetcs5vwsyy0c3kjr1wafxyvrdfx42hkvn089znjp5411t35m1zj4v4dmdh2cng9cnbgmnde6xdn2pw5cx118fgf06crq3a1n4arsxzm95kkv0yx2cmw18t8f613y5r8f7rb95ks81q2aw2g32qn4p4tre55wbcknzs0mcvb2tn280yqrtz18cns51qmmc3waad2ny11dgcvh0be7n7d79nhedy7awk8fgzv7rya0gmxdzd0gnespc4zey2rhpbws5d43jq2fxv2yd6cw5b701ckwe76f20n981gazd5j5cky5xf9rkv71va9e6364700vj3&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-lwejGyFZfPvGuKe7_UPzNCDiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0Pa18-Gn5sKix6c_kPnCh-TZdD5h9YMlIv5mPqA18d5yzX2osEflVvrzg5R4kxNTo1uBZD-zKluzx0EoT0jdYq2sMPUo1du29zzeYA7iRoGCXjEY8MxKL-ol_qiNHx4Y644lbmZ41gLF_KsN1XgI30u9ShSUm0ipLW35u7XnVIUE0xIlbz6HE81P4JLfXv8YXS7-38as4WRKGdPEQWh1ifHP2Ubx2dJHT--sJcPN5ctYhMZLvRLP-1W81RPdB7oYkIT7fRhC38RbP4A-tNwTgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN3Ax5zyooMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_16pC8lVHUJk3gPGqrBYOqDnfSAbg%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
8397de139e43696a-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:01:33 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 257C
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2506
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 10:19:47 GMT
expires
Sat, 21 Dec 2024 10:19:47 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7C6B
829 B
560 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
90f10ca4b4b71f7d97bb2bdf4f6566f5bdf2b5b339da48738b1d2fa4391a7df2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-oxjwQ0AHQ-6NwJyd9GmQYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-oxjwQ0AHQ-6NwJyd9GmQYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:01:33 GMT
expires
Fri, 22 Dec 2023 11:01:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3F78
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2506
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 10:19:47 GMT
expires
Sat, 21 Dec 2024 10:19:47 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B968
829 B
561 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2d9c3d077667e6e6e6db0d58ac74ee13502b643d66a63dcf213a9991e7b5d1b1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-w8mAq_JT3uWTUKLF58fLDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-w8mAq_JT3uWTUKLF58fLDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:01:33 GMT
expires
Fri, 22 Dec 2023 11:01:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E8EF
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 22 Dec 2023 11:01:33 GMT
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 93BA
115 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=50&e=&g=3ebec5b4d9a3d8de1a44d57c95ae6be1%2F8852330303997521108&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893270&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfrmkfj9ke73stsawqsjg0j29qh1tk4gjybgpvvjcqvt04eczkvtenyj0kwd0jmxzb42j9caqyf55ed104xh4je3baq7b30dmv1qmqt57yjzbh0cc18aaac0vhwrm4zzzvm91pdmxfj7ayjhc79hh2fn5wsvgak8cvszr8qbx33hz337q24zwewx77j8tv8mmagv5q510s2wdw747d6w7qp9q3xs2g8es8mya0yb6pehpsg740s8f1mzfcm8beenmc9t8zfz4k4sbn084b9eekm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz158jGyFZZ20C4S99u8PtKOYoAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0IQNZADTwm0SdaKP45aHfDXOps8PlSRTHBi0TnKiX8uZOupqyLMABMgddSc0wwnkI-qNoXEEGHh2PgIj2hCiRS93av71pId0pyTE6ux5dk6R0f7siuMMJUyuDtkXSWYAEAGRUn45tBcUXppWEwUve4_dKzX9h9ajg4K2kHVlFP-p2xK_fTqxEFXBsxUdUoUoJbhj8Fzg128SM77iu6vaGxXqEUpr6RUozeBUD-UBeNrjVWeGgrqpuroWKuVlCsOsLfUeB1dvyKaIn_e2NumABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYzZC4nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2id-X13hiHACaKYAL5s4ftSpou9w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=15573&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=50&e=&g=3ebec5b4d9a3d8de1a44d57c95ae6be1%2F8852330303997521108&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893270&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfrmkfj9ke73stsawqsjg0j29qh1tk4gjybgpvvjcqvt04eczkvtenyj0kwd0jmxzb42j9caqyf55ed104xh4je3baq7b30dmv1qmqt57yjzbh0cc18aaac0vhwrm4zzzvm91pdmxfj7ayjhc79hh2fn5wsvgak8cvszr8qbx33hz337q24zwewx77j8tv8mmagv5q510s2wdw747d6w7qp9q3xs2g8es8mya0yb6pehpsg740s8f1mzfcm8beenmc9t8zfz4k4sbn084b9eekm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz158jGyFZZ20C4S99u8PtKOYoAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0IQNZADTwm0SdaKP45aHfDXOps8PlSRTHBi0TnKiX8uZOupqyLMABMgddSc0wwnkI-qNoXEEGHh2PgIj2hCiRS93av71pId0pyTE6ux5dk6R0f7siuMMJUyuDtkXSWYAEAGRUn45tBcUXppWEwUve4_dKzX9h9ajg4K2kHVlFP-p2xK_fTqxEFXBsxUdUoUoJbhj8Fzg128SM77iu6vaGxXqEUpr6RUozeBUD-UBeNrjVWeGgrqpuroWKuVlCsOsLfUeB1dvyKaIn_e2NumABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYzZC4nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2id-X13hiHACaKYAL5s4ftSpou9w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
810712
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWWLyVOj3%2FTNRDku4Y31nyP%2BHHGSe25ahVE%2Fw92KbS40qRYJlXspmZIxi4nXStJJIen%2BytS8nNCzh1METysUCd50kAMS2PUFtk0cM0I8JnxXPXzG1IBjXcrce8G14PgbZi%2BKSDVQ5I4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
8397de13ee92696a-FRA
expires
Sat, 23 Dec 2023 11:01:33 GMT
E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 93BA
9 KB
9 KB
Image
General
Full URL
https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=50&e=&g=3ebec5b4d9a3d8de1a44d57c95ae6be1%2F8852330303997521108&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893270&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfrmkfj9ke73stsawqsjg0j29qh1tk4gjybgpvvjcqvt04eczkvtenyj0kwd0jmxzb42j9caqyf55ed104xh4je3baq7b30dmv1qmqt57yjzbh0cc18aaac0vhwrm4zzzvm91pdmxfj7ayjhc79hh2fn5wsvgak8cvszr8qbx33hz337q24zwewx77j8tv8mmagv5q510s2wdw747d6w7qp9q3xs2g8es8mya0yb6pehpsg740s8f1mzfcm8beenmc9t8zfz4k4sbn084b9eekm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz158jGyFZZ20C4S99u8PtKOYoAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0IQNZADTwm0SdaKP45aHfDXOps8PlSRTHBi0TnKiX8uZOupqyLMABMgddSc0wwnkI-qNoXEEGHh2PgIj2hCiRS93av71pId0pyTE6ux5dk6R0f7siuMMJUyuDtkXSWYAEAGRUn45tBcUXppWEwUve4_dKzX9h9ajg4K2kHVlFP-p2xK_fTqxEFXBsxUdUoUoJbhj8Fzg128SM77iu6vaGxXqEUpr6RUozeBUD-UBeNrjVWeGgrqpuroWKuVlCsOsLfUeB1dvyKaIn_e2NumABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYzZC4nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2id-X13hiHACaKYAL5s4ftSpou9w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2007970
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
8772
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:13:38 GMT
server
cloudflare
etag
"15b1f39d668aa86c2ba2ba17d94cc733"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBwEf8n7kIT6sJMdKr9gQ2MpOxNrdH69eUPsSNFNVkXpVvm10e4hDTOZ9JdVaRxET%2BvpMCWgH4%2FlbGdM79pVl8aW0AlXUzg2YibniEdbCtvIObLjZfrz%2FVhTlcoxKSomRdzKkJ0WaDWpWyFb"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8397de13fe909131-FRA
7959CC8A5841863E2029D11337BD9743816B11539BB7B5FE82C05DA418BFFEA9B2B39CC1367019AB169ACFDD5A75E84454CFD285683B9548532D984CEBD8DAF8
assets.ad4m.at/product_image/ Frame 93BA
21 KB
21 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/7959CC8A5841863E2029D11337BD9743816B11539BB7B5FE82C05DA418BFFEA9B2B39CC1367019AB169ACFDD5A75E84454CFD285683B9548532D984CEBD8DAF8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=50&e=&g=3ebec5b4d9a3d8de1a44d57c95ae6be1%2F8852330303997521108&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893270&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfrmkfj9ke73stsawqsjg0j29qh1tk4gjybgpvvjcqvt04eczkvtenyj0kwd0jmxzb42j9caqyf55ed104xh4je3baq7b30dmv1qmqt57yjzbh0cc18aaac0vhwrm4zzzvm91pdmxfj7ayjhc79hh2fn5wsvgak8cvszr8qbx33hz337q24zwewx77j8tv8mmagv5q510s2wdw747d6w7qp9q3xs2g8es8mya0yb6pehpsg740s8f1mzfcm8beenmc9t8zfz4k4sbn084b9eekm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz158jGyFZZ20C4S99u8PtKOYoAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0IQNZADTwm0SdaKP45aHfDXOps8PlSRTHBi0TnKiX8uZOupqyLMABMgddSc0wwnkI-qNoXEEGHh2PgIj2hCiRS93av71pId0pyTE6ux5dk6R0f7siuMMJUyuDtkXSWYAEAGRUn45tBcUXppWEwUve4_dKzX9h9ajg4K2kHVlFP-p2xK_fTqxEFXBsxUdUoUoJbhj8Fzg128SM77iu6vaGxXqEUpr6RUozeBUD-UBeNrjVWeGgrqpuroWKuVlCsOsLfUeB1dvyKaIn_e2NumABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYzZC4nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2id-X13hiHACaKYAL5s4ftSpou9w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
086201b1717dc01de92caf616dba26dac813fabb51aa117fb6c42502b4b1e08c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2098584
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
21332
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:10:58 GMT
server
cloudflare
etag
"50190e2f2596fbaf0b3827698ee24008"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7D%2FNFGqae%2BQUjP1Liu9HiB6bDcyutKiglBYoprE3%2B8Yr7J1qiDtGoR%2Fc8I3PvkF5qFxTHjlmVH6ZN68FDEd3uLqElk706P9uJgQPyQnTv1DeAuZ87XGqOfxc3GNNIw%2FleyeS%2F%2BefMI8Eae7F"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8397de13fe8d9131-FRA
2aed39855b5f46b72660fe7fe4b2634f
pv.medialead.de/trck/epv/ Frame 93BA
0
326 B
Image
General
Full URL
https://pv.medialead.de/trck/epv/2aed39855b5f46b72660fe7fe4b2634f?t=htlp&subid=oneidG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=50&e=&g=3ebec5b4d9a3d8de1a44d57c95ae6be1%2F8852330303997521108&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893270&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfrmkfj9ke73stsawqsjg0j29qh1tk4gjybgpvvjcqvt04eczkvtenyj0kwd0jmxzb42j9caqyf55ed104xh4je3baq7b30dmv1qmqt57yjzbh0cc18aaac0vhwrm4zzzvm91pdmxfj7ayjhc79hh2fn5wsvgak8cvszr8qbx33hz337q24zwewx77j8tv8mmagv5q510s2wdw747d6w7qp9q3xs2g8es8mya0yb6pehpsg740s8f1mzfcm8beenmc9t8zfz4k4sbn084b9eekm%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCz158jGyFZZ20C4S99u8PtKOYoAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0IQNZADTwm0SdaKP45aHfDXOps8PlSRTHBi0TnKiX8uZOupqyLMABMgddSc0wwnkI-qNoXEEGHh2PgIj2hCiRS93av71pId0pyTE6ux5dk6R0f7siuMMJUyuDtkXSWYAEAGRUn45tBcUXppWEwUve4_dKzX9h9ajg4K2kHVlFP-p2xK_fTqxEFXBsxUdUoUoJbhj8Fzg128SM77iu6vaGxXqEUpr6RUozeBUD-UBeNrjVWeGgrqpuroWKuVlCsOsLfUeB1dvyKaIn_e2NumABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYzZC4nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2id-X13hiHACaKYAL5s4ftSpou9w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
attribution-reporting-register-source
{"source_event_id":"17200573720104378","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
0
proxy-host
pv.medialead.de
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame AA4C
115 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=50&e=&g=19cccbff6ba55a50bb543fea0fdda0f7%2F15810034432410532909&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893147&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gxkax8vs8wwrz466bvm1cenqphnepcc09pphpvx93akwkbny9ajgbpacyx1qr2cted4766g5k56dsap8zyx2yrsy4nzdaf533mab14h3d43wjp6w854eyg551dm1egv7yep92jbb53aqveymhbkzcsp3agwdekx5dapn8cve6zcecpsmdcsqypk6dk615d2yam9jmcer08a7pbsxd2n0mcgbszevsss0prxa11025g7m19ba366beh580fwk66stagr746bfrfg4fd7z5dtjwv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCagb0jGyFZdm8DMSn9u8P9v6bsAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0BxRWrgw_MqYX9BGT2-o6yEZpeftb8751Zup5jUCqeLvwxusBrZlEk5LxdcX8Qr2LSN1mxVY4EBr9LWE7kCeGvMrvSqygzW3W8JU0wKWNTPbUNv_OpF7jo6gzDfi647ZTN2Y9wFbuxBn-0iprfEJ4JWgD3gFplj9QPQEmGvzvNh7C0bK7z2QlCPEqxLrcXnmncekBeWVmxfO6c4oD9eP_TagmTSTO2bU3U1C-TgiCoRuk8owVKPWg3EsAoKuox1j-asZ0i8L16n7DTsNyD6ABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYnIy5nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1OM4sUSYYTQ2D54aP0AKfuApn0Pg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=15573&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=50&e=&g=19cccbff6ba55a50bb543fea0fdda0f7%2F15810034432410532909&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893147&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gxkax8vs8wwrz466bvm1cenqphnepcc09pphpvx93akwkbny9ajgbpacyx1qr2cted4766g5k56dsap8zyx2yrsy4nzdaf533mab14h3d43wjp6w854eyg551dm1egv7yep92jbb53aqveymhbkzcsp3agwdekx5dapn8cve6zcecpsmdcsqypk6dk615d2yam9jmcer08a7pbsxd2n0mcgbszevsss0prxa11025g7m19ba366beh580fwk66stagr746bfrfg4fd7z5dtjwv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCagb0jGyFZdm8DMSn9u8P9v6bsAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0BxRWrgw_MqYX9BGT2-o6yEZpeftb8751Zup5jUCqeLvwxusBrZlEk5LxdcX8Qr2LSN1mxVY4EBr9LWE7kCeGvMrvSqygzW3W8JU0wKWNTPbUNv_OpF7jo6gzDfi647ZTN2Y9wFbuxBn-0iprfEJ4JWgD3gFplj9QPQEmGvzvNh7C0bK7z2QlCPEqxLrcXnmncekBeWVmxfO6c4oD9eP_TagmTSTO2bU3U1C-TgiCoRuk8owVKPWg3EsAoKuox1j-asZ0i8L16n7DTsNyD6ABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYnIy5nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1OM4sUSYYTQ2D54aP0AKfuApn0Pg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
810712
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E9qHZVw62pdv1nlebb6RLX6AwiOptvHnfiXvSuSSURPumlu26qiNhisw%2BgsO6LgshYmg%2BOhFuurACpkq%2BqRDuzQQZ4KrR7%2FiWT6QYW0l6rVf1u9a5EO9T1JkGlhEm%2BGf4pvuCzwgv00%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
8397de13ee96696a-FRA
expires
Sat, 23 Dec 2023 11:01:33 GMT
E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame AA4C
9 KB
9 KB
Image
General
Full URL
https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=50&e=&g=19cccbff6ba55a50bb543fea0fdda0f7%2F15810034432410532909&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893147&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gxkax8vs8wwrz466bvm1cenqphnepcc09pphpvx93akwkbny9ajgbpacyx1qr2cted4766g5k56dsap8zyx2yrsy4nzdaf533mab14h3d43wjp6w854eyg551dm1egv7yep92jbb53aqveymhbkzcsp3agwdekx5dapn8cve6zcecpsmdcsqypk6dk615d2yam9jmcer08a7pbsxd2n0mcgbszevsss0prxa11025g7m19ba366beh580fwk66stagr746bfrfg4fd7z5dtjwv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCagb0jGyFZdm8DMSn9u8P9v6bsAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0BxRWrgw_MqYX9BGT2-o6yEZpeftb8751Zup5jUCqeLvwxusBrZlEk5LxdcX8Qr2LSN1mxVY4EBr9LWE7kCeGvMrvSqygzW3W8JU0wKWNTPbUNv_OpF7jo6gzDfi647ZTN2Y9wFbuxBn-0iprfEJ4JWgD3gFplj9QPQEmGvzvNh7C0bK7z2QlCPEqxLrcXnmncekBeWVmxfO6c4oD9eP_TagmTSTO2bU3U1C-TgiCoRuk8owVKPWg3EsAoKuox1j-asZ0i8L16n7DTsNyD6ABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYnIy5nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1OM4sUSYYTQ2D54aP0AKfuApn0Pg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2007970
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
8772
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:13:38 GMT
server
cloudflare
etag
"15b1f39d668aa86c2ba2ba17d94cc733"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ht4Pm1mkdbukI7G9v4MosUGMr0y6pqv5j3imflVduMX7%2FHli1WN9lhhu3bJjek6HtKUtqSIJ05OM741PJxWYOm1Tw45cwEKviB2sUdHRBUkDAOu0lefQ72Psy7PRqhXw5Ma7w%2BNYNXi8OnFk"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8397de13fe8e9131-FRA
7959CC8A5841863E2029D11337BD9743816B11539BB7B5FE82C05DA418BFFEA9B2B39CC1367019AB169ACFDD5A75E84454CFD285683B9548532D984CEBD8DAF8
assets.ad4m.at/product_image/ Frame AA4C
21 KB
21 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/7959CC8A5841863E2029D11337BD9743816B11539BB7B5FE82C05DA418BFFEA9B2B39CC1367019AB169ACFDD5A75E84454CFD285683B9548532D984CEBD8DAF8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=50&e=&g=19cccbff6ba55a50bb543fea0fdda0f7%2F15810034432410532909&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893147&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gxkax8vs8wwrz466bvm1cenqphnepcc09pphpvx93akwkbny9ajgbpacyx1qr2cted4766g5k56dsap8zyx2yrsy4nzdaf533mab14h3d43wjp6w854eyg551dm1egv7yep92jbb53aqveymhbkzcsp3agwdekx5dapn8cve6zcecpsmdcsqypk6dk615d2yam9jmcer08a7pbsxd2n0mcgbszevsss0prxa11025g7m19ba366beh580fwk66stagr746bfrfg4fd7z5dtjwv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCagb0jGyFZdm8DMSn9u8P9v6bsAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0BxRWrgw_MqYX9BGT2-o6yEZpeftb8751Zup5jUCqeLvwxusBrZlEk5LxdcX8Qr2LSN1mxVY4EBr9LWE7kCeGvMrvSqygzW3W8JU0wKWNTPbUNv_OpF7jo6gzDfi647ZTN2Y9wFbuxBn-0iprfEJ4JWgD3gFplj9QPQEmGvzvNh7C0bK7z2QlCPEqxLrcXnmncekBeWVmxfO6c4oD9eP_TagmTSTO2bU3U1C-TgiCoRuk8owVKPWg3EsAoKuox1j-asZ0i8L16n7DTsNyD6ABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYnIy5nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1OM4sUSYYTQ2D54aP0AKfuApn0Pg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
086201b1717dc01de92caf616dba26dac813fabb51aa117fb6c42502b4b1e08c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2098584
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
21332
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:10:58 GMT
server
cloudflare
etag
"50190e2f2596fbaf0b3827698ee24008"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDxvL2RofIno8efbz%2BLp1S4CIW3aQj5bQE6OtNTU8EWnBDZuhwv6m3YcMXt7AEoiQb3dTCKvB5vugDizJYmwnem7vPawyaciCB2C8ngKX4ojkCAfXg%2BdH6lkHKAwpqIVnbmBUcfj2KDd62zA"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8397de13fe919131-FRA
2aed39855b5f46b72660fe7fe4b2634f
pv.medialead.de/trck/epv/ Frame AA4C
0
327 B
Image
General
Full URL
https://pv.medialead.de/trck/epv/2aed39855b5f46b72660fe7fe4b2634f?t=htlp&subid=oneidG1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573&b=G1rtBfpfVz7cKHeHGtPtdwJHZSYTJJkCQV5M&f=Vb8twfmfRKbSVHbHAtXC4bmHBSzTggWuDJ7x&c=300&d=50&e=&g=19cccbff6ba55a50bb543fea0fdda0f7%2F15810034432410532909&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893147&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gxkax8vs8wwrz466bvm1cenqphnepcc09pphpvx93akwkbny9ajgbpacyx1qr2cted4766g5k56dsap8zyx2yrsy4nzdaf533mab14h3d43wjp6w854eyg551dm1egv7yep92jbb53aqveymhbkzcsp3agwdekx5dapn8cve6zcecpsmdcsqypk6dk615d2yam9jmcer08a7pbsxd2n0mcgbszevsss0prxa11025g7m19ba366beh580fwk66stagr746bfrfg4fd7z5dtjwv2%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCagb0jGyFZdm8DMSn9u8P9v6bsAWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0BxRWrgw_MqYX9BGT2-o6yEZpeftb8751Zup5jUCqeLvwxusBrZlEk5LxdcX8Qr2LSN1mxVY4EBr9LWE7kCeGvMrvSqygzW3W8JU0wKWNTPbUNv_OpF7jo6gzDfi647ZTN2Y9wFbuxBn-0iprfEJ4JWgD3gFplj9QPQEmGvzvNh7C0bK7z2QlCPEqxLrcXnmncekBeWVmxfO6c4oD9eP_TagmTSTO2bU3U1C-TgiCoRuk8owVKPWg3EsAoKuox1j-asZ0i8L16n7DTsNyD6ABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYnIy5nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1OM4sUSYYTQ2D54aP0AKfuApn0Pg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
attribution-reporting-register-source
{"source_event_id":"17200573720104378","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
0
proxy-host
pv.medialead.de
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 5793
115 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C22451%2C43766&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M%2C791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x%2CEDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP&c=120&d=600&e=&g=321ec706a9e9084c47b143badf7f4031%2F15314562129382337961&i=29981%2C25174%2C24891&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893293&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm22q4b9444aejr3r6k9w1n2dvzxe0b3qnmwenxnk96q6kyadxr1vaapm438v4556zjm9437abmem008nc834ewqnqjcsmb070bh8ev7ap1e6q5s2vrhf4nyvbjtd0vj0etyx2a0p7qgysx4n6aeaj1jmnkjh44nwgdc2e9f9pjwnzjh7se4y15wc8bybw22npf60v0bewxjv540b98drpvzvj5hxwe4y0cc6mtnx58km4p4c1d9a8shsks4gxsht2gca8g08qbf5rh0r5sqwwb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=117569%2C22451%2C43766&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M%2C791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x%2CEDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP&c=120&d=600&e=&g=321ec706a9e9084c47b143badf7f4031%2F15314562129382337961&i=29981%2C25174%2C24891&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893293&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm22q4b9444aejr3r6k9w1n2dvzxe0b3qnmwenxnk96q6kyadxr1vaapm438v4556zjm9437abmem008nc834ewqnqjcsmb070bh8ev7ap1e6q5s2vrhf4nyvbjtd0vj0etyx2a0p7qgysx4n6aeaj1jmnkjh44nwgdc2e9f9pjwnzjh7se4y15wc8bybw22npf60v0bewxjv540b98drpvzvj5hxwe4y0cc6mtnx58km4p4c1d9a8shsks4gxsht2gca8g08qbf5rh0r5sqwwb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
810712
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BLGMaTxkhVoJhJu3jHB%2FtL689cwbadS6GnOAGjLjVwha5fucLNTMSaIl8hMe93Jf3%2BsN%2FcEZGzPSZTqvgN8MJWI%2BKUqUS4w5s%2FrfMUpXQIyrErtPj7Wt3%2BCYa1hyAMnw1ZqfdbDprX4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
8397de140eae696a-FRA
expires
Sat, 23 Dec 2023 11:01:33 GMT
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 5793
2 KB
2 KB
Image
General
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C22451%2C43766&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M%2C791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x%2CEDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP&c=120&d=600&e=&g=321ec706a9e9084c47b143badf7f4031%2F15314562129382337961&i=29981%2C25174%2C24891&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893293&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm22q4b9444aejr3r6k9w1n2dvzxe0b3qnmwenxnk96q6kyadxr1vaapm438v4556zjm9437abmem008nc834ewqnqjcsmb070bh8ev7ap1e6q5s2vrhf4nyvbjtd0vj0etyx2a0p7qgysx4n6aeaj1jmnkjh44nwgdc2e9f9pjwnzjh7se4y15wc8bybw22npf60v0bewxjv540b98drpvzvj5hxwe4y0cc6mtnx58km4p4c1d9a8shsks4gxsht2gca8g08qbf5rh0r5sqwwb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
136190
cf-polished
origFmt=png, origSize=2170
alt-svc
h3=":443"; ma=86400
content-length
1662
cf-bgj
imgq:85,h2pri
last-modified
Mon, 13 Nov 2023 08:38:25 GMT
server
cloudflare
etag
"4721aa7c2d5fa652c8092463f9a485bd"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0AOU%2BTPsA2WPrHHOd4oo3CWV65AJsgbTQglgPKbCuRkf86B0%2FrHCxXEpFNX%2BMLG%2FA5Wut%2Bp%2BoH9CAECb01PI2qpLeiUcs%2BOjV8f8eslUY4%2B3n0FM0fgDFqvqfXLLzde0CyR%2Bf4D5QXKTawr"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8397de140eb79131-FRA
B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame 5793
23 KB
23 KB
Image
General
Full URL
https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C22451%2C43766&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M%2C791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x%2CEDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP&c=120&d=600&e=&g=321ec706a9e9084c47b143badf7f4031%2F15314562129382337961&i=29981%2C25174%2C24891&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893293&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm22q4b9444aejr3r6k9w1n2dvzxe0b3qnmwenxnk96q6kyadxr1vaapm438v4556zjm9437abmem008nc834ewqnqjcsmb070bh8ev7ap1e6q5s2vrhf4nyvbjtd0vj0etyx2a0p7qgysx4n6aeaj1jmnkjh44nwgdc2e9f9pjwnzjh7se4y15wc8bybw22npf60v0bewxjv540b98drpvzvj5hxwe4y0cc6mtnx58km4p4c1d9a8shsks4gxsht2gca8g08qbf5rh0r5sqwwb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3387435
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
23392
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:08:23 GMT
server
cloudflare
etag
"faa9f958d13ef03f911b71f117846705"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mw5R65S5olLy6BbUQWqYdJwAZcEVQ5qa41Wulvvo2k%2FFtVyEoV0a%2FntHR%2FWwx2DkXPvep%2BZaZPaB9uTETQ%2BRfWq8uLn9jQeCDOTMI61DZRY3aya5Em2qsD8TgaMAawQm280TQFCZcuXta%2BsV"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8397de140ebb9131-FRA
cshow.php
www.awin1.com/ Frame 5793
43 B
702 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C22451%2C43766&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M%2C791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x%2CEDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP&c=120&d=600&e=&g=321ec706a9e9084c47b143badf7f4031%2F15314562129382337961&i=29981%2C25174%2C24891&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893293&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm22q4b9444aejr3r6k9w1n2dvzxe0b3qnmwenxnk96q6kyadxr1vaapm438v4556zjm9437abmem008nc834ewqnqjcsmb070bh8ev7ap1e6q5s2vrhf4nyvbjtd0vj0etyx2a0p7qgysx4n6aeaj1jmnkjh44nwgdc2e9f9pjwnzjh7se4y15wc8bybw22npf60v0bewxjv540b98drpvzvj5hxwe4y0cc6mtnx58km4p4c1d9a8shsks4gxsht2gca8g08qbf5rh0r5sqwwb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 22 Dec 2023 11:01:33 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
F1668CEEF41AAD8A0C029F9D23FE46EC6F8068CDC15DA60F85AFC1E3BD14A8C560B4DF91D88D53A78DBCC7160246BC21A8B17CCED604428331EE91402A545B83
assets.ad4m.at/logo/ Frame 5793
9 KB
10 KB
Image
General
Full URL
https://assets.ad4m.at/logo/F1668CEEF41AAD8A0C029F9D23FE46EC6F8068CDC15DA60F85AFC1E3BD14A8C560B4DF91D88D53A78DBCC7160246BC21A8B17CCED604428331EE91402A545B83
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C22451%2C43766&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M%2C791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x%2CEDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP&c=120&d=600&e=&g=321ec706a9e9084c47b143badf7f4031%2F15314562129382337961&i=29981%2C25174%2C24891&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893293&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm22q4b9444aejr3r6k9w1n2dvzxe0b3qnmwenxnk96q6kyadxr1vaapm438v4556zjm9437abmem008nc834ewqnqjcsmb070bh8ev7ap1e6q5s2vrhf4nyvbjtd0vj0etyx2a0p7qgysx4n6aeaj1jmnkjh44nwgdc2e9f9pjwnzjh7se4y15wc8bybw22npf60v0bewxjv540b98drpvzvj5hxwe4y0cc6mtnx58km4p4c1d9a8shsks4gxsht2gca8g08qbf5rh0r5sqwwb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dd5bb9fda081a3cb1bd6d513edb1a71746031bec07d8c646abe5813ba9dd4c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
137288
cf-polished
qual=85, origFmt=jpeg, origSize=13332
alt-svc
h3=":443"; ma=86400
content-length
9604
cf-bgj
imgq:85,h2pri
last-modified
Fri, 03 Nov 2023 17:02:02 GMT
server
cloudflare
etag
"23e86ef8ba51d351917574e3e8d33ca5"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ghGR0YLrZmPiO2P4DS4%2FCTErcVdtkZQNHsry1tP%2Baf4Dk0vB7KwuqsINWDCwpWLVLHBxWNNRy7YtLvKgRhf1Rv43T7V1bW7X%2B1jYdBBXfjfXd17fGiAHIMg7mSA35wpMOSlDCHXqt2k7odk"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8397de140ebc9131-FRA
FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame 5793
26 KB
27 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C22451%2C43766&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M%2C791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x%2CEDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP&c=120&d=600&e=&g=321ec706a9e9084c47b143badf7f4031%2F15314562129382337961&i=29981%2C25174%2C24891&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893293&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm22q4b9444aejr3r6k9w1n2dvzxe0b3qnmwenxnk96q6kyadxr1vaapm438v4556zjm9437abmem008nc834ewqnqjcsmb070bh8ev7ap1e6q5s2vrhf4nyvbjtd0vj0etyx2a0p7qgysx4n6aeaj1jmnkjh44nwgdc2e9f9pjwnzjh7se4y15wc8bybw22npf60v0bewxjv540b98drpvzvj5hxwe4y0cc6mtnx58km4p4c1d9a8shsks4gxsht2gca8g08qbf5rh0r5sqwwb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db2e4e6461e2031165b8e5e9c11a58bdc3eb90876cb1bf9a660a96220ff103ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
130902
cf-polished
qual=85, origFmt=jpeg, origSize=27208
alt-svc
h3=":443"; ma=86400
content-length
27004
cf-bgj
imgq:85,h2pri
last-modified
Wed, 01 Nov 2023 15:25:13 GMT
server
cloudflare
etag
"b0768a8c228032955d69e4578a6f208e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m9CY0%2FZp7qWJuWpux7e8kQKZ6Y9FUDznWN%2B91F%2F0o0UMGiS9ilAOALgdCCQpzW3Ly%2FoxTnKuDqLfV%2BjFRCY1pH8zbUyz6fieA%2FczOldkNhLEKKrl9ZLGFzAHDkwR%2BzsTp%2BLuEO2IiR4Cd%2BUZ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8397de140ebe9131-FRA
/
banner.congstar.de/cookie/ Frame 5793
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CJDqi53yooMDFc-T_QcddFUF7w;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5Moneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1703242893_77f2d161-a0b9-11ee-a9f2-22382f104756
0
0

4CF27F3A6A2F6D91C5A3622C8F01C9A26CFA811CA6347403820EFE1173CC3C68B9FBEA4FDD4B7737FA67797C095DA1E54C193B8458F430E3BCD6ACC6B33929DA
assets.ad4m.at/logo/ Frame 5793
10 KB
10 KB
Image
General
Full URL
https://assets.ad4m.at/logo/4CF27F3A6A2F6D91C5A3622C8F01C9A26CFA811CA6347403820EFE1173CC3C68B9FBEA4FDD4B7737FA67797C095DA1E54C193B8458F430E3BCD6ACC6B33929DA
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C22451%2C43766&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M%2C791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x%2CEDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP&c=120&d=600&e=&g=321ec706a9e9084c47b143badf7f4031%2F15314562129382337961&i=29981%2C25174%2C24891&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893293&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm22q4b9444aejr3r6k9w1n2dvzxe0b3qnmwenxnk96q6kyadxr1vaapm438v4556zjm9437abmem008nc834ewqnqjcsmb070bh8ev7ap1e6q5s2vrhf4nyvbjtd0vj0etyx2a0p7qgysx4n6aeaj1jmnkjh44nwgdc2e9f9pjwnzjh7se4y15wc8bybw22npf60v0bewxjv540b98drpvzvj5hxwe4y0cc6mtnx58km4p4c1d9a8shsks4gxsht2gca8g08qbf5rh0r5sqwwb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
617175475dd7762c2557066f330446636c982b371b142462cf7b4cd7c395f79a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
129869
cf-polished
qual=85, origFmt=jpeg, origSize=11698
alt-svc
h3=":443"; ma=86400
content-length
10082
cf-bgj
imgq:85,h2pri
last-modified
Sat, 04 Nov 2023 16:39:26 GMT
server
cloudflare
etag
"bf7d8cf3c1179b8166a2b621809cce6b"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XXMfmH9739msr9DVWX0et45KYsS9LEQryw0xkikcNNir61TwNu9m06x4S3CNlxnTHfYvFwAQKFlo9ZKgpBfPLGnIT6AYdK8Smw4lGsLOWPTlzUkuiiOADrM43IFmHjjk0Dd6P9xat8c2qOl%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8397de140ebf9131-FRA
D0B9541CF4E773D41DBC4ABCC9F6E672B34430F49375E17E41F087E6D1C801229BC513C607F51A81B070BEEF036EED35D1C1A6EBC0C47606BF42647C16A34FCE
assets.ad4m.at/product_image/ Frame 5793
14 KB
14 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/D0B9541CF4E773D41DBC4ABCC9F6E672B34430F49375E17E41F087E6D1C801229BC513C607F51A81B070BEEF036EED35D1C1A6EBC0C47606BF42647C16A34FCE
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C22451%2C43766&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M%2C791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x%2CEDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP&c=120&d=600&e=&g=321ec706a9e9084c47b143badf7f4031%2F15314562129382337961&i=29981%2C25174%2C24891&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893293&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm22q4b9444aejr3r6k9w1n2dvzxe0b3qnmwenxnk96q6kyadxr1vaapm438v4556zjm9437abmem008nc834ewqnqjcsmb070bh8ev7ap1e6q5s2vrhf4nyvbjtd0vj0etyx2a0p7qgysx4n6aeaj1jmnkjh44nwgdc2e9f9pjwnzjh7se4y15wc8bybw22npf60v0bewxjv540b98drpvzvj5hxwe4y0cc6mtnx58km4p4c1d9a8shsks4gxsht2gca8g08qbf5rh0r5sqwwb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a9e1eedba53e281f772796dd83eb2280b1a1c1c1c9ebd114d5bb7499fde7bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3468409
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
14254
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 09:11:52 GMT
server
cloudflare
etag
"5354ec8a9e72c8f64868101f5dd44ece"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUaM8MljA2WVxYhWfRrR1IQEEBapyvisgLJJjXx3yOD7lKfqSzFOumRxdz%2FXiQyJ47pVT3HkfO14i1OLV4QpMLmOZ5u6dGuBZnbeMEjIqYrcwGaQ5AGG8E673AXvqOIgLG6ZcDdBlmV9LDp4"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8397de140ec19131-FRA
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame B555
115 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975&b=Z28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=50&e=&g=121c3689836262a14e893a5705835435%2F5587413522742643148&i=20597&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893301&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jzexnyx97018mp6hcfpggvcjhebj7r1t7h62fs0ts94mmtj548jk27brb9qkhwvj1qgnvyrnj3qw1p0edgar0ja435z66qjn8brm6z7m6bawm3qpxhfbf5hw5wk6tv9a0m10ctj525nj077ngg7j4frfqynq8aqtgtxh0hfk0zc9txcj0cj0cwz5dpz2rd32101vmeq2g0tkvtwvpq3tcytncjdst5xm808pet4vysz1whhxn5azs5reabkqjtjj148ysyktghz75qs3348zd3e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-lwejGyFZfPvGuKe7_UPzNCDiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0Pa18-Gn5sKix6c_kPnCh-TZdD5h9YMlIv5mPqA18d5yzX2osEflVvrzg5R4kxNTo1uBZD-zKluzx0EoT0jdYq2sMPUo1du29zzeYA7iRoGCXjEY8MxKL-ol_qiNHx4Y644lbmZ41gLF_KsN1XgI30u9ShSUm0ipLW35u7XnVIUE0xIlbz6HE81P4JLfXv8YXS7-38as4WRKGdPEQWh1ifHP2Ubx2dJHT--sJcPN5ctYhMZLvRLP-1W81RPdB7oYkIT7fRhC38RbP4A-tNwTgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN3Ax5zyooMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_16pC8lVHUJk3gPGqrBYOqDnfSAbg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=183975&b=Z28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=50&e=&g=121c3689836262a14e893a5705835435%2F5587413522742643148&i=20597&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893301&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jzexnyx97018mp6hcfpggvcjhebj7r1t7h62fs0ts94mmtj548jk27brb9qkhwvj1qgnvyrnj3qw1p0edgar0ja435z66qjn8brm6z7m6bawm3qpxhfbf5hw5wk6tv9a0m10ctj525nj077ngg7j4frfqynq8aqtgtxh0hfk0zc9txcj0cj0cwz5dpz2rd32101vmeq2g0tkvtwvpq3tcytncjdst5xm808pet4vysz1whhxn5azs5reabkqjtjj148ysyktghz75qs3348zd3e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-lwejGyFZfPvGuKe7_UPzNCDiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0Pa18-Gn5sKix6c_kPnCh-TZdD5h9YMlIv5mPqA18d5yzX2osEflVvrzg5R4kxNTo1uBZD-zKluzx0EoT0jdYq2sMPUo1du29zzeYA7iRoGCXjEY8MxKL-ol_qiNHx4Y644lbmZ41gLF_KsN1XgI30u9ShSUm0ipLW35u7XnVIUE0xIlbz6HE81P4JLfXv8YXS7-38as4WRKGdPEQWh1ifHP2Ubx2dJHT--sJcPN5ctYhMZLvRLP-1W81RPdB7oYkIT7fRhC38RbP4A-tNwTgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN3Ax5zyooMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_16pC8lVHUJk3gPGqrBYOqDnfSAbg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
810712
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ko1gBI7rbaY8dZ91AgzWHEti8gF7mjLO4xeTyJfFrm%2Fsqa4MxFwNyuye1odP%2FLElUwDc3NA6g32XRiOnTHYVhuZKVnPkkyFLixiiuoYSg4cmtZALFgjHRYBkrRtWzWBT96cM7%2F49cLk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
8397de141ebb696a-FRA
expires
Sat, 23 Dec 2023 11:01:33 GMT
71822252443746CAFD12D9E55FD268C1CD4E723FC7E6FEA7C619297C18F60F705EDC75D8C302298612ADE97D145F0B4D195653C63CDD1F77FE140282FF3AC22A
assets.ad4m.at/logo/ Frame B555
10 KB
10 KB
Image
General
Full URL
https://assets.ad4m.at/logo/71822252443746CAFD12D9E55FD268C1CD4E723FC7E6FEA7C619297C18F60F705EDC75D8C302298612ADE97D145F0B4D195653C63CDD1F77FE140282FF3AC22A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975&b=Z28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=50&e=&g=121c3689836262a14e893a5705835435%2F5587413522742643148&i=20597&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893301&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jzexnyx97018mp6hcfpggvcjhebj7r1t7h62fs0ts94mmtj548jk27brb9qkhwvj1qgnvyrnj3qw1p0edgar0ja435z66qjn8brm6z7m6bawm3qpxhfbf5hw5wk6tv9a0m10ctj525nj077ngg7j4frfqynq8aqtgtxh0hfk0zc9txcj0cj0cwz5dpz2rd32101vmeq2g0tkvtwvpq3tcytncjdst5xm808pet4vysz1whhxn5azs5reabkqjtjj148ysyktghz75qs3348zd3e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-lwejGyFZfPvGuKe7_UPzNCDiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0Pa18-Gn5sKix6c_kPnCh-TZdD5h9YMlIv5mPqA18d5yzX2osEflVvrzg5R4kxNTo1uBZD-zKluzx0EoT0jdYq2sMPUo1du29zzeYA7iRoGCXjEY8MxKL-ol_qiNHx4Y644lbmZ41gLF_KsN1XgI30u9ShSUm0ipLW35u7XnVIUE0xIlbz6HE81P4JLfXv8YXS7-38as4WRKGdPEQWh1ifHP2Ubx2dJHT--sJcPN5ctYhMZLvRLP-1W81RPdB7oYkIT7fRhC38RbP4A-tNwTgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN3Ax5zyooMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_16pC8lVHUJk3gPGqrBYOqDnfSAbg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40df2b78182e4ea8c29b45c73a0e7bef10dc5ab61798ce22238d039d2bd81b92

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132558
cf-polished
origFmt=png, origSize=10653
alt-svc
h3=":443"; ma=86400
content-length
9924
cf-bgj
imgq:85,h2pri
last-modified
Wed, 08 Nov 2023 11:11:38 GMT
server
cloudflare
etag
"ca1cf24fc82b7541b262f0d4b15a8100"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BhaLIR0Dc3Q2iAwsOTciU8kEagVCC4uMlnQF%2FcnKSAzTTBxpyCKe76Hga%2F78%2Fzjn7YF3LO4bTouCrUWGO5kh%2BcET%2B3vyoImm7GcVIH0q%2BZTkdYVKbhk5cYLbYQnitK9EWxEnZzE4QFPfjNXu"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8397de142ee99131-FRA
1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame B555
28 KB
28 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975&b=Z28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=50&e=&g=121c3689836262a14e893a5705835435%2F5587413522742643148&i=20597&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893301&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jzexnyx97018mp6hcfpggvcjhebj7r1t7h62fs0ts94mmtj548jk27brb9qkhwvj1qgnvyrnj3qw1p0edgar0ja435z66qjn8brm6z7m6bawm3qpxhfbf5hw5wk6tv9a0m10ctj525nj077ngg7j4frfqynq8aqtgtxh0hfk0zc9txcj0cj0cwz5dpz2rd32101vmeq2g0tkvtwvpq3tcytncjdst5xm808pet4vysz1whhxn5azs5reabkqjtjj148ysyktghz75qs3348zd3e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-lwejGyFZfPvGuKe7_UPzNCDiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0Pa18-Gn5sKix6c_kPnCh-TZdD5h9YMlIv5mPqA18d5yzX2osEflVvrzg5R4kxNTo1uBZD-zKluzx0EoT0jdYq2sMPUo1du29zzeYA7iRoGCXjEY8MxKL-ol_qiNHx4Y644lbmZ41gLF_KsN1XgI30u9ShSUm0ipLW35u7XnVIUE0xIlbz6HE81P4JLfXv8YXS7-38as4WRKGdPEQWh1ifHP2Ubx2dJHT--sJcPN5ctYhMZLvRLP-1W81RPdB7oYkIT7fRhC38RbP4A-tNwTgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN3Ax5zyooMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_16pC8lVHUJk3gPGqrBYOqDnfSAbg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dc0b8445f80ad134748d7c83953db4326302247a34ba6fa2239b61836930842

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3228099
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
28452
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:10:32 GMT
server
cloudflare
etag
"ad60aab65075d58e4390c75c7ea7b04e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=quGL6IZ471ayISIs5tuoS2V3n9qP%2B%2BVU0BEuv0PQnzQXaqAkSH8sGKcFH4WXrq6mzzYkjE%2BIBI0b0PbR1%2B99g7uJ7HkxRGustlVfyux0c4fwZQ4eW7gYFDARqG6fLvatLB%2B4UjlPk5gbEgb2"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8397de142eec9131-FRA
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 6EB7
115 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C197862%2C537178&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=0b6692431a0ccc8a3d007ad5020f0715%2F12881294171857800507&i=21630%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893182&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpcdsd441js1y7svjvzf0ya59emx4d97d82wfg1fncwqyhjya4dj4kkcerpemycstmvk4s65w0jjx2qaradsny5jvxvnmwh1r5hk83dcnj6crz87z98z2vzx66btzy1xx1mvh4hk5j3e31errx6bnsa53345qc4jsymbpb1xpfyqdvfyhbp898fkppxmtb9ckky5k1xc62gbfhakxaf3pxys19x0g567sqk5yfswpywhmbgrx59dea6vggcyahsvbjvw98rn781zzscfrft5907%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=19769%2C197862%2C537178&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=0b6692431a0ccc8a3d007ad5020f0715%2F12881294171857800507&i=21630%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893182&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpcdsd441js1y7svjvzf0ya59emx4d97d82wfg1fncwqyhjya4dj4kkcerpemycstmvk4s65w0jjx2qaradsny5jvxvnmwh1r5hk83dcnj6crz87z98z2vzx66btzy1xx1mvh4hk5j3e31errx6bnsa53345qc4jsymbpb1xpfyqdvfyhbp898fkppxmtb9ckky5k1xc62gbfhakxaf3pxys19x0g567sqk5yfswpywhmbgrx59dea6vggcyahsvbjvw98rn781zzscfrft5907%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
810712
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R9z5heQN98b7GYEQ1ZUngzoyZKYX1nKrUTNA5gZgqOfGqwp%2FCd02LwTA8y1lVj6B%2FqYZHlze20YiMan3DUKcO%2BDmbvkAmT%2Fpleqn6xsmT92w14DEOGusKT3jQ8D5IPzjZ4M9rnOkHsw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
8397de141ec5696a-FRA
expires
Sat, 23 Dec 2023 11:01:33 GMT
90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 6EB7
4 KB
5 KB
Image
General
Full URL
https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C197862%2C537178&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=0b6692431a0ccc8a3d007ad5020f0715%2F12881294171857800507&i=21630%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893182&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpcdsd441js1y7svjvzf0ya59emx4d97d82wfg1fncwqyhjya4dj4kkcerpemycstmvk4s65w0jjx2qaradsny5jvxvnmwh1r5hk83dcnj6crz87z98z2vzx66btzy1xx1mvh4hk5j3e31errx6bnsa53345qc4jsymbpb1xpfyqdvfyhbp898fkppxmtb9ckky5k1xc62gbfhakxaf3pxys19x0g567sqk5yfswpywhmbgrx59dea6vggcyahsvbjvw98rn781zzscfrft5907%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
135585
cf-polished
qual=85, origFmt=jpeg, origSize=7258
alt-svc
h3=":443"; ma=86400
content-length
4294
cf-bgj
imgq:85,h2pri
last-modified
Wed, 01 Nov 2023 09:56:16 GMT
server
cloudflare
etag
"679602b08629bcaaabfcfad4e68fe53a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gLPfCxYUtBaoA36H6NmO9v2ySiq2QkCQ9vnE86sZlt2D0wnCuekZ4pJjqZxAjmc1L2NV6htuoCtHNGdrrlwNF7Gpqfykutsd%2FEiujx3yJbzCHZY9A%2Fl4DI2TA1ZfIUd3G3i12%2F9%2FtPvL%2Bj3s"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8397de142eef9131-FRA
287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 6EB7
15 KB
16 KB
Image
General
Full URL
https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C197862%2C537178&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=0b6692431a0ccc8a3d007ad5020f0715%2F12881294171857800507&i=21630%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893182&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpcdsd441js1y7svjvzf0ya59emx4d97d82wfg1fncwqyhjya4dj4kkcerpemycstmvk4s65w0jjx2qaradsny5jvxvnmwh1r5hk83dcnj6crz87z98z2vzx66btzy1xx1mvh4hk5j3e31errx6bnsa53345qc4jsymbpb1xpfyqdvfyhbp898fkppxmtb9ckky5k1xc62gbfhakxaf3pxys19x0g567sqk5yfswpywhmbgrx59dea6vggcyahsvbjvw98rn781zzscfrft5907%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1916386
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
15521
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:09:52 GMT
server
cloudflare
etag
"269bd58060bc660c3aec98b388bae571"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=apsQxp2zVxVj4ECsrzXg%2Fu4JI1ezb%2BZ9k3Z%2FRSXpVkD65NKirkYkp42dX6kGBEIzDMSetNJXmLB0gG8%2BQGeDjfsYSnM18JpclCzqhDZUk5z%2FihlK4B61wLafXIvCVxlPenT3DnnmkgMnLgIK"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8397de142ef09131-FRA
cshow.php
www.awin1.com/ Frame 6EB7
43 B
702 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C197862%2C537178&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=0b6692431a0ccc8a3d007ad5020f0715%2F12881294171857800507&i=21630%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893182&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpcdsd441js1y7svjvzf0ya59emx4d97d82wfg1fncwqyhjya4dj4kkcerpemycstmvk4s65w0jjx2qaradsny5jvxvnmwh1r5hk83dcnj6crz87z98z2vzx66btzy1xx1mvh4hk5j3e31errx6bnsa53345qc4jsymbpb1xpfyqdvfyhbp898fkppxmtb9ckky5k1xc62gbfhakxaf3pxys19x0g567sqk5yfswpywhmbgrx59dea6vggcyahsvbjvw98rn781zzscfrft5907%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 22 Dec 2023 11:01:33 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
assets.ad4m.at/logo/ Frame 6EB7
8 KB
8 KB
Image
General
Full URL
https://assets.ad4m.at/logo/AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C197862%2C537178&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=0b6692431a0ccc8a3d007ad5020f0715%2F12881294171857800507&i=21630%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893182&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpcdsd441js1y7svjvzf0ya59emx4d97d82wfg1fncwqyhjya4dj4kkcerpemycstmvk4s65w0jjx2qaradsny5jvxvnmwh1r5hk83dcnj6crz87z98z2vzx66btzy1xx1mvh4hk5j3e31errx6bnsa53345qc4jsymbpb1xpfyqdvfyhbp898fkppxmtb9ckky5k1xc62gbfhakxaf3pxys19x0g567sqk5yfswpywhmbgrx59dea6vggcyahsvbjvw98rn781zzscfrft5907%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1126261762db36bce53560ac36f5ede1954662d33a6d6eeb62d84b715070e7bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
129570
cf-polished
qual=85, origFmt=jpeg, origSize=10446
alt-svc
h3=":443"; ma=86400
content-length
7728
cf-bgj
imgq:85,h2pri
last-modified
Sat, 04 Nov 2023 16:41:23 GMT
server
cloudflare
etag
"bddcb815cd8abad672404f9cdec6f97c"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NbPZwm21Ty1ilXEStjKEtkM5zjyJbFkroQLZA79G8Sc84fXahEs7FD9mE1Bks2P2KhX%2BHGgOF3x%2FBJ%2FbXyme7JBjY3qj3gU3sCdOZy7Z1NicV2DmTgR70a7%2BeSiyy%2FaBCa2sbHiO79qgZJ0Z"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8397de142ef29131-FRA
A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 6EB7
11 KB
11 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C197862%2C537178&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=0b6692431a0ccc8a3d007ad5020f0715%2F12881294171857800507&i=21630%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893182&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpcdsd441js1y7svjvzf0ya59emx4d97d82wfg1fncwqyhjya4dj4kkcerpemycstmvk4s65w0jjx2qaradsny5jvxvnmwh1r5hk83dcnj6crz87z98z2vzx66btzy1xx1mvh4hk5j3e31errx6bnsa53345qc4jsymbpb1xpfyqdvfyhbp898fkppxmtb9ckky5k1xc62gbfhakxaf3pxys19x0g567sqk5yfswpywhmbgrx59dea6vggcyahsvbjvw98rn781zzscfrft5907%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7f7f5265aeb0202ce88e8a6dfcc0ca25a7b990bb9ffac2f9e430ae6af2b6154

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
145506
cf-polished
qual=85, origFmt=jpeg, origSize=13532
alt-svc
h3=":443"; ma=86400
content-length
11268
cf-bgj
imgq:85,h2pri
last-modified
Fri, 03 Nov 2023 22:13:51 GMT
server
cloudflare
etag
"d9fd29c7a268fd485230a60f0d2e0192"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xjjxKfGGlJl7MeFXmgNfK2BgC1QuzmbfGSVoFMa8U98QKMOAAA%2BtnKP5rv%2BY8D01xQlF2%2F%2F%2FP2tt88Jfo1yROiiEQZfzBnT5CrAWl5jy11gAbLL9T3xieQVDiM7mUvJWGpmluNOkIByO%2F3Z"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8397de142ef49131-FRA
762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 6EB7
7 KB
7 KB
Image
General
Full URL
https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C197862%2C537178&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=0b6692431a0ccc8a3d007ad5020f0715%2F12881294171857800507&i=21630%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893182&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpcdsd441js1y7svjvzf0ya59emx4d97d82wfg1fncwqyhjya4dj4kkcerpemycstmvk4s65w0jjx2qaradsny5jvxvnmwh1r5hk83dcnj6crz87z98z2vzx66btzy1xx1mvh4hk5j3e31errx6bnsa53345qc4jsymbpb1xpfyqdvfyhbp898fkppxmtb9ckky5k1xc62gbfhakxaf3pxys19x0g567sqk5yfswpywhmbgrx59dea6vggcyahsvbjvw98rn781zzscfrft5907%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
137012
cf-polished
qual=85, origFmt=jpeg, origSize=8714
alt-svc
h3=":443"; ma=86400
content-length
6672
cf-bgj
imgq:85,h2pri
last-modified
Wed, 01 Nov 2023 08:50:26 GMT
server
cloudflare
etag
"52953af169f970e1ac17ba40d8c26548"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WifneLx459dRGmzJTUQZ%2F4wyD04Jvsgm7KIRE2lZaZgjwR%2BaQiDmNOtqdJqndLYHX8eoHDccdquSXP89WC8KiLvgv0n65Y4Kq6yf9FB2%2FatZ0Elep4I%2B3Jva0ZrYaIG1RrF2d8Zj9wAnHgUC"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8397de142ef59131-FRA
E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
assets.ad4m.at/ Frame 6EB7
25 KB
25 KB
Image
General
Full URL
https://assets.ad4m.at/E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C197862%2C537178&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=0b6692431a0ccc8a3d007ad5020f0715%2F12881294171857800507&i=21630%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893182&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpcdsd441js1y7svjvzf0ya59emx4d97d82wfg1fncwqyhjya4dj4kkcerpemycstmvk4s65w0jjx2qaradsny5jvxvnmwh1r5hk83dcnj6crz87z98z2vzx66btzy1xx1mvh4hk5j3e31errx6bnsa53345qc4jsymbpb1xpfyqdvfyhbp898fkppxmtb9ckky5k1xc62gbfhakxaf3pxys19x0g567sqk5yfswpywhmbgrx59dea6vggcyahsvbjvw98rn781zzscfrft5907%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d276da068fea1049fbb29d0aaeda5b9fa8a38e50b3f55741ffe2899cd52e6d5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1391836
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
25413
cf-bgj
imgq:85,h2pri
last-modified
Wed, 06 Dec 2023 08:24:17 GMT
server
cloudflare
etag
"7e811696e8763f5dce86bbb648013620"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UwxxD4gc%2Fr%2BWYjQAEEYpkTU40Ok4VOKJkIddE4GGxZqkFwQkVRp4W2CF8G25WAB8xCrG7SGaMN0NvOgd8czK%2BLCb9AsP6OdegMCGgMgTCjPtn4OrwcHzU1w0fTz%2FMaQ%2Fi52D%2Fs8SgJ5v7Pze"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8397de142ef69131-FRA
ztpv.php
www.conrad.de/ Frame 6EB7
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneiddk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPWoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1703242893_77e20880-a0b9-11ee-86a2-223889379c61&insert=AW&&gdpr=0&gdpr_consent=
0
495 B
Image
General
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1703242893_77e20880-a0b9-11ee-86a2-223889379c61&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C197862%2C537178&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=0b6692431a0ccc8a3d007ad5020f0715%2F12881294171857800507&i=21630%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893182&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpcdsd441js1y7svjvzf0ya59emx4d97d82wfg1fncwqyhjya4dj4kkcerpemycstmvk4s65w0jjx2qaradsny5jvxvnmwh1r5hk83dcnj6crz87z98z2vzx66btzy1xx1mvh4hk5j3e31errx6bnsa53345qc4jsymbpb1xpfyqdvfyhbp898fkppxmtb9ckky5k1xc62gbfhakxaf3pxys19x0g567sqk5yfswpywhmbgrx59dea6vggcyahsvbjvw98rn781zzscfrft5907%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6813:afbe -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
strict-transport-security
max-age=15552000
cf-ccp-worker
HTLPHandler-v1
server
cloudflare
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache
cf-ray
8397de15d9ee1e54-FRA
content-length
0
expires
-1

Redirect headers

Date
Fri, 22 Dec 2023 11:01:33 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1703242893_77e20880-a0b9-11ee-86a2-223889379c61&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 257C
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 13:10:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
78652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Dec 2024 13:10:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7C6B
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=510619576081689&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 47A9
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2506
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 10:19:47 GMT
expires
Sat, 21 Dec 2024 10:19:47 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CCB0
829 B
561 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f5d96f591ddd879e8e7ca5958e0dd3e5aa20d2e469ec61c56066c86bec0171b4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3BhQOP0D9w2KhCZpVh9qRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-3BhQOP0D9w2KhCZpVh9qRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:01:33 GMT
expires
Fri, 22 Dec 2023 11:01:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 3F78
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 13:10:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
78652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Dec 2024 13:10:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B968
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=1570296872092261&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

link.html
track.webgains.com/ Frame 5793
0
0
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=3118461&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j8c2m3feyf2njzws6r5hsjn4wzg9kr69ym57w2pjrmtw74v8nh8hwhefkv6svhv5jxraewnk0gn393fvry1ed3mys3b1v8y5qw4nj4m9t90ff80tbz9egc1rd5vr3g4maham613snfs3rn2bqzkssratbvtw45k5hp971cas3jckz32tayx8pezm3gg5z7197rmr44n4jakhp73hfttrs6vhsp45ya86mw63s1v8ar7aq3bhsev4xszhaaqrzyz1jyg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gm22q4b9444aejr3r6k9w1n2dvzxe0b3qnmwenxnk96q6kyadxr1vaapm438v4556zjm9437abmem008nc834ewqnqjcsmb070bh8ev7ap1e6q5s2vrhf4nyvbjtd0vj0etyx2a0p7qgysx4n6aeaj1jmnkjh44nwgdc2e9f9pjwnzjh7se4y15wc8bybw22npf60v0bewxjv540b98drpvzvj5hxwe4y0cc6mtnx58km4p4c1d9a8shsks4gxsht2gca8g08qbf5rh0r5sqwwb%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%252526client%25253Dca-pub-5884294479391638%252526adurl%25253D&clickref=oneidEDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdPoneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBWoneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C22451%2C43766&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2CG1rtBfpf8m7SKHeHGtPt31dHZSYTJJkCQV5M%2C791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CVb8twfmfQxbhVHbHAtXC8j4cBSzTggWuDJ7x%2CEDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP&c=120&d=600&e=&g=321ec706a9e9084c47b143badf7f4031%2F15314562129382337961&i=29981%2C25174%2C24891&j=16%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893293&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gm22q4b9444aejr3r6k9w1n2dvzxe0b3qnmwenxnk96q6kyadxr1vaapm438v4556zjm9437abmem008nc834ewqnqjcsmb070bh8ev7ap1e6q5s2vrhf4nyvbjtd0vj0etyx2a0p7qgysx4n6aeaj1jmnkjh44nwgdc2e9f9pjwnzjh7se4y15wc8bybw22npf60v0bewxjv540b98drpvzvj5hxwe4y0cc6mtnx58km4p4c1d9a8shsks4gxsht2gca8g08qbf5rh0r5sqwwb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.9.151.155 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
server
awselb/2.0
content-length
45
content-type
text/html
link.html
track.webgains.com/ Frame B555
0
0
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=2370525&wgcampaignid=1384975&wgprogramid=265645&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h7ty6v350b64dm7eqc9fhb5x2dkrh4ab34ks16hz4dvh70p25yj7cv6pse2sznhsp2nx3902tg8gpaz41dmyvvyxdw207pwr9yvkm045ya8a57rz5jm88m567ap2xnmh3px0eey087dcykdtdtjpxkfd4qzn5ra2xjc2mnd107pd9jrvc3985ykkheqd1wvsaehctjvn5h8s4r5r5cv4xe4zgscyyphcwky8v8g97jkke8nzwt103ermsa824mfkzrg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jzexnyx97018mp6hcfpggvcjhebj7r1t7h62fs0ts94mmtj548jk27brb9qkhwvj1qgnvyrnj3qw1p0edgar0ja435z66qjn8brm6z7m6bawm3qpxhfbf5hw5wk6tv9a0m10ctj525nj077ngg7j4frfqynq8aqtgtxh0hfk0zc9txcj0cj0cwz5dpz2rd32101vmeq2g0tkvtwvpq3tcytncjdst5xm808pet4vysz1whhxn5azs5reabkqjtjj148ysyktghz75qs3348zd3e%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC-lwejGyFZfPvGuKe7_UPzNCDiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0Pa18-Gn5sKix6c_kPnCh-TZdD5h9YMlIv5mPqA18d5yzX2osEflVvrzg5R4kxNTo1uBZD-zKluzx0EoT0jdYq2sMPUo1du29zzeYA7iRoGCXjEY8MxKL-ol_qiNHx4Y644lbmZ41gLF_KsN1XgI30u9ShSUm0ipLW35u7XnVIUE0xIlbz6HE81P4JLfXv8YXS7-38as4WRKGdPEQWh1ifHP2Ubx2dJHT--sJcPN5ctYhMZLvRLP-1W81RPdB7oYkIT7fRhC38RbP4A-tNwTgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN3Ax5zyooMD-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_16pC8lVHUJk3gPGqrBYOqDnfSAbg%252526client%25253Dca-pub-5884294479391638%252526adurl%25253D&clickref=oneid9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneidZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975&b=Z28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=50&e=&g=121c3689836262a14e893a5705835435%2F5587413522742643148&i=20597&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893301&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jzexnyx97018mp6hcfpggvcjhebj7r1t7h62fs0ts94mmtj548jk27brb9qkhwvj1qgnvyrnj3qw1p0edgar0ja435z66qjn8brm6z7m6bawm3qpxhfbf5hw5wk6tv9a0m10ctj525nj077ngg7j4frfqynq8aqtgtxh0hfk0zc9txcj0cj0cwz5dpz2rd32101vmeq2g0tkvtwvpq3tcytncjdst5xm808pet4vysz1whhxn5azs5reabkqjtjj148ysyktghz75qs3348zd3e%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-lwejGyFZfPvGuKe7_UPzNCDiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0Pa18-Gn5sKix6c_kPnCh-TZdD5h9YMlIv5mPqA18d5yzX2osEflVvrzg5R4kxNTo1uBZD-zKluzx0EoT0jdYq2sMPUo1du29zzeYA7iRoGCXjEY8MxKL-ol_qiNHx4Y644lbmZ41gLF_KsN1XgI30u9ShSUm0ipLW35u7XnVIUE0xIlbz6HE81P4JLfXv8YXS7-38as4WRKGdPEQWh1ifHP2Ubx2dJHT--sJcPN5ctYhMZLvRLP-1W81RPdB7oYkIT7fRhC38RbP4A-tNwTgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN3Ax5zyooMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_16pC8lVHUJk3gPGqrBYOqDnfSAbg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.9.151.155 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
server
awselb/2.0
content-length
45
content-type
text/html
link.html
track.webgains.com/ Frame 6EB7
2 KB
2 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&wgprogramid=286305&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jbnxht85kjqctbcp1b46bscmbrst2wqac4qr0cdz0kf8dvrabcwtz6nqmeb50y8e2j308gf6t431dh68gpx180j0m1k4hdt9wtjy9rtz9a7ha1abe13m8q81v31mzjb9bxbtzv858m98pfx15g3pj09fr9q21a3h73ffcnxjedwtfv41gs2q00zmmndecz2tg268hcsn11fbp76vxds38nmgy6fph3kbvbr1p4ktaz8ftt10eqfd850w059nk976kzzc%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jpcdsd441js1y7svjvzf0ya59emx4d97d82wfg1fncwqyhjya4dj4kkcerpemycstmvk4s65w0jjx2qaradsny5jvxvnmwh1r5hk83dcnj6crz87z98z2vzx66btzy1xx1mvh4hk5j3e31errx6bnsa53345qc4jsymbpb1xpfyqdvfyhbp898fkppxmtb9ckky5k1xc62gbfhakxaf3pxys19x0g567sqk5yfswpywhmbgrx59dea6vggcyahsvbjvw98rn781zzscfrft5907%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%252526client%25253Dca-pub-5884294479391638%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C197862%2C537178&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2Cdk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CKXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b&c=728&d=90&e=&g=0b6692431a0ccc8a3d007ad5020f0715%2F12881294171857800507&i=21630%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703242893182&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jpcdsd441js1y7svjvzf0ya59emx4d97d82wfg1fncwqyhjya4dj4kkcerpemycstmvk4s65w0jjx2qaradsny5jvxvnmwh1r5hk83dcnj6crz87z98z2vzx66btzy1xx1mvh4hk5j3e31errx6bnsa53345qc4jsymbpb1xpfyqdvfyhbp898fkppxmtb9ckky5k1xc62gbfhakxaf3pxys19x0g567sqk5yfswpywhmbgrx59dea6vggcyahsvbjvw98rn781zzscfrft5907%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQ4-DjGyFZbyeEa3G9u8Ph9-MyAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoEzwFP0AT0-Lp_IKNVoCWLtpqd8d57EJWOOrlMSZKMo-ubSry7EnfrK8JAeSftJDu6QRqwB2XXxsh6d_lsRz3vNsEUPffVeVeOm4-qk1OKCmj4J6-p7_HuzkvV7QyVQkAGYS-jm9AHh_N0xaCajxTorQ7JVUdIbPBBt3pxBbsXrbBBL22pcs3CINnOwndYmomEImnY68539skEAafMi0_yfttQOvZnf_QM0B4LI7TOzvbWA-llvHiJmXi7XNxvIu4MXo4OqfxcXJT95pubFlHPvpGABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYvei9nPKigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0EqKV1YeDKMUgVgNOYnAYM8pQouA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.9.151.155 -, , ASN (),
Reverse DNS
Software
nginx / PHP/7.4.26
Resource Hash
0eed33c3afbfb159d33437fc30355d5c8543c2f133bf36c35711022cba3dd46f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
last-modified
Fri, 22 Dec 2023 11:01:33 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Fri, 22 Dec 2023 11:02:33 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame CCB0
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=2231393102354728&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 47A9
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 13:10:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
78652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Dec 2024 13:10:41 GMT
generate_204
tpc.googlesyndication.com/ Frame 257C
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?FZYAQA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 3F78
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?q6baZQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 47A9
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?TCZpLg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:01:33 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 079F
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwuCLpOukbsNdb6zZEXjrt6bz-th-stH48qcQ0aPlv6oBvQ6gDd8Ev2_sypY3xOhADJZKuqJjCN36cgWLyZVI9gkE_7H-i6fBZTt8EkZsXyWBmOVYGdw&sig=Cg0ArKJSzG9G8ynnPh8JEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1418711512&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703242892249&rpt=440&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:01:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 6EB7
0
0

1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 6EB7
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
banner.congstar.de
URL
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1703242893_77f2d161-a0b9-11ee-a9f2-22382f104756
Domain
analytics.webgains.io
URL
https://analytics.webgains.io/pvClk.min.js
Domain
cdn.track.production.webgains.team
URL
https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1703243193&Signature=gtQ6c~41vTJwTvzBdRJmtOK4SXuqoX0LUni7ydCyHwwwcmtIfDsnWozWL5qb38yRDo6nuqZjOFLCZREnTJEnQCjE7l8PC-qB3-bAA~f2kcO8pk5D4IKYkM~9GeRTvf55yjGSKQbq1skCvXtuXeVl94rs8vpFy4Bf26qaayvU2rQr1fYSm2LytCCuAdRGU9872UFrE6tK-gjA9NnaIxoeysYJOEaP3RwfaI1aEKFYLjUK12xyZtz8JcsLqE6b40jwZW-6MKsoRHNl5BMWyNSMHr~thk6BwvM6dYSXNhG-e1QyIL~lB5LC7hriC143txBxViceOfPVmPwjXNRppl5LyA__&Key-Pair-Id=K28VXAGA7VWE0O

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS number| ampAdSlotIdCounter function| FormProxy object| __AMP_EXPERIMENT_BRANCHES number| ampAdGoogleIfiCounter object| gaGlobal number| ampAdPageCorrelator number| 3pla object| listeningFors

13 Cookies

Domain/Path Name / Value
.statcounter.com/ Name: is_unique
Value: sc12916097.1703242887.0
.statcounter.com/ Name: is_visitor_unique
Value: 1703242887220703575
.xgcartoon.com/ Name: _ga
Value: amp-XbxgKKOQKxwjR7osDQVOig
.doubleclick.net/ Name: IDE
Value: AHWqTUnoi4i0FNaVI7j45AeRT4vqEhmfVLUU2TIiun7L2NP4MbNm-oAFngxu4MCq6QM
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.adform.net/ Name: C
Value: 1
.adnxs.com/ Name: uuid2
Value: 8951301053833468471
.adform.net/ Name: uid
Value: 8664234539957108725
.w55c.net/ Name: wfivefivec
Value: tYwt2xSM1RgDhy5
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%2279474F27-3844-4995-1AB1-21B139F1CEB5%22%7D
.simpli.fi/ Name: suid
Value: 92094092DF0A4340841270F42541A162
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.w55c.net/ Name: matchgoogle
Value: 5

13 Console Messages

Source Level URL
Text
javascript warning URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Message:
The resource https://204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network error URL: https://track.webgains.com/link.html?wglinkid=3118461&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j8c2m3feyf2njzws6r5hsjn4wzg9kr69ym57w2pjrmtw74v8nh8hwhefkv6svhv5jxraewnk0gn393fvry1ed3mys3b1v8y5qw4nj4m9t90ff80tbz9egc1rd5vr3g4maham613snfs3rn2bqzkssratbvtw45k5hp971cas3jckz32tayx8pezm3gg5z7197rmr44n4jakhp73hfttrs6vhsp45ya86mw63s1v8ar7aq3bhsev4xszhaaqrzyz1jyg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gm22q4b9444aejr3r6k9w1n2dvzxe0b3qnmwenxnk96q6kyadxr1vaapm438v4556zjm9437abmem008nc834ewqnqjcsmb070bh8ev7ap1e6q5s2vrhf4nyvbjtd0vj0etyx2a0p7qgysx4n6aeaj1jmnkjh44nwgdc2e9f9pjwnzjh7se4y15wc8bybw22npf60v0bewxjv540b98drpvzvj5hxwe4y0cc6mtnx58km4p4c1d9a8shsks4gxsht2gca8g08qbf5rh0r5sqwwb%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC-f6vjGyFZdrhG9SH7_UPs5uK4AqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0CGm4KMaDe5JQ7LGQlE8BocV5Yo7F9a_uOC1A57_LaOJHnzo_ymeERtVOYu1YL5_hzT2X8MwOsYYJntYhe7OeEyp8QpkzgH-_85AxmzQIWM4J4jeVfMZC7YSTkYGGu-K5sqSMaVi2RysfUHeHmgvzchONlSWTNftwD_ZjWkOxHE6xpp5DDGP4sGk0uqoht34HwxgGzRxoKttsiP5gjLkPq_pFN-Q_cT1_m-IdKEoCpjzEqV8al1sNT1RYPoeQtDI4Z88u3DhRZrWU8k90PwwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY27zInPKigwP6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0Iz6dvD0H-3ZEixjSSNGvTZ9ZEhw%252526client%25253Dca-pub-5884294479391638%252526adurl%25253D&clickref=oneidEDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdPoneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBWoneid__suite_Netmix_Reach121_BESTPERFORMER
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://track.webgains.com/link.html?wglinkid=2370525&wgcampaignid=1384975&wgprogramid=265645&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h7ty6v350b64dm7eqc9fhb5x2dkrh4ab34ks16hz4dvh70p25yj7cv6pse2sznhsp2nx3902tg8gpaz41dmyvvyxdw207pwr9yvkm045ya8a57rz5jm88m567ap2xnmh3px0eey087dcykdtdtjpxkfd4qzn5ra2xjc2mnd107pd9jrvc3985ykkheqd1wvsaehctjvn5h8s4r5r5cv4xe4zgscyyphcwky8v8g97jkke8nzwt103ermsa824mfkzrg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jzexnyx97018mp6hcfpggvcjhebj7r1t7h62fs0ts94mmtj548jk27brb9qkhwvj1qgnvyrnj3qw1p0edgar0ja435z66qjn8brm6z7m6bawm3qpxhfbf5hw5wk6tv9a0m10ctj525nj077ngg7j4frfqynq8aqtgtxh0hfk0zc9txcj0cj0cwz5dpz2rd32101vmeq2g0tkvtwvpq3tcytncjdst5xm808pet4vysz1whhxn5azs5reabkqjtjj148ysyktghz75qs3348zd3e%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC-lwejGyFZfPvGuKe7_UPzNCDiAyQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLWHDCyanSyPqgDAcgDAqoE0AFP0Pa18-Gn5sKix6c_kPnCh-TZdD5h9YMlIv5mPqA18d5yzX2osEflVvrzg5R4kxNTo1uBZD-zKluzx0EoT0jdYq2sMPUo1du29zzeYA7iRoGCXjEY8MxKL-ol_qiNHx4Y644lbmZ41gLF_KsN1XgI30u9ShSUm0ipLW35u7XnVIUE0xIlbz6HE81P4JLfXv8YXS7-38as4WRKGdPEQWh1ifHP2Ubx2dJHT--sJcPN5ctYhMZLvRLP-1W81RPdB7oYkIT7fRhC38RbP4A-tNwTgAaalv6x-5b39cgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WN3Ax5zyooMD-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_16pC8lVHUJk3gPGqrBYOqDnfSAbg%252526client%25253Dca-pub-5884294479391638%252526adurl%25253D&clickref=oneid9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneidZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER
Message:
Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

204680ddb9e87c3d5b31d590dc69926c.safeframe.googlesyndication.com
ad4m.at
ads.travelaudience.com
analytics.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
c.statcounter.com
c1.adform.net
cdn.ampproject.org
cdn.track.production.webgains.team
cm.g.doubleclick.net
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
googleads.g.doubleclick.net
match.360yield.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pm.w55c.net
prod-rtb.ad4mat.net
pv.medialead.de
region1.google-analytics.com
rtb.openx.net
s.ad.smaato.net
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-a.xgcartoon.com
static-de.ad4mat.net
sync.1rx.io
sync.targeting.unrulymedia.com
sync.teads.tv
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
www.awin1.com
www.conrad.de
www.google.com
www.googletagservices.com
www.xgcartoon.com
x.bidswitch.net
analytics.webgains.io
banner.congstar.de
cdn.track.production.webgains.team
104.102.45.165
104.18.36.155
104.20.95.138
169.150.222.217
172.217.23.98
178.250.1.9
18.197.41.124
2.19.104.4
2001:4860:4802:34::36
213.155.156.165
217.182.178.228
2600:1901:0:76b9::
2600:9000:25e8:3400:1b:5138:8a40:93a1
2606:4700:20::681a:61b
2606:4700:20::681a:ad1
2606:4700:20::ac43:47bf
2606:4700:20::ac43:4a81
2606:4700::6813:afbe
2a00:1450:4001:800::2002
2a00:1450:4001:803::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:811::2001
2a00:1450:4001:81c::2001
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2002
2a02:fa8:8806:13::1370
3.9.151.155
35.190.0.66
35.204.74.118
35.227.252.103
35.71.131.137
37.157.4.28
37.252.171.85
46.228.174.117
51.89.9.252
52.58.114.78
54.229.5.240
69.173.144.165
91.121.248.44
00ec1365c05b2843c4e57ff0b5006e9501b19c4138d7d1286a7d42ab133b0d03
05e08c808879f06b105eb9a706db9efc115a1ad6a3bdd536d8cac7868012ef4e
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
086201b1717dc01de92caf616dba26dac813fabb51aa117fb6c42502b4b1e08c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c6b8f3b05a27a98bb5b8ef987e24599301129f33bfccc8f67a744faac72264f
0cbb4a1e80cdad6d5c96c1353aff383e743af61e8d5b157e3379694684b66ade
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0eed33c3afbfb159d33437fc30355d5c8543c2f133bf36c35711022cba3dd46f
10a9496c968fb01e420759b953e1c683c7620261d4d04ae9a290d42dd63d4455
1126261762db36bce53560ac36f5ede1954662d33a6d6eeb62d84b715070e7bc
19b72a92913062223f56ea8d20589267234fd8ee714fb46607968711a9d6d63d
1db88f073601d3e30002743d54a64924a0719eef98c5462c34215148781b79b5
1e2aa31ea0b4c14103915ba7d906536f68d021c22d3038b36c145bc2e6a2cc1d
1f1ea0482ac03225cda20a2b6ac7672db9066ca26dd0ac9c2e2be6e27ed2544c
25032c8c8a338369d566c3325a7395222ce48fa86a4f78ddc0b75c739b175927
26030c67cb2fdca21d7a79476616fdb6466ff96e9708a24c4c1f6677b6ad55f3
29ef0739d5603f89381de3d3cd955be635a16c212f5122ef604feefb145a19f3
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669
2a9e1eedba53e281f772796dd83eb2280b1a1c1c1c9ebd114d5bb7499fde7bdc
2b86d265a0bfafc113ce244f87cd497d3a164c87e97b9ff2bb8693217272e959
2d3334cb8e61a3c61e708b657e644941f8f70d86f10d9b8d9f2a8308b39b6701
2d9c3d077667e6e6e6db0d58ac74ee13502b643d66a63dcf213a9991e7b5d1b1
2dfc3120b346b740f323485e3711448804353c1c5c213ec822a6ff76e0c7b8ad
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32889607a9ca0ff509db1a6f3610a9e2b5e63cae6850fc208bd06c000d733db6
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3374f10dfed2ff562a68ac020cd5f30365b4d23d56dcf688698bd16b9121eaf1
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254
3b8fd957271a7089ccbf728bf63e93fd5de3d78b076ad856a91bed46b09d5abf
3c54442f21c2cbd18f8e6e2508129e77dab00b67022621679202cfe3b9baa4e9
3d6654a62f272de17f6ecfcc755101b008d42ed334f70b653d5afd51495636f8
3dd5bb9fda081a3cb1bd6d513edb1a71746031bec07d8c646abe5813ba9dd4c4
40df2b78182e4ea8c29b45c73a0e7bef10dc5ab61798ce22238d039d2bd81b92
41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37
42422cb1706c506eb32f3e19a4875cfa09172363192641c062a035d4f46309b7
43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28
4644c8170155f76f5c8812e6de5625011b0dab3ea1dccc9ea1df6ead950243c1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48996e74bebf44867bdf2ad3fc3a2fd7a9f7f7b9317e6a652f8e6191cfef90e8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
539dcbf05829f814ac43ca279d55baaf1821174a080a32fa6e08d488a3f88358
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
58307ba9ff94049bd067f1f1c986f76144e3b77c87ef8776f2b3c8f523f2bf44
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
6131dc1f5f4917d39d60cc5a0acdf6cc86983144801036d6a6dfde7e265a1b00
617175475dd7762c2557066f330446636c982b371b142462cf7b4cd7c395f79a
61b795b4b86772a190d146eabb64cfc867f858c9311ddbbecee0a76e4ce2b57b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
657f06943a34735f0a25f30c9ea05c15e24c0985bbdb771e615182b03e03fa9d
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
78693fd6e7380b2962ece513f734b418641b263e302684660323b93961ce7bf2
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b
7e0f46b2918e477200be87cb94fe5fcefd6709ca57d8af751446b14a8d0ce298
8013407130f3d1c34679b5d4a3ca7d56ce95e0a656d501bf0920e8bd8732b6a3
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2
83af0c09a4f51158ec41f22995415aad509db6ef38d91c7feda2503acf5c49f6
83e7677e066db996c90646e6a3c9b367f199ca7abd4b98135b412473c6e5a715
867c548cca19b22658f84703546e5bfd0f399bdb4d0d68ac45b2ff9597e7c97b
873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d
878a2cd75957206fa5958be9c549e0b8f9adf16b6ae5aa305b1405649f2d84a5
8871a6898febb707d23932c32a71b4b21eabdb61a08888195f7e408001ee9f5e
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc0b8445f80ad134748d7c83953db4326302247a34ba6fa2239b61836930842
8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad
8e9a71de8640d1d2451c9db5982ca3d2ba217f13d0315baa04411287db42dae7
8f5ae660a918eba08ad016ea2851d5f712d6f0d8bbddd7c64191e39796c65efa
90f10ca4b4b71f7d97bb2bdf4f6566f5bdf2b5b339da48738b1d2fa4391a7df2
930e3672504293e5810a58b53c4470f2d4ffcd345a68e608de29e0eaa459897d
94aea748a7ee24920e714e2e7f90b23d48298e7a79ae1c666308e020ab157a3f
94fd0fbd71fd2b1ebc82c0404b3bd76c9099bbee0c5361a7069822f889728be4
95db46ef48897d5028f019e9089af3e8e0b8aad3fe358fc3d1e19cfce72da8ec
95f9669f86fe28fac80e3a754575893953ce4880b37490c44fb603257ccfd95b
9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66
98943ace7e40462eae22caf1645fadbf7e7d59b696cd3ed0391837e0efa41801
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1
a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e
ac79466527bbddc1f62ebc9439506bf48c8c6f19cfbb8e2bb71541c45e0e032d
acec4320ad0885b9cbfe0e0c48f053349f07b44ca764cacf2b5940bbdd0b90c3
b2da1d8d97bf0f9c6b91a686f349e4ce0e46f0c24ce6ffede5568a2225139b8f
b44d8b78b9da842ebc8110ce6ab2389ae44f9704c9de7f5e72cf72b9b1a35388
bb22b6f1eaa16879c8550599bc09f556bba897ecd3826a49db742558c1e0751a
bf13e4e510802d75f0c3f6062d74bfdd1c4e2a0d6e54de7a92e1b0005c23e38b
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5
bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447
c016b97948d1832765d77dccc9eec9db6da68e15bd39e904ba2ad86c7d11c20c
c654b4d50ad1ad7a804399b703554bcbd7f5882c126a21f0798de1a9e99df18c
c79ac6cfee8e008a056c553c31aebea9faf21e90d1f8ca4e5fcf7367531aa868
c7f7f5265aeb0202ce88e8a6dfcc0ca25a7b990bb9ffac2f9e430ae6af2b6154
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a
c8faf99fd993e58fc0a8cd69550d2a57eebf491b4a8bc7bbf9fa7fb2d7ac39b7
c93dd298a227decbcbc5fcc458c787f081db10425e322950458c08e0656384d7
cf7e7f92b22ca9527fe6cfea0ca1578a6422262631baed0f863136a8d18a12d8
d03f4d2bc051e30a3e7200e115681be89ce1525e56ae6040c0f2ef93e4df328f
d2178b3bd0c2cc7cfcd4b46abe1f019da9afc22b4b2de0ddd0f104de9b4e420e
d276da068fea1049fbb29d0aaeda5b9fa8a38e50b3f55741ffe2899cd52e6d5d
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8
d50653c6b567749e8af96b01371c0830a1ab0731ac3e13230bc12913e00c4f52
db2e4e6461e2031165b8e5e9c11a58bdc3eb90876cb1bf9a660a96220ff103ab
dca1a0dc1f2b52f18cf46789de016d2937b1829b3f2db9a19aa78f31a9694e5a
de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421
de6f3845be49878afb5314dd5297e48423a4e952b0ad7fc367627de0338d49d7
e0435079f9a4a1280a9ccfbb593d29768c3f96b4cd7b0c6ee2134f820b5f65cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40d97b983b5756bf934b6b97d8d3fbb7cd719406bf82fee6e8a2c1acced376d
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348
e817fe0df75a2ccb8908c15918c041961d4dd252ed0ef6a33fc8aad26ca00161
e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212
eb2d993f50ef7d1ef5baf8468fa8c632211a101343450e640468e3295396388d
ec227134d399227fe358e0086b7e5537b5274cd941b5b5fb0e565c4eb13a56b7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5458d67488ccf7174d16072d151922758b6f084626a799a242ca5cb28d02526
f5d96f591ddd879e8e7ca5958e0dd3e5aa20d2e469ec61c56066c86bec0171b4
fc1152c6791393462d034fa657eaf36ac8dcc73b4e22c6258628d55c9ed15481
fea91d88ec3a7a0e721f2a283f71aa532ab947d817a4e82f933b2e269e074739