www.xgcartoon.com Open in urlscan Pro
169.150.222.217 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Submission: On December 22 via api (December 22nd 2023, 2:54:29 am UTC) from US — Scanned from DE

Summary HTTP 209 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 38 IPs in 10 countries across 39 domains to perform 209 HTTP transactions. The main IP is 169.150.222.217, located in Hong Kong, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.xgcartoon.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on September 24th 2023. Valid for: a year.

This is the only time www.xgcartoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	169.150.222.217 169.150.222.217	60068 (CDN77 ^_^) (CDN77 ^_^)
12	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	104.20.94.138 104.20.94.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:20:... 2606:4700:20::681a:3f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2 2	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 17	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
4	217.79.188.10 217.79.188.10	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	85.114.159.67 85.114.159.67	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
7	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	85.114.159.66 85.114.159.66	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
36	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2	18.185.219.207 18.185.219.207	16509 (AMAZON-02) (AMAZON-02)
2 2	2a05:d018:d29... 2a05:d018:d29:3602:897:817d:b550:36d6	16509 (AMAZON-02) (AMAZON-02)
4 4	37.157.2.229 37.157.2.229	198622 (ADFORM) (ADFORM)
2 2	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
2 2	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	81.17.55.122 81.17.55.122	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	213.155.156.180 213.155.156.180	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	54.76.229.46 54.76.229.46	16509 (AMAZON-02) (AMAZON-02)
1 1	35.214.218.94 35.214.218.94	15169 (GOOGLE) (GOOGLE)
3	2606:4700:20:... 2606:4700:20::681a:61b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
1	91.121.248.44 91.121.248.44	16276 (OVH) (OVH)
2 4	2.23.68.89 2.23.68.89	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
1	87.118.116.9 87.118.116.9	31103 (KEYWEB-AS) (KEYWEB-AS)
1	2606:4700::68... 2606:4700::6810:c0cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
3	35.176.134.178 35.176.134.178	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.52 18.66.147.52	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.53 99.86.4.53	16509 (AMAZON-02) (AMAZON-02)
2	3.9.60.26 3.9.60.26	16509 (AMAZON-02) (AMAZON-02)
209	38

5 169.150.222.217 (Hong Kong, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-222-217.datapacket.com

www.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.94.138 (None, )

ASN13335 (CLOUDFLARENET, US)

c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:3f3 (United States)

ASN13335 (CLOUDFLARENET, US)

static-a.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.93 (Loerrach, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.186.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 217.79.188.10 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.67 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dspcluster.adfarm1.adition.com

dspcluster.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.66 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.active-agent.com

dsp.active-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.219.207 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-219-207.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:897:817d:b550:36d6 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.229 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.84 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.158.49 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.17.55.122 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.180 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.229.46 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-229-46.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.218.94 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 94.218.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.23.68.89 (Düsseldorf, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-68-89.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.70 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.118.116.9 (Germany)

ASN31103 (KEYWEB-AS, DE)
PTR: km36617.keymachine.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:c0cb (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.200.5.215 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.13.224 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.176.134.178 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-134-178.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-52.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-53.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.9.60.26 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-60-26.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	googlesyndication.com 3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148 pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	795 KB
42	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 25796 ad4m.at — Cisco Umbrella Rank: 11359 assets.ad4m.at — Cisco Umbrella Rank: 35458	400 KB
41	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 ad.doubleclick.net — Cisco Umbrella Rank: 139	129 KB
12	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 428	251 KB
10	xgcartoon.com www.xgcartoon.com static-a.xgcartoon.com	503 KB
8	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428 imagesrv.adition.com — Cisco Umbrella Rank: 17335 dspcluster.adfarm1.adition.com — Cisco Umbrella Rank: 57660	140 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	515 KB
6	ad4mat.net static-de.ad4mat.net — Cisco Umbrella Rank: 192580 prod-rtb.ad4mat.net — Cisco Umbrella Rank: 145563	2 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2	2 KB
4	awin1.com 2 redirects www.awin1.com — Cisco Umbrella Rank: 13930	3 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 560	3 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 24395 api.webgains.io — Cisco Umbrella Rank: 59842	19 KB
3	webgains.com track.webgains.com — Cisco Umbrella Rank: 49821	2 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4497	645 B
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 780	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2218	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 773 r.turn.com — Cisco Umbrella Rank: 3570	869 B
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 478	2 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 546	2 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480	1 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	1 KB
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	291 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	297 B
2	active-agent.com dsp.active-agent.com — Cisco Umbrella Rank: 51590	512 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 61264	15 KB
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 104746	1 KB
1	lead-alliance.net 1 redirects www.lead-alliance.net — Cisco Umbrella Rank: 89094	435 B
1	telefonica-partner.de 1 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 88416	261 B
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 83743	493 B
1	congstar.de banner.congstar.de — Cisco Umbrella Rank: 97477	549 B
1	medialead.de pv.medialead.de — Cisco Umbrella Rank: 47317	327 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 870	414 B
1	360yield.com match.360yield.com — Cisco Umbrella Rank: 1765	199 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550	363 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 742	45 B
1	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 793	166 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258	574 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	256 B
1	statcounter.com c.statcounter.com — Cisco Umbrella Rank: 10182	468 B
209	39

	Domain	Requested by
28	pagead2.googlesyndication.com	3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
24	tpc.googlesyndication.com	3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
18	assets.ad4m.at	as.ad4m.at
17	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
13	securepubads.g.doubleclick.net	cdn.ampproject.org 3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com www.googletagservices.com
12	ad4m.at	as.ad4m.at ad4m.at
12	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
12	cdn.ampproject.org	www.xgcartoon.com cdn.ampproject.org
8	www.googletagservices.com	3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com googleads.g.doubleclick.net
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
6	3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com	cdn.ampproject.org
5	static-a.xgcartoon.com	www.xgcartoon.com
5	www.xgcartoon.com	www.xgcartoon.com cdn.ampproject.org
4	ad.doubleclick.net	4 redirects
4	www.awin1.com	2 redirects as.ad4m.at
4	c1.adform.net	4 redirects
4	imagesrv.adition.com	3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
3	track.webgains.com	as.ad4m.at
3	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
3	static-de.ad4mat.net	as.ad4m.at
2	api.webgains.io	analytics.webgains.io
2	d5p.de17a.com	2 redirects
2	um.simpli.fi	2 redirects
2	secure.adnxs.com	2 redirects
2	sync.1rx.io	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	x.bidswitch.net	googleads.g.doubleclick.net
2	match.adsrvr.org	googleads.g.doubleclick.net
2	dsp.active-agent.com	3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
2	dspcluster.adfarm1.adition.com	3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
2	dsp.adfarm1.adition.com	2 redirects
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	partner.o2online.de	as.ad4m.at
1	www.lead-alliance.net	1 redirects
1	www.telefonica-partner.de	1 redirects
1	www.conrad.de	as.ad4m.at
1	banner.congstar.de	as.ad4m.at
1	pv.medialead.de	as.ad4m.at
1	csync.loopme.me	1 redirects
1	match.360yield.com	googleads.g.doubleclick.net
1	dis.criteo.com	googleads.g.doubleclick.net
1	ssbsync.smartadserver.com	googleads.g.doubleclick.net
1	image6.pubmatic.com	googleads.g.doubleclick.net
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	region1.google-analytics.com	cdn.ampproject.org
1	c.statcounter.com	www.xgcartoon.com
209	53

This site contains links to these domains. Also see Links.

Domain
cn.xgcartoon.com

Subject Issuer	Validity	Valid
*.xgcartoon.com AlphaSSL CA - SHA256 - G4	`2023-09-24` - `2024-10-25`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-05` - `2025-01-03`	a year	crt.sh
xgcartoon.com GTS CA 1P5	`2023-11-16` - `2024-02-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.adfarm1.adition.com AlphaSSL CA - SHA256 - G4	`2023-05-08` - `2024-06-08`	a year	crt.sh
*.adition.com AlphaSSL CA - SHA256 - G4	`2023-05-08` - `2024-06-08`	a year	crt.sh
*.active-agent.com AlphaSSL CA - SHA256 - G4	`2023-11-28` - `2024-12-29`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
ad4mat.net GTS CA 1P5	`2023-11-18` - `2024-02-16`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-11-21` - `2024-02-19`	3 months	crt.sh
pv.medialead.de R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 28 frames:

Primary Page: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Frame ID: 6D99B8F085B57E2FAD76B553D667CD73
Requests: 38 HTTP requests in this frame

Frame: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 4AE957D9199D3E9AD05E19AEF9B39FD4
Requests: 15 HTTP requests in this frame

Frame: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: CCE608B701FD09E1BC8A495E2F0C3362
Requests: 12 HTTP requests in this frame

Frame: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: EC5014D466A3971E5831E5BE0216DB9B
Requests: 10 HTTP requests in this frame

Frame: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: C975CD57B19BC5E848383096ECB0A81F
Requests: 10 HTTP requests in this frame

Frame: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 2F00F76524BC785B7FED26B0008BAFC9
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: B3A07F198FCC0980A2BC83F1C29A4076
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664159&bpp=163&bdt=208&idt=395&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=951253811&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079979%2C31080103%2C42532599%2C44809005%2C95320869%2C95320884&oid=2&pvsid=3117365693374568&tmod=1040047305&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.aobx6eb24a80&fsb=1&dtd=405
Frame ID: 98688A90B7E15BDA37139CDB9A6CE8EF
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664118&bpp=173&bdt=186&idt=496&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=473881860&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C42531706%2C95320885&oid=2&pvsid=4062105731340427&tmod=200875256&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.vk1l26qrfar&fsb=1&dtd=506
Frame ID: 43E815DB8199A031B4AA0E7BD56879AA
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664221&bpp=153&bdt=273&idt=465&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=0&ifk=951579278&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C42532524%2C44795921%2C95320884&oid=2&pvsid=414464868954654&tmod=1465507687&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.a5ruky4zylrd&fsb=1&dtd=475
Frame ID: 532E59742AF3D22DD4202D1A5519DAC2
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h02ce4efd19e63gkf5ckd42074q8wdtb1nzq0kw2e3yp8d9j5hcvd8ecetabekbrt8ypc377ha0e56jf9dhap1e7n5qwqszc99rc9bc8bskn6v15a1a05rr32t645evhyg7q5v4tdrb2etak366q0acy7bxabje075gmpchnpxbvvx2p3eh3jyrggw9jdvyva425hsbanc734f247rsv0dzpgt6cj33sxs74q1vphfp35d7m17g9nhn7vqrj6vzw390j1pgsjvqadtn7ze9b51jvasfrsrv1k96keyr6q8fam16bytgbsh409wt30njr6vpcj37djtye5q6dsytbsk5gr5te0jmg42ttwwm3pq234vcn19mhcbkf5ajtpc9avxn9683mxabwwxwb179nz1znsppa6zv6a39t38n8sncpxzvebyt1g7jk4012yp71pa77yx7&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmYMzYPqEZZKoJOOCjuwP04y9mA6Q4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0EpMjG6qmCWrYwDoFyuBqCUAIbucQx46UdsuGvntxgjDEC8eIdxubxosEhqYbcTYe0PLF0Ln5rAurh2oWzU0aC5XEd5nH0ZSSIfabxFrb2d75vaaf8YFdaRjiD24KspUsznbEl63v-X8_X0uN5q1HVM1Z4W2aVGvCscVxnZIgrMBx-i5D5qcO0qa5CM4h0rkszAsQmu_PZMJ21UhfDZotzaXs2V50TLHdA1pXQpwLsb7ZDoKCsCFRNVSRawxqb5X1ED0ZH2KvjjtVtCIqJOABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYxr_Rq4WigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3g-omR_KxnBiFj5rUvQGdu1yei3w%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: A89F048BE303C02AD9E9423180A53529
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FB48ECA23C239376E32318E40CA9FC3D
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gcpdemthc50j68xgc24gmj7jd8f0nc1ns56y4b0c0zynkt849mey93jrca728t52r5g1g9vegq77zx57yswgzpwmy2sngvsca27bgv5dnqjvsptbqme1bsz296pfwzwqtm3mga7h9e4gewnwsy5dtrm3pw9hhpphkb3rb2t36z4a396pbscxqs9c2r3h2y3s6v4a4egztgtwxxtn0rpwhebw71jgjthzcark4ynz0v4cx0ddtmtcn2zr07cb9hfa5ebg9hn3q73q3937670z242grgh32w66prk5y0j9wgc64jwb90ecw8yfrxnyea0gvkrbrwrw2jex09py4x7e1wbsckggjp98cstwepn6p3jgast4mfyr8sm58x9xcybvjzcxr8tgbwagwydf0069cnz9ae87kc55ps3vj7sm7tw3hbx018ggmsagw0jhj4vz4kay1vt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyuRDYPqEZeuEKISBjuwPgNyfyAqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0Op5dP-vux1U7l9bjTOpZPikHKcE4HtnEE3Ds_H2R9x_jOg0KK08vRDd6OuKcg7ZNOQF7YDaQcHLISBCtThXnqBAThbUGl7rri_iX81m392cSGgz0OpSc2tEp-THgYn-nvqlYrj0IFrChDOIfWOgiKn4R8V2rKY1Ae4W4aTjZrfLk_KUAIDamntOVUps1snPwE9wgB3caH7PS77or9Sk9oINORAnfXqm3cKKuuflmnQ-46GqEvTuAnoEiX2hE74nH6diXmXOHJMhMyAqswCABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYjpjVq4WigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2dYQn-8eqxoaXKUD8kIbpNY3Kzjw%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: BDC153B6C85673DC1B06A4DAEBB61797
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 552EC822F441D54EFCB8BD6F787DA05C
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jxsqf8z0n4hm922dz2dtvm2m40yz47azd86mxafrmyntrmmj474zykg8gy74nyzxjqdbt25pbaqm4m1j0rwhnr2jpwk2y8n4jzz0axcmq569tmdzgfxwmggrjg4baj30b26qgzzryv0ksy37wmxh9eafqgn1cxpp9hmncadx9rfj5kmscr0gsc02z28x2p2w02jmh9j4vx88jn05w692x6rkvr5hp8a228f7kbjt80sxkrfsnzwzf1kg43b6kesfbxeqawa73vdkmf6ekn90wem3bh7hrm1bh61td5vpkg89whvxj938n33vmr4hb8vxcsdhg58d1mze9nemt78ckbeb1xbagsm7w52h8zaef62wjqj59pm60t5b9tbv4kw8h6ajyw4y251p8j53dzwz06nzd19f0rt1zc5v5ee6y91jzb0wnr358qhe35jjwg1ce25dxwpw8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzwGmYPqEZbWvLM6kjuwPzIyP6AWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoE0AFP0GP7fvYey615YWDKhI7FbRfN5LepqUSg0aT6NBC1Vgy9SIZIqnyFoiBvihtYydq_533W_Y4q_e3lgm1D5wet9VkFEUiPHXAmw55h8kZ5IrU3EyoiKI3evQMJv9yoIuFmY23ZzazrSr56LwdK57tMNbBE8Gn_xh0j-s2RFGqpQkVLaPQ_JNt3VnrgN2NtiKMIeHeaiEQXl8iQZVmoTd96KfLqVozQZZACiJhM909QicAjCZDuVJnxp13X5MMJ5HFkKleFp5b6quU9l5RW5v4rgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WL3E2auFooMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0E-sZzH2UzK8XflhXSQWOZY54DnA%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: FC4545EF1AA7F04B4C4B46F01A2A6A5B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 38551311DAFF45086E48E0FF6ECDE564
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 5C9EE8025B9C5DDE149408F3AAB5610D
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 399B55A4FC3DE3BE3B7E4E07BA52D107
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 60F6ECFC236B2CBB835880271A84AFC3
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=34719%2C117569%2C186460&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cbk8aQfZf5mB8hYHbHztKtpb1tbSJTMMZHKqQP&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C3qjcpf4fXjKbH7HrHAtXCpY1tPSWTKKMsg2Y3&c=160&d=600&e=&g=38587e0d836560be13e155290a68adb3%2F15916377107025026543&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665305&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcrg2jgaqp056pg4fhfhhrft35anjy0vfd07x39mwb1y7bvpybxzzbjy98f325v80wwx92nwh06cehn1n9c9nzweqa06g5tn7s619ekpw4my5y7b1q48y1de77pexmntz5sp8d90rtd0ra6rby89rmsdvaqgh1pkzmst8j6xsj3skbpn9gd3c5qpkpb80eb7jjj176yz61vfxpagcpcyfpcg95wyykykf129vwfmy6fcyxgrek6znccrb5wxfwffrpdgb387m71pm8gm58xj9xb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzwGmYPqEZbWvLM6kjuwPzIyP6AWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoE0AFP0GP7fvYey615YWDKhI7FbRfN5LepqUSg0aT6NBC1Vgy9SIZIqnyFoiBvihtYydq_533W_Y4q_e3lgm1D5wet9VkFEUiPHXAmw55h8kZ5IrU3EyoiKI3evQMJv9yoIuFmY23ZzazrSr56LwdK57tMNbBE8Gn_xh0j-s2RFGqpQkVLaPQ_JNt3VnrgN2NtiKMIeHeaiEQXl8iQZVmoTd96KfLqVozQZZACiJhM909QicAjCZDuVJnxp13X5MMJ5HFkKleFp5b6quU9l5RW5v4rgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WL3E2auFooMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0E-sZzH2UzK8XflhXSQWOZY54DnA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: A47453BC4456074CBB2616A1C34F7BBB
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=43766%2C19769%2C197862&b=791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=EDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=774f1bcbd26475852907acf81697e492%2F15003327681042682644&i=24891%2C21630%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665327&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkf1ka9hzfggpb3s5k7rg5hw7ke8q7f3209cx54x1y5zye2qth03bxbc0rcyhthrk14s5gvykksmfk19pxa85zm5tcrszp39yjb44410bejq2khjkcwekbgap2wce04t545e6xjzeb6as06zpfhktr2w9cjgmawn6jbsszg2vqf1ypm2h6rcrxxy8hh0p4jr2hv6y5s814f6jnpmcxktzf7m0nwedm8saqrfa4gf77zthz4kbr512w4tj995xn48gsnjty0qw71dpg13ycnzqax%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmYMzYPqEZZKoJOOCjuwP04y9mA6Q4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0EpMjG6qmCWrYwDoFyuBqCUAIbucQx46UdsuGvntxgjDEC8eIdxubxosEhqYbcTYe0PLF0Ln5rAurh2oWzU0aC5XEd5nH0ZSSIfabxFrb2d75vaaf8YFdaRjiD24KspUsznbEl63v-X8_X0uN5q1HVM1Z4W2aVGvCscVxnZIgrMBx-i5D5qcO0qa5CM4h0rkszAsQmu_PZMJ21UhfDZotzaXs2V50TLHdA1pXQpwLsb7ZDoKCsCFRNVSRawxqb5X1ED0ZH2KvjjtVtCIqJOABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYxr_Rq4WigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3g-omR_KxnBiFj5rUvQGdu1yei3w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: 88CCDEC823A302BB36589C4C2ED4E846
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=537178%2C183975%2C22925&b=dk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye&f=KXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k&c=728&d=90&e=&g=1211612987f6e0d2ad53f4d010e6fdb5%2F12398439266323129819&i=21596%2C20597%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665328&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jfpag63yzjyka8hjex2m5t7d4jdz4g856pvzh5p24twp5mmj8j057dw7tk7d3g0q1wxveyehv31fwxg1stvj8535rmq9b7y3b5be2qzwbvwanc7624ksgr7gxrjgdehhbbed88dstqvfm7emf5en0xk5fvzgfsz1y5gs21dsamwb6wnpav4qyam2sv8hsfrhj3fzh06j0cfk5exb02bs3035h8r7mqjxsfaarj8vfrfgcgzred7wewraz0h197j2n8dw43vths72w71m34yrnw6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyuRDYPqEZeuEKISBjuwPgNyfyAqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0Op5dP-vux1U7l9bjTOpZPikHKcE4HtnEE3Ds_H2R9x_jOg0KK08vRDd6OuKcg7ZNOQF7YDaQcHLISBCtThXnqBAThbUGl7rri_iX81m392cSGgz0OpSc2tEp-THgYn-nvqlYrj0IFrChDOIfWOgiKn4R8V2rKY1Ae4W4aTjZrfLk_KUAIDamntOVUps1snPwE9wgB3caH7PS77or9Sk9oINORAnfXqm3cKKuuflmnQ-46GqEvTuAnoEiX2hE74nH6diXmXOHJMhMyAqswCABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYjpjVq4WigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2dYQn-8eqxoaXKUD8kIbpNY3Kzjw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: 66F03B0B2E9314AAC4F41A92B69EAA8D
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0BF7F1095A594A28D352BCD4DBC73700
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F52C43E80F825838DD3A2C9E4CEAC113
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DEEF202FBDCF57377ACE48223F20BE0A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 19837B99E7888A1622B5B0309D726747
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 593256552878958AC857354AEFCB5008
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 697287A25695FFD7C835660A2C4C7EC5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🍸光之美少女第12季（Go！PRINCESS光之美少女！）【日語】免費高清卡通動漫在線看 - 西瓜卡通

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js
tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Lightbox (JavaScript Libraries) Expand

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Page Statistics

209
Requests

91 %
HTTPS

35 %
IPv6

39
Domains

53
Subdomains

38
IPs

10
Countries

2777 kB
Transfer

6920 kB
Size

33
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://cn.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Title: 简

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://dsp.adfarm1.adition.com/cookie/?userid=&ssp=2&gdpr_consent=VM=TRUE_DV=FALSE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxNTI0Njk4NDk4MTUxMDI5OQ%3D%3D HTTP 302
https://imagesrv.adition.com/1x1.gif

Request Chain 54

https://dsp.adfarm1.adition.com/cookie/?userid=&ssp=2&gdpr_consent=VM=TRUE_DV=FALSE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxNTI0Njk4NDk4MTQ0NDc2Mw%3D%3D HTTP 302
https://imagesrv.adition.com/1x1.gif

Request Chain 102

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEE99Lm_jLXYGgQGlywLMCuw&google_cver=1&google_push=AXcoOmRaNXtez5wLmQMpLExue69a1cJfOq5Jck3r-wXSlR1dIvXtEkOpuYTWv5M-xajc7t9OmOiHiJJC3J5cSIBjz1A47HezthRG HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRaNXtez5wLmQMpLExue69a1cJfOq5Jck3r-wXSlR1dIvXtEkOpuYTWv5M-xajc7t9OmOiHiJJC3J5cSIBjz1A47HezthRG&google_hm=eS1WQjBIWjY1RTJwRzBuTzVOYlAyN096SU42UVBvQWpHLn5B

Request Chain 103

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEATZP8UfqDJL0JfjiGP_3Fo&google_cver=1&google_push=AXcoOmSCOJZr4EOQvOGpWPELmL-yzy4QHcJOj9IEgZgK5O_Vf4-9WOHy1g_C_z0xCM4zZwFDhvXM65QUWZ1cAQ0fqN_2Qr87Vbt_ HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEATZP8UfqDJL0JfjiGP_3Fo&google_cver=1&google_push=AXcoOmSCOJZr4EOQvOGpWPELmL-yzy4QHcJOj9IEgZgK5O_Vf4-9WOHy1g_C_z0xCM4zZwFDhvXM65QUWZ1cAQ0fqN_2Qr87Vbt_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzAxODc5ODc0ODQyNjcxOTU0MQ&google_push=AXcoOmSCOJZr4EOQvOGpWPELmL-yzy4QHcJOj9IEgZgK5O_Vf4-9WOHy1g_C_z0xCM4zZwFDhvXM65QUWZ1cAQ0fqN_2Qr87Vbt_

Request Chain 104

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGNEBbb1DPedfCKCZSe2qdw&google_cver=1&google_push=AXcoOmQLRWbRqG8TkddUPWMZKc5hyNltdAxyN04IntPjGWL4IebcqfhTGbH-9utt60SzdiWJi30AApDfDcUQYi8YIvIkF8eNTtQ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGNEBbb1DPedfCKCZSe2qdw&google_push=AXcoOmQLRWbRqG8TkddUPWMZKc5hyNltdAxyN04IntPjGWL4IebcqfhTGbH-9utt60SzdiWJi30AApDfDcUQYi8YIvIkF8eNTtQ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGNEBbb1DPedfCKCZSe2qdw&google_hm=ZYT6YUGY1yf_pRRGZPLVUgAABJIAAAAB&google_nid=index&google_push=AXcoOmQLRWbRqG8TkddUPWMZKc5hyNltdAxyN04IntPjGWL4IebcqfhTGbH-9utt60SzdiWJi30AApDfDcUQYi8YIvIkF8eNTtQ

Request Chain 105

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEFKebIDjovJwmbjDbpX8Xzs&google_cver=1&google_push=AXcoOmQitK10JrQMDd6PzVYlfhZRoHgQSAhbHEc2E1FxR9KlJT79dr5Ig8UKamqzLHfyEmxJ5rsXfQLETjml5g79qwvpKVnM932R HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQitK10JrQMDd6PzVYlfhZRoHgQSAhbHEc2E1FxR9KlJT79dr5Ig8UKamqzLHfyEmxJ5rsXfQLETjml5g79qwvpKVnM932R&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1703213665021 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-4b10703a-2423-4e8a-8361-f61d287a3250-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQitK10JrQMDd6PzVYlfhZRoHgQSAhbHEc2E1FxR9KlJT79dr5Ig8UKamqzLHfyEmxJ5rsXfQLETjml5g79qwvpKVnM932R%26google_hm%3DA0sQcDokI06Kg2H2HSh6MlA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQitK10JrQMDd6PzVYlfhZRoHgQSAhbHEc2E1FxR9KlJT79dr5Ig8UKamqzLHfyEmxJ5rsXfQLETjml5g79qwvpKVnM932R&google_hm=A0sQcDokI06Kg2H2HSh6MlA

Request Chain 106

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEEDfAI9EnD9Hv3CVnqwXqDU&google_cver=1&google_push=AXcoOmRApqyFdesyFubeY7fV_B2p0w2oO0Pq_UamrDENOaahOZCgDBrqL0ig1AUcAhi78qRqlKVEuSnjJlZn01tTbaevSSg09uRibQ HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEEDfAI9EnD9Hv3CVnqwXqDU%26google_cver%3D1%26google_push%3DAXcoOmRApqyFdesyFubeY7fV_B2p0w2oO0Pq_UamrDENOaahOZCgDBrqL0ig1AUcAhi78qRqlKVEuSnjJlZn01tTbaevSSg09uRibQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODA4OTE0NTQwNDYzODc2NDI3Nw%3D%3D&google_gid=CAESEEDfAI9EnD9Hv3CVnqwXqDU&google_cver=1&google_push=AXcoOmRApqyFdesyFubeY7fV_B2p0w2oO0Pq_UamrDENOaahOZCgDBrqL0ig1AUcAhi78qRqlKVEuSnjJlZn01tTbaevSSg09uRibQ

Request Chain 112

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEI6MdibU0jduFkaNcVQw1lU&google_cver=1&google_push=AXcoOmS3o9xCp1u6JVDzwe-vnQiwrK1zdkph_kO470XrgDa7iwugbyabOgNLMwuAjEJ0y4VmjgkX630Mf-IA9r7uSbzNoJo_eXV9lA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTAwNDQ5ODU1OTcyMDg5MjY2OQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEI6MdibU0jduFkaNcVQw1lU&google_cver=1

Request Chain 113

https://a.tribalfusion.com/i.match?p=b6&u=CAESEEl3NjElDQvPecQ_uZn8sSI&google_cver=1&google_push=AXcoOmTlom-6pOG-p922iS81wjb4Y4g7Km0Srm9FcWWEZUElxrhmzihmPQN_gJyl_QKNUuLc65869Pgn2rFaEdHcbps22QD5PET4SA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTlom-6pOG-p922iS81wjb4Y4g7Km0Srm9FcWWEZUElxrhmzihmPQN_gJyl_QKNUuLc65869Pgn2rFaEdHcbps22QD5PET4SA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEl3NjElDQvPecQ_uZn8sSI&google_cver=1&google_push=AXcoOmTlom-6pOG-p922iS81wjb4Y4g7Km0Srm9FcWWEZUElxrhmzihmPQN_gJyl_QKNUuLc65869Pgn2rFaEdHcbps22QD5PET4SA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTlom-6pOG-p922iS81wjb4Y4g7Km0Srm9FcWWEZUElxrhmzihmPQN_gJyl_QKNUuLc65869Pgn2rFaEdHcbps22QD5PET4SA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 114

https://um.simpli.fi/gp_match?google_gid=CAESEGdzuqpyPNVP64PlFBrfUzo&google_cver=1&google_push=AXcoOmQx5T68YSdWbCbUkofD1cs3jdZuFAf-tOOk8ki86lrxEffwH6P5MbfatlsBbkfBRBVXVLL031F_irO6oMsOng6otFIRw3F5Aw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C3B073E3DAC74A1D9CF0A12F1082AC36&google_push=AXcoOmQx5T68YSdWbCbUkofD1cs3jdZuFAf-tOOk8ki86lrxEffwH6P5MbfatlsBbkfBRBVXVLL031F_irO6oMsOng6otFIRw3F5Aw

Request Chain 116

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEE99Lm_jLXYGgQGlywLMCuw&google_cver=1&google_push=AXcoOmRn35gxlXLBZPBPO550_dW8D12CQJq3VFIuwOeOGM8R6lG5MpOBk-26nigPeOUG1gAIEfquH7iJBER5ZctDqy6KfMVaNDk3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRn35gxlXLBZPBPO550_dW8D12CQJq3VFIuwOeOGM8R6lG5MpOBk-26nigPeOUG1gAIEfquH7iJBER5ZctDqy6KfMVaNDk3&google_hm=eS1Vbjh0Z0twRTJwR1NmaldOaW1DenhsekV4UFhGcEtLWH5B

Request Chain 124

https://um.simpli.fi/gp_match?google_gid=CAESEGdzuqpyPNVP64PlFBrfUzo&google_cver=1&google_push=AXcoOmTYMVga4xPNYPESBO_ICP7HFL1yyj6Ri--18aFGh-E97k65bwG13nN9Q9oXxRSspY_tcjO9MUgYCXQ9-GeVphlYmEQIP085 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C26A6CA088824365B534F9EE3D1C6A1A&google_push=AXcoOmTYMVga4xPNYPESBO_ICP7HFL1yyj6Ri--18aFGh-E97k65bwG13nN9Q9oXxRSspY_tcjO9MUgYCXQ9-GeVphlYmEQIP085

Request Chain 126

https://d5p.de17a.com/cookies/google?google_gid=CAESEMnYx4G3BVQTdXb5KUvJeYY&google_cver=1&google_push=AXcoOmTHj7CbiMV15lEe_872GazsKz5E5iOvKcYqdMUbLRdtnG0LrshswouRD8l7hrd_Jfx-zZEOBpHK-j6-QEgL1fPpHQ5GWoA HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEMnYx4G3BVQTdXb5KUvJeYY&google_cver=1&google_push=AXcoOmTHj7CbiMV15lEe_872GazsKz5E5iOvKcYqdMUbLRdtnG0LrshswouRD8l7hrd_Jfx-zZEOBpHK-j6-QEgL1fPpHQ5GWoA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTHj7CbiMV15lEe_872GazsKz5E5iOvKcYqdMUbLRdtnG0LrshswouRD8l7hrd_Jfx-zZEOBpHK-j6-QEgL1fPpHQ5GWoA

Request Chain 128

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEATZP8UfqDJL0JfjiGP_3Fo&google_cver=1&google_push=AXcoOmQH5ARn3zS9gUy272ROZgEeAVVrhwyPvGrh6T9UtHt8L6JKDK2McB1WSIBnGEKf_87Xwc-jBqUM3ACGVtx4VDgO_oy6dYsH HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEATZP8UfqDJL0JfjiGP_3Fo&google_cver=1&google_push=AXcoOmQH5ARn3zS9gUy272ROZgEeAVVrhwyPvGrh6T9UtHt8L6JKDK2McB1WSIBnGEKf_87Xwc-jBqUM3ACGVtx4VDgO_oy6dYsH HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTUzOTAwMTY1NDczNTQ3Nzg4OA&google_push=AXcoOmQH5ARn3zS9gUy272ROZgEeAVVrhwyPvGrh6T9UtHt8L6JKDK2McB1WSIBnGEKf_87Xwc-jBqUM3ACGVtx4VDgO_oy6dYsH

Request Chain 130

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESECI7mNDx2mrXA89xY-W66Gc&google_cver=1&google_push=AXcoOmSnqs7o78XN-1cK3_KW7wxIK5gpsVCVK5yfBJroQf-Vb3iIysve1mMtr0KBWGW5zfJXFV4egnRICTMrFsuWYDnhUVhIsN49yQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=3c4040df-8d9d-4aec-beb0-1c833ee1ba3a&google_cver=1&google_gid=CAESECI7mNDx2mrXA89xY-W66Gc&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSnqs7o78XN-1cK3_KW7wxIK5gpsVCVK5yfBJroQf-Vb3iIysve1mMtr0KBWGW5zfJXFV4egnRICTMrFsuWYDnhUVhIsN49yQ&gdpr=${GDPR}

Request Chain 168

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbk8aQfZf5mB8hYHbHztKtpb1tbSJTMMZHKqQPoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CKOsjqyFooMDFXCNgwcd2SoP5Q;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbk8aQfZf5mB8hYHbHztKtpb1tbSJTMMZHKqQPoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbk8aQfZf5mB8hYHbHztKtpb1tbSJTMMZHKqQPoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1703213665_6abaf840-a075-11ee-8661-22610dd0df18

Request Chain 172

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneiddk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPWoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1703213665_6aa83390-a075-11ee-bd07-2236e1f32b64&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 177

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3DviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CJXHkKyFooMDFYyhgwcdfBECLw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3DviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023122203542591520913091X117679V1226132702MSviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023122203542591520913091X117679V1226132702MSviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218

209 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan Show response
www.xgcartoon.com/detail/ 97 KB
20 KB 1506ms
686ms Document
text/html 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6131dc1f5f4917d39d60cc5a0acdf6cc86983144801036d6a6dfde7e265a1b00

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=60
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 22 Dec 2023 02:54:21 GMT
etag: "185c0-2Hx2wRUQtLI9BfquBbcMEeI0Sgs"
expires: Fri, 22 Dec 2023 02:55:21 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 179ms
55ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0435079f9a4a1280a9ccfbb593d29768c3f96b4cd7b0c6ee2134f820b5f65cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 22 Dec 2023 02:54:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73141
x-xss-protection: 0
server: sffe
etag: "20620290c9309704"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Dec 2023 02:54:21 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/v0/ 82 KB
23 KB 200ms
76ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb22b6f1eaa16879c8550599bc09f556bba897ecd3826a49db742558c1e0751a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 22 Dec 2023 02:54:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23125
x-xss-protection: 0
server: sffe
etag: "03885caa855825de"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Dec 2023 02:54:21 GMT

GET
H2 200 amp-autocomplete-0.1.js Show response
cdn.ampproject.org/v0/ 29 KB
9 KB 216ms
122ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

878a2cd75957206fa5958be9c549e0b8f9adf16b6ae5aa305b1405649f2d84a5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 22 Dec 2023 02:54:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9459
x-xss-protection: 0
server: sffe
etag: "8a483731af74fd28"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Dec 2023 02:54:21 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/v0/ 50 KB
15 KB 190ms
97ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-form-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e40d97b983b5756bf934b6b97d8d3fbb7cd719406bf82fee6e8a2c1acced376d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 22 Dec 2023 02:54:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14979
x-xss-protection: 0
server: sffe
etag: "5c37322451a9f07d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Dec 2023 02:54:21 GMT

GET
H2 200 amp-mustache-0.2.js Show response
cdn.ampproject.org/v0/ 45 KB
15 KB 203ms
109ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-mustache-0.2.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83af0c09a4f51158ec41f22995415aad509db6ef38d91c7feda2503acf5c49f6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 22 Dec 2023 02:54:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15383
x-xss-protection: 0
server: sffe
etag: "10ecb1b2e6eeaabe"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Dec 2023 02:54:21 GMT

GET
H2 200 amp-social-share-0.1.js Show response
cdn.ampproject.org/v0/ 14 KB
6 KB 141ms
48ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-social-share-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfc3120b346b740f323485e3711448804353c1c5c213ec822a6ff76e0c7b8ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 22 Dec 2023 02:54:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4740
x-xss-protection: 0
server: sffe
etag: "e23d2a0d990fab56"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Dec 2023 02:54:21 GMT

GET
H2 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/v0/ 40 KB
10 KB 107ms
104ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dca1a0dc1f2b52f18cf46789de016d2937b1829b3f2db9a19aa78f31a9694e5a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 22 Dec 2023 02:54:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10344
x-xss-protection: 0
server: sffe
etag: "710c75735c511774"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Dec 2023 02:54:21 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
32 KB 110ms
108ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10a9496c968fb01e420759b953e1c683c7620261d4d04ae9a290d42dd63d4455

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 22 Dec 2023 02:54:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32187
x-xss-protection: 0
server: sffe
etag: "f62e83b3b94bc414"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 22 Dec 2023 02:54:21 GMT

GET
H2 200 /
c.statcounter.com/12916097/0/c55d9f9f/1/ 49 B
468 B 269ms
168ms Image
image/gif 104.20.94.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.statcounter.com/12916097/0/c55d9f9f/1/
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.94.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
cf-ray: 839514694f1c2c6b-FRA
content-length: 49
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 logo.png
www.xgcartoon.com/img/ 13 KB
13 KB 356ms
355ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/logo.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:21 GMT
last-modified: Sun, 28 Aug 2022 14:10:33 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"3473-182e4ca3706"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 13427
expires: Fri, 22 Dec 2023 02:57:21 GMT

GET
H2 200 guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan.jpg
static-a.xgcartoon.com/cover/ 169 KB
170 KB 2403ms
2126ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan.jpg?w=230&h=280&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de6f3845be49878afb5314dd5297e48423a4e952b0ad7fc367627de0338d49d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:24 GMT
cf-cache-status: HIT
last-modified: Tue, 12 Sep 2023 01:35:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "86FC2EE28560ED1682496CF88EE9E17C"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJmS7K3Iwy6SGQqRgLVq%2FyVyefIyIZNqzcQBab1WBvbFtD0I%2BViShCnhQG6%2F0tyC8PgdKGcumRqDVIcOM7lnvkVBveYFo4sCgRVEjcBUPM3zqhN0LA62bwuLXyVOqHrzXGk8Nn6PeInHgeDN7JqpXbrrmQg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8395146c9dbc9b1b-FRA
content-length: 173219
expires: Sun, 24 Dec 2023 12:02:29 GMT

GET
H2 200 play.png
www.xgcartoon.com/img/ 470 B
667 B 357ms
355ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/play.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:22 GMT
last-modified: Wed, 17 Aug 2022 11:09:20 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"1d6-182ab7e5700"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 470
expires: Fri, 22 Dec 2023 02:57:22 GMT

GET
H2 200 star.png
www.xgcartoon.com/img/ 424 B
621 B 356ms
355ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/star.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:22 GMT
last-modified: Wed, 17 Aug 2022 11:09:12 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"1a8-182ab7e37c0"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 424
expires: Fri, 22 Dec 2023 02:57:22 GMT

GET
H2 200 guangzhimeishaonvjuchangbanhejiriyu-dongtangquan.jpg
static-a.xgcartoon.com/cover/ 91 KB
92 KB 326ms
50ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/guangzhimeishaonvjuchangbanhejiriyu-dongtangquan.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8013407130f3d1c34679b5d4a3ca7d56ce95e0a656d501bf0920e8bd8732b6a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:22 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Sep 2023 00:30:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13860
etag: "940062558EBFE44CF53ED01AE9AC1FEA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qkGEweYcliDXIIYTxVUto2o3Q7kxNWxzB38vzWcY3JcS9QKixkms%2BqjNReQVT02w5jeMyAypybEFYXzeiXDdOzt5gXBhipvAUOxEJEe7xgSWMkwbahSUlivVWYNqbzJZLfaNg4R0YzyIXHAqitVgxRJ3KoI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8395146c9dbb9b1b-FRA
content-length: 93564
expires: Sat, 23 Dec 2023 05:39:09 GMT

GET
H2 200 youxiwang_di5ji_arc-vyouxiwanghuguang-wuriyu-gaoqiaohexi.jpg
static-a.xgcartoon.com/cover/ 25 KB
25 KB 1073ms
797ms Image
image/jpeg 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/youxiwang_di5ji_arc-vyouxiwanghuguang-wuriyu-gaoqiaohexi.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b8fd957271a7089ccbf728bf63e93fd5de3d78b076ad856a91bed46b09d5abf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:22 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Tue, 03 Jan 2023 09:34:10 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "9D5579EF044E32A5D2AD4C4FAE6EEBDD"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6KV79A19O4fSpod8lYuMLSS%2BMRj4bW82V7l9L73II8%2F3Wmo0QowyN1JB9UcgrhxhjWgWpLvstgdmwGN0%2BNICSbWQ47igoD5LrcGFe%2FW18NHfKYWHDTuCqemGM94npROVTjPpPSFAWztJYgI93XDMwkHgHc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8395146c9db99b1b-FRA
content-length: 25636
expires: Sat, 23 Dec 2023 14:05:50 GMT

GET
H2 200 guangzhimeishaonv_shishangtianxinkirakiraguangzhimeishaonv_a_la_modekirakirapretty_cure_a_la_moderiyu-tianzhongren.jpg
static-a.xgcartoon.com/cover/ 95 KB
96 KB 1782ms
1506ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/guangzhimeishaonv_shishangtianxinkirakiraguangzhimeishaonv_a_la_modekirakirapretty_cure_a_la_moderiyu-tianzhongren.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95f9669f86fe28fac80e3a754575893953ce4880b37490c44fb603257ccfd95b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:23 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 00:54:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "44B8FC9869B28AC50168C1C25FE7400B"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qXL5rAZSoiCaYJ24RLpPsqZGW7tszmDjfG%2FD0GxozlMy4mYXGuubP0eFVaxMgAPXsXCBLYq5SfMterHKLKn0Iq2BzIxOAH5QLU2Iyqfc0OfeiLpkTu7y7UQcMG3QLrFJrtU9KHx82nahxWlQ9aK6Jn4pG%2FE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8395146c9dba9b1b-FRA
content-length: 97771
expires: Sat, 23 Dec 2023 07:30:27 GMT

GET
H2 200 xitongbiwozuohuanghou_dongtaimanhua-liuyuexuegongzuoshi.jpg
static-a.xgcartoon.com/cover/ 83 KB
83 KB 1946ms
1670ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/xitongbiwozuohuanghou_dongtaimanhua-liuyuexuegongzuoshi.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac79466527bbddc1f62ebc9439506bf48c8c6f19cfbb8e2bb71541c45e0e032d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:23 GMT
cf-cache-status: HIT
last-modified: Thu, 15 Dec 2022 12:57:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "E81F01E9640F73669094983EFA490030"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6tdMZgvQyFkKmICiFhQQG9flK8Gc%2FdsKckG9cOsUJP686XQvjvAuYrsvm2H35KFTUYpPPPN%2FsTsTIiU7CXBV%2FH8Thu06tCv0On7ngLL1YpPlcJ4LXxmFJ8HHspB91F0LPKKxSRmdym0a9QkbHoGA9o7GSy4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 8395146c9db89b1b-FRA
content-length: 84563
expires: Fri, 22 Dec 2023 08:48:36 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012312012346000/v0/ 8 KB
3 KB 144ms
60ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312012346000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e2aa31ea0b4c14103915ba7d906536f68d021c22d3038b36c145bc2e6a2cc1d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Dec 2023 17:16:22 GMT
age: 207479
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2975
x-xss-protection: 0
server: sffe
etag: "a9f93cfafa19b094"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Dec 2024 17:16:22 GMT

GET
DATA 200
OK truncated
/ 393 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 953 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 792 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 440 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 394 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 308 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 227 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 154 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 amp-ad-network-doubleclick-impl-0.1.js Show response
cdn.ampproject.org/rtv/012312012346000/v0/ 237 KB
62 KB 90ms
41ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312012346000/v0/amp-ad-network-doubleclick-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d50653c6b567749e8af96b01371c0830a1ab0731ac3e13230bc12913e00c4f52

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Dec 2023 17:16:22 GMT
age: 207479
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63654
x-xss-protection: 0
server: sffe
etag: "7d5e78ba8c7d5e5d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Dec 2024 17:16:22 GMT

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012312012346000/v0/ 12 KB
4 KB 92ms
58ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312012346000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c54442f21c2cbd18f8e6e2508129e77dab00b67022621679202cfe3b9baa4e9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 20 Dec 2023 15:24:56 GMT
age: 127765
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3942
x-xss-protection: 0
server: sffe
etag: "4694a1430564add5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 19 Dec 2024 15:24:56 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
14 KB 665ms
539ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_header&adk=1412529771&sz=728x90%7C728x90&output=html&impl=ifr&ifi=1&msz=1200x-1&psz=1200x-1&fws=4&adf=2815854195&nhd=0&adx=436&ady=120&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=621007464&ga_cid=amp-6W2ulUToPtze1wVOie-twQ&ga_hid=7464&dt=1703213662091&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan&bdt=574&dtd=9&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a79928b73546a82e1cc99c47ce7426b913cf6738903430099df7934ca7cdf06c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:22 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13695
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CJSVw6qFooMDFaAEVQgdOcQOPg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138324260118
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Fri, 22 Dec 2023 02:54:22 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
14 KB 847ms
722ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_vrec_1&adk=3018598273&sz=320x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=2&fluid=height&msz=232x-1&psz=232x-1&fws=4&adf=1409058554&nhd=0&adx=350&ady=819&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=621007464&ga_cid=amp-6W2ulUToPtze1wVOie-twQ&ga_hid=7464&dt=1703213662091&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan&bdt=574&dtd=12&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

709080eec057252bf0cd0c7385575345ca010c18737ab8d2d60eec953ec99b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:22 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 160x600
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13689
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CJagw6qFooMDFb8pVQgdtDMDNg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138224182300
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Fri, 22 Dec 2023 02:54:22 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 36 KB
14 KB 976ms
852ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_hrec_1&adk=948107268&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=3&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=2674978360&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=621007464&ga_cid=amp-6W2ulUToPtze1wVOie-twQ&ga_hid=7464&dt=1703213662091&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan&bdt=574&dtd=13&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af4196cab4bab6f2452bac47a71954efd5da7cb4544428d5c305af3876bbce44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:23 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 300x250
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14312
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CMWf66qFooMDFaYnVQgdKv8Pdw
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Fri, 22 Dec 2023 02:54:23 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 36 KB
14 KB 534ms
411ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_vrec_1&adk=132656383&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=4&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=1627611741&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=621007464&ga_cid=amp-6W2ulUToPtze1wVOie-twQ&ga_hid=7464&dt=1703213662091&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan&bdt=574&dtd=14&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8d2d5901c583b96eca1451b01e2f83e067c6423953a35b833bf5886482103cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:22 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 320x50
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14309
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CJDNzqqFooMDFQ8FVQgdF2QJEw
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Fri, 22 Dec 2023 02:54:22 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
14 KB 375ms
252ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_hrec_1&adk=156774037&sz=320x50%7C728x90%7C468x60&output=html&impl=ifr&ifi=5&fluid=height&msz=892x-1&psz=892x-1&fws=4&adf=1662822972&nhd=0&adx=954&ady=1033&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=621007464&ga_cid=amp-6W2ulUToPtze1wVOie-twQ&ga_hid=7464&dt=1703213662091&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan&bdt=574&dtd=15&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25d794f257954acca3b1b22a6c0555cac34e70394a4b822ec0d3baae19f30a09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:22 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 728x90
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13682
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CKmUw6qFooMDFdJ64AodZioCYg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 107027455233
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Fri, 22 Dec 2023 02:54:22 GMT

GET
H2 200 container.html
3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/ 0
0 175ms
47ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012312012346000/v0/analytics-vendors/ 2 KB
886 B 43ms
43ms Fetch
application/json 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312012346000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Dec 2023 17:16:01 GMT
age: 207501
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 856
x-xss-protection: 0
server: sffe
etag: "e666ca0e175b1b23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 18 Dec 2024 17:16:01 GMT

GET
H2 200 ga4.json Show response
www.xgcartoon.com/js/ 4 KB
2 KB 356ms
354ms Fetch
application/json 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xgcartoon.com/js/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
AMP-Same-Origin: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:23 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 10:49:40 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"11d8-187c255423d"
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
cache-control: max-age=180
accept-ranges: bytes
expires: Fri, 22 Dec 2023 02:57:23 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 212ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8WE8LSVZQB&ds=AMP&_p=7464&cid=amp-6W2ulUToPtze1wVOie-twQ&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan&dr=&dt=%F0%9F%8D%B8%E5%85%89%E4%B9%8B%E7%BE%8E%E5%B0%91%E5%A5%B3%20%E7%AC%AC12%E5%AD%A3%EF%BC%88Go%EF%BC%81PRINCESS%E5%85%89%E4%B9%8B%E7%BE%8E%E5%B0%91%E5%A5%B3%EF%BC%81%EF%BC%89%E3%80%90%E6%97%A5%E8%AA%9E%E3%80%91%20%E5%85%8D%E8%B2%BB%E9%AB%98%E6%B8%85%E5%8D%A1%E9%80%9A%E5%8B%95%E6%BC%AB%E5%9C%A8%E7%B7%9A%E7%9C%8B%20-%20%E8%A5%BF%E7%93%9C%E5%8D%A1%E9%80%9A&_fv=1&_ss=1&__dbg=1&en=page_view&sid=1703213663&sct=1&seg=1&_et=1000&gcs=
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xgcartoon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 02:54:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.xgcartoon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4AE9 6 KB
3 KB 48ms
47ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 02:54:23 GMT
expires: Sat, 21 Dec 2024 02:54:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CCE6 6 KB
3 KB 48ms
47ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 02:54:23 GMT
expires: Sat, 21 Dec 2024 02:54:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EC50 6 KB
3 KB 47ms
47ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 02:54:23 GMT
expires: Sat, 21 Dec 2024 02:54:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C975 6 KB
3 KB 48ms
47ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 02:54:23 GMT
expires: Sat, 21 Dec 2024 02:54:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2F00 6 KB
3 KB 48ms
47ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 02:54:23 GMT
expires: Sat, 21 Dec 2024 02:54:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4AE9 24 KB
7 KB 141ms
40ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 237374
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 08:58:10 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 4AE9 25 KB
10 KB 164ms
77ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8d1dcfecd75072e5d920d31a9965c616a7a09d98ecd25071e3d62b2aff4329b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10281
x-xss-protection: 0
server: cafe
etag: 5813878685834827952
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 02:54:24 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4AE9 203 KB
65 KB 156ms
55ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 02:54:24 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame CCE6 24 KB
6 KB 133ms
43ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 237374
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 08:58:10 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame CCE6 25 KB
10 KB 232ms
156ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94aea748a7ee24920e714e2e7f90b23d48298e7a79ae1c666308e020ab157a3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10281
x-xss-protection: 0
server: cafe
etag: 4475361942733572661
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 02:54:24 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame CCE6 203 KB
64 KB 212ms
123ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 02:54:24 GMT

GET
H2

200

1x1.gif Show response
imagesrv.adition.com/ Frame EC50
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?userid=&ssp=2&gdpr_consent=VM=TRUE_DV=FALSE
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxNTI0Njk4NDk4MTUxMDI5OQ%3D%3D
https://imagesrv.adition.com/1x1.gif

68 B
103 B

150ms
43ms

Script
image/gif

217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/1x1.gif
Requested by: Host: 3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 293c77c6050e6d5b873a388ca5533ee4aedfb9c7a44d25fd89e22bb38cb44f86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 02:54:24 GMT
last-modified: Fri, 24 Jul 2009 13:46:10 GMT
accept-ranges: bytes
etag: "3122740758"
content-length: 68
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 02:54:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://imagesrv.adition.com/1x1.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 233
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_banner Show response
dspcluster.adfarm1.adition.com/ Frame EC50 3 KB
2 KB 149ms
45ms Script
text/javascript 85.114.159.67
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://dspcluster.adfarm1.adition.com/show_banner?wpt=J&cuid=3984447&cid=6225985&bid=19071470&auction=114/-86/-75/8/-3/-118/116/49/67/122/89/110/-105/-76/-45/8&ts=329205463&bidid=7315246976390746511&p[isGdprCompliant:1,country:de,isFirstPrice:1,postalCode:70469,trafficType:2,isUserUnknown:1,bidId:7315246976390746511,advertiserId:128654,ssp:2,referrer:aHR0cHM6Ly93d3cueGdjYXJ0b29uLmNvbS9kZXRhaWwvZ3Vhbmd6aGltZWlzaGFvbnZfZGkxMmppZ29wcmluY2Vzc2d1YW5nemhpbWVpc2hhb252cml5dS1kb25ndGFuZ3F1YW4,isWifi:1,adSlotId:948107268,supplyId:10096,domain:xgcartoon.com,isAmpPage:1,networkId:3284,auctionType:1]&adhost=ad-dsp51&userid=&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTEK2XvqEZcX4N6bP1PIPqv6_uAeQ5vLObZqXosfzAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLHKFaU1niyPuACAKgDAcgDAqoExwJP0FvLpG_yRpag_8q9dxLfHRIR5va0HGRtcF2bECdsQEKBxlGsGSwH0zaQYf6xVnG-VTgirDzJoKyuaLtWF4MIXPutTz-Ojh3M1_vJra8CjDr9OWXLmFCENkkgoY2reGdM5N0HVPKmhDSE7QMNnmAjKZOOuS59L4NeDHPhxW677L7bgMFK1JbKZ6fuSEbQelWxg5fZpiMK1jHkCgLqCr3p1bFxSN01iehCmEPOoLpx5Q_vVayhOkVMtfHSSNfxBvjJesFCqAB8NounWtWmZpcVqqTFfl4Mdggis8JlZXRUHLBVkSuQv25AL0mAiRW0Ld0_KkvncMH18BQfCNPaqQnzCDWgBPe85Gtgv2LIJo2OtVWgE9gFCKgnzHSAFacR8vm0IXrVnNZUWADRryatzaNAv5YGBYgkhWo1kgrfBwiM5nYKujQTU8rgBAGABvvwsuXBhfH_sAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYjf7CqoWigwP6CwIIAYAMAeINEwicq8OqhaKDAxWmJ1UIHSr_D3fQFQGAFwE%26num%3D1%26sig%3DAOD64_1_pfva46l98HyLC1_DCRhPoxMh0Q%26client%3Dca-pub-5884294479391638%26adurl%3D
Requested by: Host: 3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.114.159.67 Loerrach, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: dspcluster.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: ff4668b4b46ded69f5e105279647a0c7d41e331c824b193ff1d2825b9907f9d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 03:54:24 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame EC50 3 KB
1 KB 180ms
101ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 13:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49423
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 13:10:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame EC50 20 KB
8 KB 171ms
92ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 09:13:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63654
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 09:13:30 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame EC50 24 KB
6 KB 154ms
75ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 237374
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 08:58:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EC50 203 KB
64 KB 255ms
176ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 02:54:24 GMT

GET
H2

200

1x1.gif Show response
imagesrv.adition.com/ Frame C975
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?userid=&ssp=2&gdpr_consent=VM=TRUE_DV=FALSE
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxNTI0Njk4NDk4MTQ0NDc2Mw%3D%3D
https://imagesrv.adition.com/1x1.gif

68 B
178 B

149ms
43ms

Script
image/gif

217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/1x1.gif
Requested by: Host: 3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 293c77c6050e6d5b873a388ca5533ee4aedfb9c7a44d25fd89e22bb38cb44f86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 02:54:24 GMT
last-modified: Fri, 24 Jul 2009 13:46:10 GMT
accept-ranges: bytes
etag: "3122740758"
content-length: 68
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 02:54:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://imagesrv.adition.com/1x1.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 233
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_banner Show response
dspcluster.adfarm1.adition.com/ Frame C975 3 KB
2 KB 142ms
45ms Script
text/javascript 85.114.159.67
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://dspcluster.adfarm1.adition.com/show_banner?wpt=J&cuid=3984447&cid=6225985&bid=19071469&auction=-12/77/-116/88/-6/-58/-93/29/-8/122/44/-32/-74/43/-123/-45&ts=1508157854&bidid=7315246976390565010&p[isGdprCompliant:1,country:de,isFirstPrice:1,postalCode:70469,trafficType:2,isUserUnknown:1,bidId:7315246976390565010,advertiserId:128654,ssp:2,referrer:aHR0cHM6Ly93d3cueGdjYXJ0b29uLmNvbS9kZXRhaWwvZ3Vhbmd6aGltZWlzaGFvbnZfZGkxMmppZ29wcmluY2Vzc2d1YW5nemhpbWVpc2hhb252cml5dS1kb25ndGFuZ3F1YW4,isWifi:1,adSlotId:132656383,supplyId:10096,domain:xgcartoon.com,isAmpPage:1,networkId:3284,auctionType:1]&adhost=ad-dsp48&userid=&clickurl=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwsp4XvqEZZCmG4-K1PIPl8ilmAGQ5vLObZqXosfzAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQI4p2-uDniyPuACAKgDAcgDAqoExwJP0OD64Yi_v4xoRCsGW2n8tD1uz_iV2q3Jad86DRzEBIyYY08iqQkwM3zECD96nOirsWsRUpsNLZpp7LyMjLbw051dUH4Kpy_v6i_8nhumzcyolLnw0GYGt2R3WVWe0PgIcpfrbmdWqon18fjmCxgu8kVevO9lqYJyfItz6SNd3jeDfg4Rhj9KyIqIn6rqavTo_37jI6MG7eL926L0n1B3BtRMe9jUCxtJyB9JuksW_4nZWovPhsRR0kO8yz0bs9UjM5pbPm2GQS9__DPRLgedq9omHsSxeBXdBkcXkV6HNHG515TXZ4CmkXVNCoCfpTq5-myseGBpoq6YR14UtmaEeGjkKbItp_CtNPEy4gKtPW9nVCX8aq7XZIgNQ1vWxqaDl1abYUVUYZdWuB2Pk_U-rY1aOo-PSPkg9CUUnp7-3zCkwo70kKXgBAGABsqZoMi6hpf8JKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljG5cKqhaKDA_oLAggBgAwB4g0TCMyOw6qFooMDFQ8FVQgdF2QJE9AVAYAXAQ%26num%3D1%26sig%3DAOD64_1BdD698ULNDkfB-QlZjQ7g2vaEOA%26client%3Dca-pub-5884294479391638%26adurl%3D
Requested by: Host: 3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.114.159.67 Loerrach, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: dspcluster.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 362d7d4efa2a8e7abdd16b9164e7f83633a72844408450ab55fe3071c07f9c03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 03:54:24 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C975 3 KB
1 KB 171ms
98ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 13:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49423
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 13:10:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C975 20 KB
9 KB 153ms
80ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 09:13:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63654
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 09:13:30 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C975 24 KB
6 KB 121ms
48ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 237374
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 08:58:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C975 203 KB
64 KB 220ms
148ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 02:54:24 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2F00 24 KB
6 KB 152ms
86ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 237374
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 08:58:10 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 2F00 25 KB
10 KB 169ms
116ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4644c8170155f76f5c8812e6de5625011b0dab3ea1dccc9ea1df6ead950243c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10277
x-xss-protection: 0
server: cafe
etag: 7950335512591570027
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 02:54:24 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2F00 203 KB
64 KB 206ms
140ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 02:54:24 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4AE9 0
463 B 78ms
77ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulM-s-rNHBrBKs4OTCZa1T0xw292aGwWpAnd7FwTN0pCkYr-wZVTz83knxnB2EVoXAzYVGX1avSX3JC2DzMOpwE6f219Y3mg4Nm0wVg6Ore6g7wmjsNUyDMQAR7Ng5Fc5qLC7F72ECE6-JwugBu0fn87OEWy3kMNuXpAqHKzIRzrnw0MX0o0-gHv20o3El6KOoXRY1VOQQnFMlkMJhrmbwEckHRtk6daeiFZZXkHSPxS6fFNBRgh5OvSbwJrJv2M1R-k96E1GG6lSbhHQTXFHcytRDxLROtuoiwdkDffArQgaWB2mZXY4SFlN7L-9FR7O6cVCPafSXF6qeTOCpg6OhYGVuqE7k4oGP8e7VMNhTn_61PAeFmXLb1w3lK7TmLGdG87qnG2Gw_241sgVAsQ&sai=AMfl-YS9QBwJuLhLot4CQH8UcKaqXHcmktRRXBXeA7PS7ZufMe7VwPlw5Kl_KoovQQAcqDJY3jrvT3T5Yc9FBac&sig=Cg0ArKJSzEoGmF83mXP0EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 22 Dec 2023 02:54:24 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame CCE6 0
293 B 80ms
79ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstShSXIsIWKoLMgT0Us4v6NYt47cORNc61J0A-3wll-s00XbQu2z9jLQM7xu-S7fs4z3-FqO9_PvWWurlyvcZQNoYfCKjM8DGUB3MA0ZGW-x72R-73jLwo4TEIxo0QnZ6r0PpNYUNc9CVCyi5KbKh6Yz32udGrXSrcTWEerWS1N0NurfrSS76aUgRRY9rs2StCSdxSb3ob7FFouVwh7QpULnFTfU9DjaE2PWLw-ag8YqTJUqduyueVL3JcSg4ktWpyQjkor0LcH3nUeiy5rcsmkvXOuKDE0E2Z2Nu-YlSc7r_7fJCcvZpcKK46T2xHS6aS8KigIIUHe06pRq24KEBghg2R2MV65hYRlW0luC1f-MoyYchOFJIQmCYuelBeKfpsnGd_nw9ItsfK1iA8Reg&sai=AMfl-YQ-OI9gYhNr2B3yKravMIJ1HHkVP2UZ5v2C8llJSpmErI8lNJ0EXB2YhtGAUZv8LXu8j7rKL3K2CBmyKt0&sig=Cg0ArKJSzOiFMJrAQo9tEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 22 Dec 2023 02:54:24 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4AE9 145 KB
50 KB 92ms
92ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19a08b09f1fba87ded2b0c479fac3cd05aa481c8703a29590aebf31ff7c4b16e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51251
x-xss-protection: 0
server: cafe
etag: 17630565378701028586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 02:54:24 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2F00 0
293 B 79ms
79ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuo-hyjWqe8MdDRVwysd6bNJwSEC5K27pBPWuqhwdHhDoOI8N_OGJqUniiEHHZT_XZKynNzDA3_KuxjivdasunbBd21kKPDjhFb4K-ptDpfPrRWA04ePHqJGWFPAEkbSVNCzX5DWl7X6IAqT0zOLWl-nSnNz1kXQC6g7JzsrcpENBHsw3ma0Sf04HnwZDKQXYbu6haVLBnR0qSWUncviht_m88CvkvA-3HrKtKBuw7qnpDCbfUqEQaAXnyqjEIKK5UTfEFf5iDQbKxGPpD-0cfUA2ccloLFCbdGYDPASSWU_kh7KfRNk_kaj_LqjLLKgsieYnYbsEjzDhVWm9AhrOq9mTP62Lg_IA-it19WlHUfKigReJF6IveGElASul1d3vLyfl0RdWO2pG6GOAJ0gg&sai=AMfl-YRKQHWJtI6WDRlKiXC-6PKJeyI7BpLN0mbTfVi0avgYyN5oM9YxK0FY0E4VfBFDNGlzeeDRyB1HZKBCWZQ&sig=Cg0ArKJSzBzEq1o9ktZHEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 22 Dec 2023 02:54:24 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2F00 145 KB
50 KB 107ms
107ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cab518d71ed7b450b7c83f3ceffcd17f4fbc2b40916d88b016baa277a6b94dc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51251
x-xss-protection: 0
server: cafe
etag: 4620256259043762323
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 02:54:24 GMT

GET
DATA 200
OK truncated
/ Frame 4AE9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9cd13c76220a76e98fa526ef274e04c74830901e5cc8eaca803cd4c8ff17178

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame CCE6 145 KB
50 KB 96ms
94ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58d77df73010ae57c1f0f3c873844964f92c7f70120b00d725f66ca8f8ae9cfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51248
x-xss-protection: 0
server: cafe
etag: 17254744557888389686
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 02:54:24 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame 4AE9 399 KB
135 KB 106ms
106ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cc4300a9fffaf77f0abe572bc905ccd085437d5f6511057f2078caecace10ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137955
x-xss-protection: 0
server: cafe
etag: 16351662608342944986
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 02:54:24 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame B3A0 9 KB
4 KB 146ms
39ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 47086
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 13:49:38 GMT
etag: 5585625838579639069
expires: Thu, 04 Jan 2024 13:49:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4AE9 0
20 B 74ms
73ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=false&host_v=false&frequency=0.01&eid=44759876%2C44759927%2C44759837%2C31079438%2C42531706

Requested by

Host: 3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 02:54:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame CCE6 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7493a7c48c602e4ce573f3f5ddb03736ed23af2f1cc182948dc37ba7b5b9c0c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2F00 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef6465336b565dbdd8b06a7e6c1ceada445cbeedbc2e9b4d5fea58ec154633a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame 2F00 399 KB
135 KB 136ms
136ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733f3312d0a6ea385c56131985cad375dd697cfb4a810621a33269e67ea2ede3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137959
x-xss-protection: 0
server: cafe
etag: 6598756706873975757
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 02:54:24 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame CCE6 399 KB
135 KB 152ms
151ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00ec1365c05b2843c4e57ff0b5006e9501b19c4138d7d1286a7d42ab133b0d03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137955
x-xss-protection: 0
server: cafe
etag: 8860941966186872456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 02:54:24 GMT

GET
H2 200 000002759962.jpeg
imagesrv.adition.com/banners/3284/files/00/2a/1d/1a/ Frame C975 31 KB
31 KB 86ms
85ms Image
image/jpeg 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3284/files/00/2a/1d/1a/000002759962.jpeg
Requested by: Host: 3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 4d1c3afbe864e51bf70e7ae493a7d5ee1670309ec2675b0e5ed9cbdcb922cdcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 02:54:24 GMT
last-modified: Fri, 24 Nov 2023 15:46:26 GMT
accept-ranges: bytes
etag: "3722191857"
content-length: 31340
content-type: image/jpeg

GET
H2 200 000002759961.jpeg
imagesrv.adition.com/banners/3284/files/00/2a/1d/19/ Frame EC50 104 KB
104 KB 106ms
105ms Image
image/jpeg 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3284/files/00/2a/1d/19/000002759961.jpeg
Requested by: Host: 3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 95c16229b4093d6c3072a6d73fbdd307b44c240500ef2fa6b2db7d11901d51f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 02:54:24 GMT
last-modified: Fri, 24 Nov 2023 15:45:28 GMT
accept-ranges: bytes
etag: "1298101733"
content-length: 106129
content-type: image/jpeg

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C975 0
0 83ms
82ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C49kYXvqEZZCmG4-K1PIPl8ilmAGQ5vLObZqXosfzAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQI4p2-uDniyPuACAKgDAcgDAqoExAJP0OD64Yi_v4xoRCsGW2n8tD1uz_iV2q3Jad86DRzEBIyYY08iqQkwM3zECD96nOirsWsRUpsNLZpp7LyMjLbw051dUH4Kpy_v6i_8nhumzcyolLnw0GYGt2R3WVWe0PgIcpfrbmdWqon18fjmCxgu8kVevO9lqYJyfItz6SNd3jeDfg4Rhj9KyIqIn6rqavTo_37jI6MG7eL926L0n1B3BtRMe9jUCxtJyB9JuksW_4nZWovPhsRR0kO8yz0bs9UjM5pbPm2GQS9__DPRLgedq9omHsSxeBXdBkcXkV6HNHG515TXZ4CmkXVNCoCfpTq5-myseGBpoq6YR14UtmaEeGjkKbItp_CtNPEy4gKtPW9nVCX8aq7XZIgNQ1vWhKSiBdQK-Af5-M_TDxA0DM8dpyBQFJcV1lYtT7CDt7LmX4QlgCPgBAGABsqZoMi6hpf8JKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOljG5cKqhaKDA4AKA_oLAggBgAwB4g0TCMyOw6qFooMDFQ8FVQgdF2QJE9AVAYAXAbIXHAoaEhRwdWItNTg4NDI5NDQ3OTM5MTYzOBiZ0iE&sigh=2nT0HvqBxZA&uach_m=%5BUACH%5D&cid=CAQSGwAvHhf_iZjfDxzjPZhxKrTgHnYJO2C2U4Av7RgB&cbvp=2&vis=1
Requested by: Host: 3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H/1.1 200
OK /
dsp.active-agent.com/reporting/ Frame C975 43 B
256 B 153ms
43ms Image
image/gif 85.114.159.66
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.active-agent.com/reporting/?winningPrice=ZYT6XgAG0xAIVQUPAAlkF23xI8KRFmdqwqZJIA&bannerId=19071469&campaignId=6225985&auctionId=-12/77/-116/88/-6/-58/-93/29/-8/122/44/-32/-74/43/-123/-45&impressionId=1&ssp=2&xr=0.99&xc=978cff8f7561120dd300593612811b3045368aa8&contentUnitId=3984447&bid=7315246976390565010&cbvp=2
Requested by: Host: 3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.114.159.66 Loerrach, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: dsp.active-agent.com
Software: nginx /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 22 Dec 2023 02:54:24 GMT
Access-Control-Allow-Credentials: false
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9868 39 KB
16 KB 267ms
266ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664159&bpp=163&bdt=208&idt=395&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=951253811&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079979%2C31080103%2C42532599%2C44809005%2C95320869%2C95320884&oid=2&pvsid=3117365693374568&tmod=1040047305&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.aobx6eb24a80&fsb=1&dtd=405

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4eb454ca1005c72043e4b1f8196fcef86740068a2cd7fbf8a8e4a9ae74e81db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 16267
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 02:54:24 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EC50 0
0 83ms
82ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CAbSAXvqEZcX4N6bP1PIPqv6_uAeQ5vLObZqXosfzAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQLHKFaU1niyPuACAKgDAcgDAqoExAJP0FvLpG_yRpag_8q9dxLfHRIR5va0HGRtcF2bECdsQEKBxlGsGSwH0zaQYf6xVnG-VTgirDzJoKyuaLtWF4MIXPutTz-Ojh3M1_vJra8CjDr9OWXLmFCENkkgoY2reGdM5N0HVPKmhDSE7QMNnmAjKZOOuS59L4NeDHPhxW677L7bgMFK1JbKZ6fuSEbQelWxg5fZpiMK1jHkCgLqCr3p1bFxSN01iehCmEPOoLpx5Q_vVayhOkVMtfHSSNfxBvjJesFCqAB8NounWtWmZpcVqqTFfl4Mdggis8JlZXRUHLBVkSuQv25AL0mAiRW0Ld0_KkvncMH18BQfCNPaqQnzCDWgBPe85Gtgv2LIJo2OtVWgE9gFCKgnzHSAFacRsPuVs_hEBZT5wVhUGCsWUpljtTsMK5C-G8U4KZ9ILiSUZsKL-JngBAGABvvwsuXBhfH_sAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYjf7CqoWigwOACgP6CwIIAYAMAeINEwicq8OqhaKDAxWmJ1UIHSr_D3fQFQGAFwGyFxwKGhIUcHViLTU4ODQyOTQ0NzkzOTE2MzgYmdIh&sigh=bSIMnextQ5Y&uach_m=%5BUACH%5D&cid=CAQSGwAvHhf_QIwl7OtXFg09cPyR-zXZIPKF8YcMUBgB&cbvp=2&vis=1
Requested by: Host: 3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H/1.1 200
OK /
dsp.active-agent.com/reporting/ Frame EC50 43 B
256 B 113ms
44ms Image
image/gif 85.114.159.66
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.active-agent.com/reporting/?winningPrice=ZYT6XgAN_EUIVSemAA__Krpnor8LsUhpkd21CQ&bannerId=19071470&campaignId=6225985&auctionId=114/-86/-75/8/-3/-118/116/49/67/122/89/110/-105/-76/-45/8&impressionId=1&ssp=2&xr=0.99&xc=978cff8f7561120dd300593612811b3045368aa8&contentUnitId=3984447&bid=7315246976390746511&cbvp=2
Requested by: Host: 3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.114.159.66 Loerrach, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: dsp.active-agent.com
Software: nginx /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 22 Dec 2023 02:54:24 GMT
Access-Control-Allow-Credentials: false
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4AE9 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=2&sig=1&tms=200&eid=44759876%2C44759927%2C44759837%2C31079438%2C42531706

Requested by

Host: 3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 02:54:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 43E8 39 KB
16 KB 230ms
230ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664118&bpp=173&bdt=186&idt=496&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=473881860&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C42531706%2C95320885&oid=2&pvsid=4062105731340427&tmod=200875256&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.vk1l26qrfar&fsb=1&dtd=506

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9c3bb28a6e6eab6fa5de75a854147165a0c7bd7e872387183ed079646e3f22b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 16557
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 02:54:24 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 532E 38 KB
16 KB 219ms
219ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664221&bpp=153&bdt=273&idt=465&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=0&ifk=951579278&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C42532524%2C44795921%2C95320884&oid=2&pvsid=414464868954654&tmod=1465507687&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.a5ruky4zylrd&fsb=1&dtd=475

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9c679b12158e52c9347a6357a3b758839aa2eade1b287c196da02edf772d866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 16348
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 02:54:24 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame A89F 2 KB
1 KB 168ms
64ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1h02ce4efd19e63gkf5ckd42074q8wdtb1nzq0kw2e3yp8d9j5hcvd8ecetabekbrt8ypc377ha0e56jf9dhap1e7n5qwqszc99rc9bc8bskn6v15a1a05rr32t645evhyg7q5v4tdrb2etak366q0acy7bxabje075gmpchnpxbvvx2p3eh3jyrggw9jdvyva425hsbanc734f247rsv0dzpgt6cj33sxs74q1vphfp35d7m17g9nhn7vqrj6vzw390j1pgsjvqadtn7ze9b51jvasfrsrv1k96keyr6q8fam16bytgbsh409wt30njr6vpcj37djtye5q6dsytbsk5gr5te0jmg42ttwwm3pq234vcn19mhcbkf5ajtpc9avxn9683mxabwwxwb179nz1znsppa6zv6a39t38n8sncpxzvebyt1g7jk4012yp71pa77yx7&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmYMzYPqEZZKoJOOCjuwP04y9mA6Q4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0EpMjG6qmCWrYwDoFyuBqCUAIbucQx46UdsuGvntxgjDEC8eIdxubxosEhqYbcTYe0PLF0Ln5rAurh2oWzU0aC5XEd5nH0ZSSIfabxFrb2d75vaaf8YFdaRjiD24KspUsznbEl63v-X8_X0uN5q1HVM1Z4W2aVGvCscVxnZIgrMBx-i5D5qcO0qa5CM4h0rkszAsQmu_PZMJ21UhfDZotzaXs2V50TLHdA1pXQpwLsb7ZDoKCsCFRNVSRawxqb5X1ED0ZH2KvjjtVtCIqJOABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYxr_Rq4WigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3g-omR_KxnBiFj5rUvQGdu1yei3w%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664159&bpp=163&bdt=208&idt=395&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=951253811&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079979%2C31080103%2C42532599%2C44809005%2C95320869%2C95320884&oid=2&pvsid=3117365693374568&tmod=1040047305&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.aobx6eb24a80&fsb=1&dtd=405

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0267ff9e8e76422602cbafb9535cce4d7da459634ad7fa463c6b9c75cc6de34

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8395147e1b893a64-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 02:54:24 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 9868 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 13:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49423
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 13:10:41 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FB48 1 KB
643 B 41ms
40ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63654
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 09:13:30 GMT
etag: 48472445140208031
expires: Fri, 22 Dec 2023 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 9868 20 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 09:13:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63654
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 09:13:30 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9868 0
0 137ms
49ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTo-B__fCn6L_olecRwp10MOguHODyUrHL08gjvONaR8iwbGmwsw-SJX_N9Z5igkByzStgaEyZ3oO9yLoMcNX3ABzTYzA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664159&bpp=163&bdt=208&idt=395&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=951253811&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079979%2C31080103%2C42532599%2C44809005%2C95320869%2C95320884&oid=2&pvsid=3117365693374568&tmod=1040047305&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.aobx6eb24a80&fsb=1&dtd=405
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9868 203 KB
64 KB 129ms
128ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 02:54:24 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame BDC1 2 KB
1 KB 149ms
66ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gcpdemthc50j68xgc24gmj7jd8f0nc1ns56y4b0c0zynkt849mey93jrca728t52r5g1g9vegq77zx57yswgzpwmy2sngvsca27bgv5dnqjvsptbqme1bsz296pfwzwqtm3mga7h9e4gewnwsy5dtrm3pw9hhpphkb3rb2t36z4a396pbscxqs9c2r3h2y3s6v4a4egztgtwxxtn0rpwhebw71jgjthzcark4ynz0v4cx0ddtmtcn2zr07cb9hfa5ebg9hn3q73q3937670z242grgh32w66prk5y0j9wgc64jwb90ecw8yfrxnyea0gvkrbrwrw2jex09py4x7e1wbsckggjp98cstwepn6p3jgast4mfyr8sm58x9xcybvjzcxr8tgbwagwydf0069cnz9ae87kc55ps3vj7sm7tw3hbx018ggmsagw0jhj4vz4kay1vt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyuRDYPqEZeuEKISBjuwPgNyfyAqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0Op5dP-vux1U7l9bjTOpZPikHKcE4HtnEE3Ds_H2R9x_jOg0KK08vRDd6OuKcg7ZNOQF7YDaQcHLISBCtThXnqBAThbUGl7rri_iX81m392cSGgz0OpSc2tEp-THgYn-nvqlYrj0IFrChDOIfWOgiKn4R8V2rKY1Ae4W4aTjZrfLk_KUAIDamntOVUps1snPwE9wgB3caH7PS77or9Sk9oINORAnfXqm3cKKuuflmnQ-46GqEvTuAnoEiX2hE74nH6diXmXOHJMhMyAqswCABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYjpjVq4WigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2dYQn-8eqxoaXKUD8kIbpNY3Kzjw%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664118&bpp=173&bdt=186&idt=496&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=473881860&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C42531706%2C95320885&oid=2&pvsid=4062105731340427&tmod=200875256&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.vk1l26qrfar&fsb=1&dtd=506

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e56a2057a66a746d21671d7610be971886c8b179de9249f01d90b6709f29c91

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8395147e1b8b3a64-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 02:54:25 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 43E8 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664118&bpp=173&bdt=186&idt=496&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=473881860&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C42531706%2C95320885&oid=2&pvsid=4062105731340427&tmod=200875256&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.vk1l26qrfar&fsb=1&dtd=506

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 13:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49423
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 13:10:41 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 552E 1 KB
643 B 39ms
39ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664118&bpp=173&bdt=186&idt=496&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=473881860&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C42531706%2C95320885&oid=2&pvsid=4062105731340427&tmod=200875256&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.vk1l26qrfar&fsb=1&dtd=506

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63654
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 09:13:30 GMT
etag: 48472445140208031
expires: Fri, 22 Dec 2023 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 43E8 20 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664118&bpp=173&bdt=186&idt=496&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=473881860&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C42531706%2C95320885&oid=2&pvsid=4062105731340427&tmod=200875256&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.vk1l26qrfar&fsb=1&dtd=506

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 09:13:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63654
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 09:13:30 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 43E8 0
0 117ms
50ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS1MTBEEDUPaQ7uNBdV55QGH76FrAUdlsk4ZVwuEaKN3OpGDxmLXLEuuxeCZb-jNvf7nj_OXgb6ITqM1Ryw8G6hbNUWVQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664118&bpp=173&bdt=186&idt=496&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=473881860&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C42531706%2C95320885&oid=2&pvsid=4062105731340427&tmod=200875256&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.vk1l26qrfar&fsb=1&dtd=506
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 43E8 203 KB
64 KB 126ms
126ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664118&bpp=173&bdt=186&idt=496&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=473881860&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C42531706%2C95320885&oid=2&pvsid=4062105731340427&tmod=200875256&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.vk1l26qrfar&fsb=1&dtd=506

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 02:54:24 GMT

GET
DATA 200
OK truncated
/ Frame 9868 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9afa63af9964d85659ddd2f43fc165552d9519afb064c00a824e4c883aa9bb01

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame FB48 70 B
149 B 175ms
55ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHFcNR6lRZ82G4HBeqv_1o0&google_cver=1&google_push=AXcoOmQqdqcOXt6QMZVP23ZBHGaI4ItnMe9ueDdK8rHyR568z6C3rKmVZq6-3DUwG4qHkIcp6vt1gsZ7QhiF5X23-ZgQZ4a6DW9j
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664159&bpp=163&bdt=208&idt=395&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=951253811&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079979%2C31080103%2C42532599%2C44809005%2C95320869%2C95320884&oid=2&pvsid=3117365693374568&tmod=1040047305&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.aobx6eb24a80&fsb=1&dtd=405
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 sync
x.bidswitch.net/ Frame FB48 43 B
146 B 136ms
40ms Image
image/gif 18.185.219.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJ3b9xRXWTz5jMn8iSeg0Vc&google_cver=1&google_push=AXcoOmSu2ZrJkxAh9xgbrSwOtYNV1o4fiVc0WDWXOxEJGPWn2JY9T0XB1ioK2_9I9tdm6r13SoP7T-kAjjw2M100QUmEk_n7UF3N
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664159&bpp=163&bdt=208&idt=395&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=951253811&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079979%2C31080103%2C42532599%2C44809005%2C95320869%2C95320884&oid=2&pvsid=3117365693374568&tmod=1040047305&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.aobx6eb24a80&fsb=1&dtd=405
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.219.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-219-207.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FB48
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEE99Lm_jLXYGgQGlywLMCuw&google_cver=1&google_push=AXcoOmRaNXtez5wLmQMpLExue69a1cJfOq5Jck3r-wXSlR1dIvXtEkOpuYTWv5M-xajc7t9OmOiHiJJC3J5cSIBjz1A47He...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRaNXtez5wLmQMpLExue69a1cJfOq5Jck3r-wXSlR1dIvXtEkOpuYTWv5M-xajc7t9OmOiHiJJC3J5cSIBjz1A47HezthRG&google_hm=eS1WQjBIWjY1RTJwRzBuTz...

170 B
188 B

49ms
49ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRaNXtez5wLmQMpLExue69a1cJfOq5Jck3r-wXSlR1dIvXtEkOpuYTWv5M-xajc7t9OmOiHiJJC3J5cSIBjz1A47HezthRG&google_hm=eS1WQjBIWjY1RTJwRzBuTzVOYlAyN096SU42UVBvQWpHLn5B

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 02:54:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 22 Dec 2023 02:54:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRaNXtez5wLmQMpLExue69a1cJfOq5Jck3r-wXSlR1dIvXtEkOpuYTWv5M-xajc7t9OmOiHiJJC3J5cSIBjz1A47HezthRG&google_hm=eS1WQjBIWjY1RTJwRzBuTzVOYlAyN096SU42UVBvQWpHLn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FB48
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEATZP8UfqDJL0JfjiGP_3Fo&google_cver=1&google_push=AXcoOmSCOJZr4EOQvOGpWPELmL-yzy4QHcJOj9IEgZgK5O_Vf4-9WOHy1g_C_z0xCM4zZwFDhvXM65QU...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEATZP8UfqDJL0JfjiGP_3Fo&google_cver=1&google_push=AXcoOmSCOJZr4EOQvOGpWPELmL-yzy4QHcJOj9IEgZgK5O_Vf4-9WOHy1g_C_z0xCM4zZwFDhvX...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzAxODc5ODc0ODQyNjcxOTU0MQ&google_push=AXcoOmSCOJZr4EOQvOGpWPELmL-yzy4QHcJOj9IEgZgK5O_Vf4-9WOHy1g_C_z0xCM4zZwFDhvXM65...

170 B
188 B

51ms
50ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzAxODc5ODc0ODQyNjcxOTU0MQ&google_push=AXcoOmSCOJZr4EOQvOGpWPELmL-yzy4QHcJOj9IEgZgK5O_Vf4-9WOHy1g_C_z0xCM4zZwFDhvXM65QUWZ1cAQ0fqN_2Qr87Vbt_

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 02:54:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 02:54:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzAxODc5ODc0ODQyNjcxOTU0MQ&google_push=AXcoOmSCOJZr4EOQvOGpWPELmL-yzy4QHcJOj9IEgZgK5O_Vf4-9WOHy1g_C_z0xCM4zZwFDhvXM65QUWZ1cAQ0fqN_2Qr87Vbt_
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FB48
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGNEBbb1DPedfCKCZSe2qdw&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGNEBbb1DPedfCKCZSe2qdw&google_push=AX...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGNEBbb1DPedfCKCZSe2qdw&google_hm=ZYT6YUGY1yf_pRRGZPLVUgAABJIAAAAB&google_nid=index&google_push=AXcoOmQLRWbRqG8TkddUPWMZKc5hyNltdAxyN...

170 B
188 B

49ms
49ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGNEBbb1DPedfCKCZSe2qdw&google_hm=ZYT6YUGY1yf_pRRGZPLVUgAABJIAAAAB&google_nid=index&google_push=AXcoOmQLRWbRqG8TkddUPWMZKc5hyNltdAxyN04IntPjGWL4IebcqfhTGbH-9utt60SzdiWJi30AApDfDcUQYi8YIvIkF8eNTtQ

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 02:54:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 02:54:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YlbW4aqHnja01sU7qJNr4tdzdhuqrlFswwOPitqgXQ5fXe54yzQwrGIxX3Joq24s%2BXiwmA09W9ObCu0XcPQwRDi4zQ3wBMs09dGQ2RaWuOrrLFJWl2ZZQNmOdyp2z9rxBftkxiZ01TgPfA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGNEBbb1DPedfCKCZSe2qdw&google_hm=ZYT6YUGY1yf_pRRGZPLVUgAABJIAAAAB&google_nid=index&google_push=AXcoOmQLRWbRqG8TkddUPWMZKc5hyNltdAxyN04IntPjGWL4IebcqfhTGbH-9utt60SzdiWJi30AApDfDcUQYi8YIvIkF8eNTtQ
cache-control: no-cache
cf-ray: 8395147e8fbd4534-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FB48
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEF...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQitK10JrQMDd6PzVYlfhZRoHgQSAhbHEc2E1FxR9KlJT79dr5Ig8UKamqzLHfyEmxJ5rsXfQLETjml5g79qwvpKVnM932R&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-4b10703a-2423-4e8a-8361-f61d287a3250-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQitK10JrQMDd6PzVYlf...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQitK10JrQMDd6PzVYlfhZRoHgQSAhbHEc2E1FxR9KlJT79dr5Ig8UKamqzLHfyEmxJ5rsXfQLETjml5g79qwvpKVnM932R&google_hm=A0sQcDokI06Kg2H2HSh6MlA

170 B
188 B

55ms
55ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQitK10JrQMDd6PzVYlfhZRoHgQSAhbHEc2E1FxR9KlJT79dr5Ig8UKamqzLHfyEmxJ5rsXfQLETjml5g79qwvpKVnM932R&google_hm=A0sQcDokI06Kg2H2HSh6MlA

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 02:54:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQitK10JrQMDd6PzVYlfhZRoHgQSAhbHEc2E1FxR9KlJT79dr5Ig8UKamqzLHfyEmxJ5rsXfQLETjml5g79qwvpKVnM932R&google_hm=A0sQcDokI06Kg2H2HSh6MlA
date: Fri, 22 Dec 2023 02:54:25 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX4b10703a24234e8a8361f61d287a3250003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FB48
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEEDfAI9EnD9Hv3CVnqwXqDU&google_cver=1&google_push=AXcoOmRApqyFdesyF...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEEDfAI9EnD9Hv3CVnqwXqDU%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODA4OTE0NTQwNDYzODc2NDI3Nw%3D%3D&google_gid=CAESEEDfAI9EnD9Hv3CVnqwXqDU&google_cver=1&google_push=AXcoOmRApqyFdesyFubeY7fV_B2p0w2oO0...

170 B
188 B

50ms
50ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODA4OTE0NTQwNDYzODc2NDI3Nw%3D%3D&google_gid=CAESEEDfAI9EnD9Hv3CVnqwXqDU&google_cver=1&google_push=AXcoOmRApqyFdesyFubeY7fV_B2p0w2oO0Pq_UamrDENOaahOZCgDBrqL0ig1AUcAhi78qRqlKVEuSnjJlZn01tTbaevSSg09uRibQ

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 02:54:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 02:54:25 GMT
an-x-request-uuid: 5ca2d29f-74d3-4f17-8ed3-7988f60e2db7
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODA4OTE0NTQwNDYzODc2NDI3Nw%3D%3D&google_gid=CAESEEDfAI9EnD9Hv3CVnqwXqDU&google_cver=1&google_push=AXcoOmRApqyFdesyFubeY7fV_B2p0w2oO0Pq_UamrDENOaahOZCgDBrqL0ig1AUcAhi78qRqlKVEuSnjJlZn01tTbaevSSg09uRibQ
x-proxy-origin: 80.255.7.104; 80.255.7.104; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame FB48 0
59 B 49ms
48ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K_oHRbJ8c7lZ7XbzgVocrTg7NaqpYm7ZtQRCJBxy-UKFXdmjGdIYlY0GHZZ61A1ZJ00F3B9g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 532E 3 KB
1 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664221&bpp=153&bdt=273&idt=465&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=0&ifk=951579278&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C42532524%2C44795921%2C95320884&oid=2&pvsid=414464868954654&tmod=1465507687&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.a5ruky4zylrd&fsb=1&dtd=475

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 13:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49423
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 13:10:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 532E 20 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 09:13:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63654
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 09:13:30 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 532E 0
0 68ms
49ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTgLfkL6iwyjbczzdWUBma8AU0Auck_bfprdhHJ-p5np4Pd0x28KQgpCDhWTSnskFgsSX5VGUkzmAR_a7_TCtCxJGir5A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664221&bpp=153&bdt=273&idt=465&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=0&ifk=951579278&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C42532524%2C44795921%2C95320884&oid=2&pvsid=414464868954654&tmod=1465507687&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.a5ruky4zylrd&fsb=1&dtd=475
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 532E 203 KB
64 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 02:54:24 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 552E
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEI6MdibU0jduFkaNcVQw1lU&google_cver=1&google_push=AXcoOmS3o9xCp1u6JVDzwe-vnQiwrK1zdkph_kO470XrgDa7iwugbyabOgNLMwuAjEJ0y4VmjgkX630Mf-IA9r7uSbzNoJo_eXV9lA
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTAwNDQ5ODU1OTcyMDg5MjY2OQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEI6MdibU0jduFkaNcVQw1lU&google_cver=1

43 B
398 B

79ms
45ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEI6MdibU0jduFkaNcVQw1lU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664118&bpp=173&bdt=186&idt=496&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=473881860&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C42531706%2C95320885&oid=2&pvsid=4062105731340427&tmod=200875256&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.vk1l26qrfar&fsb=1&dtd=506
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 22 Dec 2023 02:54:24 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 02:54:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEI6MdibU0jduFkaNcVQw1lU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 552E
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEEl3NjElDQvPecQ_uZn8sSI&google_cver=1&google_push=AXcoOmTlom-6pOG-p922iS81wjb4Y4g7Km0Srm9FcWWEZUElxrhmzihmPQN_gJyl_QKNUuLc65869Pgn2rFaEdHcbps22QD5PET4S...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEl3NjElDQvPecQ_uZn8sSI&google_cver=1&google_push=AXcoOmTlom-6pOG-p922iS81wjb4Y4g7Km0Srm9FcWWEZUElxrhmzihmPQN_gJyl_QKNUuLc65869Pgn2rFaEdHcbps22QD5PET...

43 B
421 B

207ms
207ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEl3NjElDQvPecQ_uZn8sSI&google_cver=1&google_push=AXcoOmTlom-6pOG-p922iS81wjb4Y4g7Km0Srm9FcWWEZUElxrhmzihmPQN_gJyl_QKNUuLc65869Pgn2rFaEdHcbps22QD5PET4SA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTlom-6pOG-p922iS81wjb4Y4g7Km0Srm9FcWWEZUElxrhmzihmPQN_gJyl_QKNUuLc65869Pgn2rFaEdHcbps22QD5PET4SA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664118&bpp=173&bdt=186&idt=496&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=473881860&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C42531706%2C95320885&oid=2&pvsid=4062105731340427&tmod=200875256&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.vk1l26qrfar&fsb=1&dtd=506
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 02:54:25 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8395147f9e4b9156-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 02:54:25 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 524
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEl3NjElDQvPecQ_uZn8sSI&google_cver=1&google_push=AXcoOmTlom-6pOG-p922iS81wjb4Y4g7Km0Srm9FcWWEZUElxrhmzihmPQN_gJyl_QKNUuLc65869Pgn2rFaEdHcbps22QD5PET4SA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTlom-6pOG-p922iS81wjb4Y4g7Km0Srm9FcWWEZUElxrhmzihmPQN_gJyl_QKNUuLc65869Pgn2rFaEdHcbps22QD5PET4SA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8395147e6dcc9156-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 552E
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEGdzuqpyPNVP64PlFBrfUzo&google_cver=1&google_push=AXcoOmQx5T68YSdWbCbUkofD1cs3jdZuFAf-tOOk8ki86lrxEffwH6P5MbfatlsBbkfBRBVXVLL031F_irO6oMsOng6otFIRw3F5Aw
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C3B073E3DAC74A1D9CF0A12F1082AC36&google_push=AXcoOmQx5T68YSdWbCbUkofD1cs3jdZuFAf-tOOk8ki86lrxEffwH6P5MbfatlsBbkfBRBVXVLL031F_irO6oMs...

170 B
188 B

50ms
50ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C3B073E3DAC74A1D9CF0A12F1082AC36&google_push=AXcoOmQx5T68YSdWbCbUkofD1cs3jdZuFAf-tOOk8ki86lrxEffwH6P5MbfatlsBbkfBRBVXVLL031F_irO6oMsOng6otFIRw3F5Aw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664118&bpp=173&bdt=186&idt=496&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=473881860&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C42531706%2C95320885&oid=2&pvsid=4062105731340427&tmod=200875256&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.vk1l26qrfar&fsb=1&dtd=506

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 02:54:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 22 Dec 2023 02:54:25 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C3B073E3DAC74A1D9CF0A12F1082AC36&google_push=AXcoOmQx5T68YSdWbCbUkofD1cs3jdZuFAf-tOOk8ki86lrxEffwH6P5MbfatlsBbkfBRBVXVLL031F_irO6oMsOng6otFIRw3F5Aw
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 21 Dec 2023 02:54:25 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 552E 70 B
148 B 157ms
55ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHFcNR6lRZ82G4HBeqv_1o0&google_cver=1&google_push=AXcoOmQnuF0XIxjj9kl4X8BbOlO1vrxBKdDfUnmvB28zCOecRGveOOOzto--p0XWNVs5xVH0HqFJNFNEVCurPZOIWEvcyMaY_w0SPA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664118&bpp=173&bdt=186&idt=496&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=473881860&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C42531706%2C95320885&oid=2&pvsid=4062105731340427&tmod=200875256&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.vk1l26qrfar&fsb=1&dtd=506
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 552E
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEE99Lm_jLXYGgQGlywLMCuw&google_cver=1&google_push=AXcoOmRn35gxlXLBZPBPO550_dW8D12CQJq3VFIuwOeOGM8R6lG5MpOBk-26nigPeOUG1gAIEfquH7iJBER5ZctDqy6KfMV...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRn35gxlXLBZPBPO550_dW8D12CQJq3VFIuwOeOGM8R6lG5MpOBk-26nigPeOUG1gAIEfquH7iJBER5ZctDqy6KfMVaNDk3&google_hm=eS1Vbjh0Z0twRTJwR1Nmal...

170 B
188 B

49ms
49ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRn35gxlXLBZPBPO550_dW8D12CQJq3VFIuwOeOGM8R6lG5MpOBk-26nigPeOUG1gAIEfquH7iJBER5ZctDqy6KfMVaNDk3&google_hm=eS1Vbjh0Z0twRTJwR1NmaldOaW1DenhsekV4UFhGcEtLWH5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664118&bpp=173&bdt=186&idt=496&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=473881860&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C42531706%2C95320885&oid=2&pvsid=4062105731340427&tmod=200875256&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.vk1l26qrfar&fsb=1&dtd=506

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 02:54:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 22 Dec 2023 02:54:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRn35gxlXLBZPBPO550_dW8D12CQJq3VFIuwOeOGM8R6lG5MpOBk-26nigPeOUG1gAIEfquH7iJBER5ZctDqy6KfMVaNDk3&google_hm=eS1Vbjh0Z0twRTJwR1NmaldOaW1DenhsekV4UFhGcEtLWH5B
content-length: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 552E 0
166 B 148ms
41ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE45YQm0Cdv4wR_Y7SMNPjU&google_cver=1&google_push=AXcoOmQh1AUAunBwiaA1XjzE8kBqiKjeNlwHEYZ5uffzG-U4WcZu0nyA4HQ2vCAy5PHK4Owz7Sm6l1hXeIefLy6Ru2rvrb9LaM5zAg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664118&bpp=173&bdt=186&idt=496&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=473881860&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C42531706%2C95320885&oid=2&pvsid=4062105731340427&tmod=200875256&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.vk1l26qrfar&fsb=1&dtd=506
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 22 Dec 2023 02:54:24 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 552E 0
45 B 261ms
38ms Image
text/plain 81.17.55.122
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEP8J6scaCslLOx9xcw700k4&google_cver=1&google_push=AXcoOmQN-qNrBLzwa6YAN6jrNbx-4A_ucz50_H7l4r50yK-Eat50h93cCUDAp_8iBrqCov-iVtE_SF1ZvQi_BhlOQNc7Urx8jZ9-
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664118&bpp=173&bdt=186&idt=496&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=473881860&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C42531706%2C95320885&oid=2&pvsid=4062105731340427&tmod=200875256&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.vk1l26qrfar&fsb=1&dtd=506
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.122 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:24 GMT
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 552E 0
49 B 49ms
48ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JFS3YIIRi11pqi-XGb0Tvt1vOlxjwfMXMaIgxURd0ioH2hu0SfhsClmV5UmzZSji7D6ir4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664118&bpp=173&bdt=186&idt=496&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=473881860&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C42531706%2C95320885&oid=2&pvsid=4062105731340427&tmod=200875256&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.vk1l26qrfar&fsb=1&dtd=506

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame FC45 2 KB
3 KB 81ms
61ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jxsqf8z0n4hm922dz2dtvm2m40yz47azd86mxafrmyntrmmj474zykg8gy74nyzxjqdbt25pbaqm4m1j0rwhnr2jpwk2y8n4jzz0axcmq569tmdzgfxwmggrjg4baj30b26qgzzryv0ksy37wmxh9eafqgn1cxpp9hmncadx9rfj5kmscr0gsc02z28x2p2w02jmh9j4vx88jn05w692x6rkvr5hp8a228f7kbjt80sxkrfsnzwzf1kg43b6kesfbxeqawa73vdkmf6ekn90wem3bh7hrm1bh61td5vpkg89whvxj938n33vmr4hb8vxcsdhg58d1mze9nemt78ckbeb1xbagsm7w52h8zaef62wjqj59pm60t5b9tbv4kw8h6ajyw4y251p8j53dzwz06nzd19f0rt1zc5v5ee6y91jzb0wnr358qhe35jjwg1ce25dxwpw8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzwGmYPqEZbWvLM6kjuwPzIyP6AWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoE0AFP0GP7fvYey615YWDKhI7FbRfN5LepqUSg0aT6NBC1Vgy9SIZIqnyFoiBvihtYydq_533W_Y4q_e3lgm1D5wet9VkFEUiPHXAmw55h8kZ5IrU3EyoiKI3evQMJv9yoIuFmY23ZzazrSr56LwdK57tMNbBE8Gn_xh0j-s2RFGqpQkVLaPQ_JNt3VnrgN2NtiKMIeHeaiEQXl8iQZVmoTd96KfLqVozQZZACiJhM909QicAjCZDuVJnxp13X5MMJ5HFkKleFp5b6quU9l5RW5v4rgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WL3E2auFooMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0E-sZzH2UzK8XflhXSQWOZY54DnA%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e69919ed1f9c4370d6b057d29ed0c03ed5ffb06a3d2a392d493a5f5da056873b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8395147e1b8c3a64-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 02:54:24 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3855 1 KB
643 B 40ms
40ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63654
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 09:13:30 GMT
etag: 48472445140208031
expires: Fri, 22 Dec 2023 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 43E8 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 991527057c4c620bf47ba162dfcb358e253067b2546112b6e0547d70729baeef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 532E 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0478d8885cc21ba5f73900c13eb666e11c8ab9b5b749836cf55355405ab0e278

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3855
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEGdzuqpyPNVP64PlFBrfUzo&google_cver=1&google_push=AXcoOmTYMVga4xPNYPESBO_ICP7HFL1yyj6Ri--18aFGh-E97k65bwG13nN9Q9oXxRSspY_tcjO9MUgYCXQ9-GeVphlYmEQIP085
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C26A6CA088824365B534F9EE3D1C6A1A&google_push=AXcoOmTYMVga4xPNYPESBO_ICP7HFL1yyj6Ri--18aFGh-E97k65bwG13nN9Q9oXxRSspY_tcjO9MUgYCXQ9-Ge...

170 B
188 B

49ms
49ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C26A6CA088824365B534F9EE3D1C6A1A&google_push=AXcoOmTYMVga4xPNYPESBO_ICP7HFL1yyj6Ri--18aFGh-E97k65bwG13nN9Q9oXxRSspY_tcjO9MUgYCXQ9-GeVphlYmEQIP085

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 02:54:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 22 Dec 2023 02:54:25 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C26A6CA088824365B534F9EE3D1C6A1A&google_push=AXcoOmTYMVga4xPNYPESBO_ICP7HFL1yyj6Ri--18aFGh-E97k65bwG13nN9Q9oXxRSspY_tcjO9MUgYCXQ9-GeVphlYmEQIP085
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 21 Dec 2023 02:54:25 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 3855 43 B
145 B 55ms
40ms Image
image/gif 18.185.219.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJ3b9xRXWTz5jMn8iSeg0Vc&google_cver=1&google_push=AXcoOmRAEwDI2CfOp0BzrQ8T7hTGtkGlFAXYViM2VS5eqSIo0hmvmGrI-xrX6_sxMXbXYKRheXqZ9Pv5-DqG4kkNmlV3dxwrcV6r
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664221&bpp=153&bdt=273&idt=465&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=0&ifk=951579278&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C42532524%2C44795921%2C95320884&oid=2&pvsid=414464868954654&tmod=1465507687&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.a5ruky4zylrd&fsb=1&dtd=475
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.219.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-219-207.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3855
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEMnYx4G3BVQTdXb5KUvJeYY&google_cver=1&google_push=AXcoOmTHj7CbiMV15lEe_872GazsKz5E5iOvKcYqdMUbLRdtnG0LrshswouRD8l7hrd_Jfx-zZEOBpHK-j6-QEgL1fPpHQ5...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEMnYx4G3BVQTdXb5KUvJeYY&google_cver=1&google_push=AXcoOmTHj7CbiMV15lEe_872GazsKz5E5iOvKcYqdMUbLRdtnG0LrshswouRD8l7hrd_Jfx-zZEOBpHK-j6-QEgL1fPpH...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTHj7CbiMV15lEe_872GazsKz5E5iOvKcYqdMUbLRdtnG0LrshswouRD8l7hrd_Jfx-zZEOBpHK-j6-QEgL1fPpHQ5GWoA

170 B
188 B

49ms
48ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTHj7CbiMV15lEe_872GazsKz5E5iOvKcYqdMUbLRdtnG0LrshswouRD8l7hrd_Jfx-zZEOBpHK-j6-QEgL1fPpHQ5GWoA

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 02:54:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTHj7CbiMV15lEe_872GazsKz5E5iOvKcYqdMUbLRdtnG0LrshswouRD8l7hrd_Jfx-zZEOBpHK-j6-QEgL1fPpHQ5GWoA
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 3855 43 B
363 B 142ms
42ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQd1_Q-1zurevQAgUmPFen5LvMEd23V-hbKnvX3h2BAIRSbbwfulFtngchMYlc2-HGGxsnY07lRoARHcymccctz3awpVZfa&google_gid=CAESEDsY-KCHEn_6-x6obBvlOkI&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 02:54:24 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 229790
expires: Fri, 22 Dec 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3855
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEATZP8UfqDJL0JfjiGP_3Fo&google_cver=1&google_push=AXcoOmQH5ARn3zS9gUy272ROZgEeAVVrhwyPvGrh6T9UtHt8L6JKDK2McB1WSIBnGEKf_87Xwc-jBqUM...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEATZP8UfqDJL0JfjiGP_3Fo&google_cver=1&google_push=AXcoOmQH5ARn3zS9gUy272ROZgEeAVVrhwyPvGrh6T9UtHt8L6JKDK2McB1WSIBnGEKf_87Xwc-...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTUzOTAwMTY1NDczNTQ3Nzg4OA&google_push=AXcoOmQH5ARn3zS9gUy272ROZgEeAVVrhwyPvGrh6T9UtHt8L6JKDK2McB1WSIBnGEKf_87Xwc-jBq...

170 B
188 B

50ms
49ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTUzOTAwMTY1NDczNTQ3Nzg4OA&google_push=AXcoOmQH5ARn3zS9gUy272ROZgEeAVVrhwyPvGrh6T9UtHt8L6JKDK2McB1WSIBnGEKf_87Xwc-jBqUM3ACGVtx4VDgO_oy6dYsH

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 02:54:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 02:54:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTUzOTAwMTY1NDczNTQ3Nzg4OA&google_push=AXcoOmQH5ARn3zS9gUy272ROZgEeAVVrhwyPvGrh6T9UtHt8L6JKDK2McB1WSIBnGEKf_87Xwc-jBqUM3ACGVtx4VDgO_oy6dYsH
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 ebda
match.360yield.com/match/ Frame 3855 43 B
199 B 169ms
54ms Image
image/gif 54.76.229.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESEAtCROxa8EPxcSIxZDTI8MU&google_cver=1&google_push=AXcoOmR-h7QpHJjsn48MXAtwKPzZZB3YQsXEDjTzcnLSdD9XaGNVfUp_8K2arLIbVDfVfToZmILi5n4U8Fu6mZ9qtJftT4zeXYTs
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664221&bpp=153&bdt=273&idt=465&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=0&ifk=951579278&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C42532524%2C44795921%2C95320884&oid=2&pvsid=414464868954654&tmod=1465507687&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.a5ruky4zylrd&fsb=1&dtd=475
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.76.229.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-229-46.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 02:54:25 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3855
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=3c4040df-8d9d-4aec-beb0-1c833ee1ba3a&google_cver=1&google_gid=CAESECI7mNDx2mrXA89xY-W66Gc&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
188 B

49ms
49ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=3c4040df-8d9d-4aec-beb0-1c833ee1ba3a&google_cver=1&google_gid=CAESECI7mNDx2mrXA89xY-W66Gc&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSnqs7o78XN-1cK3_KW7wxIK5gpsVCVK5yfBJroQf-Vb3iIysve1mMtr0KBWGW5zfJXFV4egnRICTMrFsuWYDnhUVhIsN49yQ&gdpr=${GDPR}

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 02:54:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=3c4040df-8d9d-4aec-beb0-1c833ee1ba3a&google_cver=1&google_gid=CAESECI7mNDx2mrXA89xY-W66Gc&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSnqs7o78XN-1cK3_KW7wxIK5gpsVCVK5yfBJroQf-Vb3iIysve1mMtr0KBWGW5zfJXFV4egnRICTMrFsuWYDnhUVhIsN49yQ&gdpr=${GDPR}
date: Fri, 22 Dec 2023 02:54:25 GMT
server: _
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3855 0
12 B 49ms
47ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LDjkeSwq_-t7hjfDd_V-id8KUyl-KUGSBL4SeWR0C2lEvO-UsHU5veC5VhO9UVO90it0Kf5w

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame FC45 115 KB
14 KB 52ms
50ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jxsqf8z0n4hm922dz2dtvm2m40yz47azd86mxafrmyntrmmj474zykg8gy74nyzxjqdbt25pbaqm4m1j0rwhnr2jpwk2y8n4jzz0axcmq569tmdzgfxwmggrjg4baj30b26qgzzryv0ksy37wmxh9eafqgn1cxpp9hmncadx9rfj5kmscr0gsc02z28x2p2w02jmh9j4vx88jn05w692x6rkvr5hp8a228f7kbjt80sxkrfsnzwzf1kg43b6kesfbxeqawa73vdkmf6ekn90wem3bh7hrm1bh61td5vpkg89whvxj938n33vmr4hb8vxcsdhg58d1mze9nemt78ckbeb1xbagsm7w52h8zaef62wjqj59pm60t5b9tbv4kw8h6ajyw4y251p8j53dzwz06nzd19f0rt1zc5v5ee6y91jzb0wnr358qhe35jjwg1ce25dxwpw8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzwGmYPqEZbWvLM6kjuwPzIyP6AWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoE0AFP0GP7fvYey615YWDKhI7FbRfN5LepqUSg0aT6NBC1Vgy9SIZIqnyFoiBvihtYydq_533W_Y4q_e3lgm1D5wet9VkFEUiPHXAmw55h8kZ5IrU3EyoiKI3evQMJv9yoIuFmY23ZzazrSr56LwdK57tMNbBE8Gn_xh0j-s2RFGqpQkVLaPQ_JNt3VnrgN2NtiKMIeHeaiEQXl8iQZVmoTd96KfLqVozQZZACiJhM909QicAjCZDuVJnxp13X5MMJ5HFkKleFp5b6quU9l5RW5v4rgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WL3E2auFooMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0E-sZzH2UzK8XflhXSQWOZY54DnA%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jxsqf8z0n4hm922dz2dtvm2m40yz47azd86mxafrmyntrmmj474zykg8gy74nyzxjqdbt25pbaqm4m1j0rwhnr2jpwk2y8n4jzz0axcmq569tmdzgfxwmggrjg4baj30b26qgzzryv0ksy37wmxh9eafqgn1cxpp9hmncadx9rfj5kmscr0gsc02z28x2p2w02jmh9j4vx88jn05w692x6rkvr5hp8a228f7kbjt80sxkrfsnzwzf1kg43b6kesfbxeqawa73vdkmf6ekn90wem3bh7hrm1bh61td5vpkg89whvxj938n33vmr4hb8vxcsdhg58d1mze9nemt78ckbeb1xbagsm7w52h8zaef62wjqj59pm60t5b9tbv4kw8h6ajyw4y251p8j53dzwz06nzd19f0rt1zc5v5ee6y91jzb0wnr358qhe35jjwg1ce25dxwpw8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzwGmYPqEZbWvLM6kjuwPzIyP6AWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoE0AFP0GP7fvYey615YWDKhI7FbRfN5LepqUSg0aT6NBC1Vgy9SIZIqnyFoiBvihtYydq_533W_Y4q_e3lgm1D5wet9VkFEUiPHXAmw55h8kZ5IrU3EyoiKI3evQMJv9yoIuFmY23ZzazrSr56LwdK57tMNbBE8Gn_xh0j-s2RFGqpQkVLaPQ_JNt3VnrgN2NtiKMIeHeaiEQXl8iQZVmoTd96KfLqVozQZZACiJhM909QicAjCZDuVJnxp13X5MMJ5HFkKleFp5b6quU9l5RW5v4rgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WL3E2auFooMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0E-sZzH2UzK8XflhXSQWOZY54DnA%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 676381
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fpqcEHOBs339N5a77YPfGPy7xp5%2FLQo6OLy8fIB2w%2BWIbZLNtO5MxJqHhwvQipQwKrfqTFHhZgcd0F9053tnOmgMEqfEYFVH5x%2FWYKdVCnY5rAmwIukNxtFz%2FAqoDH9A9EgzkvFAfyU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8395147e9bba3a64-FRA
expires: Sat, 23 Dec 2023 02:54:25 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame FC45 24 KB
10 KB 66ms
48ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jxsqf8z0n4hm922dz2dtvm2m40yz47azd86mxafrmyntrmmj474zykg8gy74nyzxjqdbt25pbaqm4m1j0rwhnr2jpwk2y8n4jzz0axcmq569tmdzgfxwmggrjg4baj30b26qgzzryv0ksy37wmxh9eafqgn1cxpp9hmncadx9rfj5kmscr0gsc02z28x2p2w02jmh9j4vx88jn05w692x6rkvr5hp8a228f7kbjt80sxkrfsnzwzf1kg43b6kesfbxeqawa73vdkmf6ekn90wem3bh7hrm1bh61td5vpkg89whvxj938n33vmr4hb8vxcsdhg58d1mze9nemt78ckbeb1xbagsm7w52h8zaef62wjqj59pm60t5b9tbv4kw8h6ajyw4y251p8j53dzwz06nzd19f0rt1zc5v5ee6y91jzb0wnr358qhe35jjwg1ce25dxwpw8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzwGmYPqEZbWvLM6kjuwPzIyP6AWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoE0AFP0GP7fvYey615YWDKhI7FbRfN5LepqUSg0aT6NBC1Vgy9SIZIqnyFoiBvihtYydq_533W_Y4q_e3lgm1D5wet9VkFEUiPHXAmw55h8kZ5IrU3EyoiKI3evQMJv9yoIuFmY23ZzazrSr56LwdK57tMNbBE8Gn_xh0j-s2RFGqpQkVLaPQ_JNt3VnrgN2NtiKMIeHeaiEQXl8iQZVmoTd96KfLqVozQZZACiJhM909QicAjCZDuVJnxp13X5MMJ5HFkKleFp5b6quU9l5RW5v4rgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WL3E2auFooMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0E-sZzH2UzK8XflhXSQWOZY54DnA%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 149975
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXF1vtANQYZyANf1YedCFPBo5QYpE9nX1nTsqYBU1Ofml1daTSrPHFDoJiiz8TSvey6TFr4iCCxzizFNVmN4UL7cm%2FYE0j42Rtr7QPt5NN4P%2FON9bjaJW4TgobRaXvYiusOdifo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 8395147ebbd13a64-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 09:16:49 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame A89F 115 KB
14 KB 53ms
53ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h02ce4efd19e63gkf5ckd42074q8wdtb1nzq0kw2e3yp8d9j5hcvd8ecetabekbrt8ypc377ha0e56jf9dhap1e7n5qwqszc99rc9bc8bskn6v15a1a05rr32t645evhyg7q5v4tdrb2etak366q0acy7bxabje075gmpchnpxbvvx2p3eh3jyrggw9jdvyva425hsbanc734f247rsv0dzpgt6cj33sxs74q1vphfp35d7m17g9nhn7vqrj6vzw390j1pgsjvqadtn7ze9b51jvasfrsrv1k96keyr6q8fam16bytgbsh409wt30njr6vpcj37djtye5q6dsytbsk5gr5te0jmg42ttwwm3pq234vcn19mhcbkf5ajtpc9avxn9683mxabwwxwb179nz1znsppa6zv6a39t38n8sncpxzvebyt1g7jk4012yp71pa77yx7&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmYMzYPqEZZKoJOOCjuwP04y9mA6Q4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0EpMjG6qmCWrYwDoFyuBqCUAIbucQx46UdsuGvntxgjDEC8eIdxubxosEhqYbcTYe0PLF0Ln5rAurh2oWzU0aC5XEd5nH0ZSSIfabxFrb2d75vaaf8YFdaRjiD24KspUsznbEl63v-X8_X0uN5q1HVM1Z4W2aVGvCscVxnZIgrMBx-i5D5qcO0qa5CM4h0rkszAsQmu_PZMJ21UhfDZotzaXs2V50TLHdA1pXQpwLsb7ZDoKCsCFRNVSRawxqb5X1ED0ZH2KvjjtVtCIqJOABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYxr_Rq4WigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3g-omR_KxnBiFj5rUvQGdu1yei3w%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1h02ce4efd19e63gkf5ckd42074q8wdtb1nzq0kw2e3yp8d9j5hcvd8ecetabekbrt8ypc377ha0e56jf9dhap1e7n5qwqszc99rc9bc8bskn6v15a1a05rr32t645evhyg7q5v4tdrb2etak366q0acy7bxabje075gmpchnpxbvvx2p3eh3jyrggw9jdvyva425hsbanc734f247rsv0dzpgt6cj33sxs74q1vphfp35d7m17g9nhn7vqrj6vzw390j1pgsjvqadtn7ze9b51jvasfrsrv1k96keyr6q8fam16bytgbsh409wt30njr6vpcj37djtye5q6dsytbsk5gr5te0jmg42ttwwm3pq234vcn19mhcbkf5ajtpc9avxn9683mxabwwxwb179nz1znsppa6zv6a39t38n8sncpxzvebyt1g7jk4012yp71pa77yx7&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmYMzYPqEZZKoJOOCjuwP04y9mA6Q4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0EpMjG6qmCWrYwDoFyuBqCUAIbucQx46UdsuGvntxgjDEC8eIdxubxosEhqYbcTYe0PLF0Ln5rAurh2oWzU0aC5XEd5nH0ZSSIfabxFrb2d75vaaf8YFdaRjiD24KspUsznbEl63v-X8_X0uN5q1HVM1Z4W2aVGvCscVxnZIgrMBx-i5D5qcO0qa5CM4h0rkszAsQmu_PZMJ21UhfDZotzaXs2V50TLHdA1pXQpwLsb7ZDoKCsCFRNVSRawxqb5X1ED0ZH2KvjjtVtCIqJOABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYxr_Rq4WigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3g-omR_KxnBiFj5rUvQGdu1yei3w%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 781484
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Jf0lYe6rIzHlxwBMLlB9gGjDnrrqveCBIzgfloqc84QvJy1uhpv%2F4OW3HiAqhnR5EYqIp8JY9T2v3xjdSXQRMToF%2Foe%2FuQxkudrlls9fTWkpcG%2Fm4uGuE%2BeWYVdEuy80CbSq4NIAec%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8395147eee9b69a3-FRA
expires: Sat, 23 Dec 2023 02:54:25 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame A89F 24 KB
9 KB 49ms
49ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h02ce4efd19e63gkf5ckd42074q8wdtb1nzq0kw2e3yp8d9j5hcvd8ecetabekbrt8ypc377ha0e56jf9dhap1e7n5qwqszc99rc9bc8bskn6v15a1a05rr32t645evhyg7q5v4tdrb2etak366q0acy7bxabje075gmpchnpxbvvx2p3eh3jyrggw9jdvyva425hsbanc734f247rsv0dzpgt6cj33sxs74q1vphfp35d7m17g9nhn7vqrj6vzw390j1pgsjvqadtn7ze9b51jvasfrsrv1k96keyr6q8fam16bytgbsh409wt30njr6vpcj37djtye5q6dsytbsk5gr5te0jmg42ttwwm3pq234vcn19mhcbkf5ajtpc9avxn9683mxabwwxwb179nz1znsppa6zv6a39t38n8sncpxzvebyt1g7jk4012yp71pa77yx7&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmYMzYPqEZZKoJOOCjuwP04y9mA6Q4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0EpMjG6qmCWrYwDoFyuBqCUAIbucQx46UdsuGvntxgjDEC8eIdxubxosEhqYbcTYe0PLF0Ln5rAurh2oWzU0aC5XEd5nH0ZSSIfabxFrb2d75vaaf8YFdaRjiD24KspUsznbEl63v-X8_X0uN5q1HVM1Z4W2aVGvCscVxnZIgrMBx-i5D5qcO0qa5CM4h0rkszAsQmu_PZMJ21UhfDZotzaXs2V50TLHdA1pXQpwLsb7ZDoKCsCFRNVSRawxqb5X1ED0ZH2KvjjtVtCIqJOABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYxr_Rq4WigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3g-omR_KxnBiFj5rUvQGdu1yei3w%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 149975
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSH4uES59q%2BhzLI%2FJMWlFXamr14D1IoNGUJl9GG5JRbiu0IFQihxxjb%2FgUNW1ehEw8GVmNljDvY%2BbjKsAWvMViP%2FgbDLAn%2BogfoO4rsCBNfKW4g6YYtvSe3EYfMDphNh6TqwN9Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 8395147eebe93a64-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 09:16:49 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame BDC1 115 KB
14 KB 87ms
86ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gcpdemthc50j68xgc24gmj7jd8f0nc1ns56y4b0c0zynkt849mey93jrca728t52r5g1g9vegq77zx57yswgzpwmy2sngvsca27bgv5dnqjvsptbqme1bsz296pfwzwqtm3mga7h9e4gewnwsy5dtrm3pw9hhpphkb3rb2t36z4a396pbscxqs9c2r3h2y3s6v4a4egztgtwxxtn0rpwhebw71jgjthzcark4ynz0v4cx0ddtmtcn2zr07cb9hfa5ebg9hn3q73q3937670z242grgh32w66prk5y0j9wgc64jwb90ecw8yfrxnyea0gvkrbrwrw2jex09py4x7e1wbsckggjp98cstwepn6p3jgast4mfyr8sm58x9xcybvjzcxr8tgbwagwydf0069cnz9ae87kc55ps3vj7sm7tw3hbx018ggmsagw0jhj4vz4kay1vt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyuRDYPqEZeuEKISBjuwPgNyfyAqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0Op5dP-vux1U7l9bjTOpZPikHKcE4HtnEE3Ds_H2R9x_jOg0KK08vRDd6OuKcg7ZNOQF7YDaQcHLISBCtThXnqBAThbUGl7rri_iX81m392cSGgz0OpSc2tEp-THgYn-nvqlYrj0IFrChDOIfWOgiKn4R8V2rKY1Ae4W4aTjZrfLk_KUAIDamntOVUps1snPwE9wgB3caH7PS77or9Sk9oINORAnfXqm3cKKuuflmnQ-46GqEvTuAnoEiX2hE74nH6diXmXOHJMhMyAqswCABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYjpjVq4WigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2dYQn-8eqxoaXKUD8kIbpNY3Kzjw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gcpdemthc50j68xgc24gmj7jd8f0nc1ns56y4b0c0zynkt849mey93jrca728t52r5g1g9vegq77zx57yswgzpwmy2sngvsca27bgv5dnqjvsptbqme1bsz296pfwzwqtm3mga7h9e4gewnwsy5dtrm3pw9hhpphkb3rb2t36z4a396pbscxqs9c2r3h2y3s6v4a4egztgtwxxtn0rpwhebw71jgjthzcark4ynz0v4cx0ddtmtcn2zr07cb9hfa5ebg9hn3q73q3937670z242grgh32w66prk5y0j9wgc64jwb90ecw8yfrxnyea0gvkrbrwrw2jex09py4x7e1wbsckggjp98cstwepn6p3jgast4mfyr8sm58x9xcybvjzcxr8tgbwagwydf0069cnz9ae87kc55ps3vj7sm7tw3hbx018ggmsagw0jhj4vz4kay1vt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyuRDYPqEZeuEKISBjuwPgNyfyAqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0Op5dP-vux1U7l9bjTOpZPikHKcE4HtnEE3Ds_H2R9x_jOg0KK08vRDd6OuKcg7ZNOQF7YDaQcHLISBCtThXnqBAThbUGl7rri_iX81m392cSGgz0OpSc2tEp-THgYn-nvqlYrj0IFrChDOIfWOgiKn4R8V2rKY1Ae4W4aTjZrfLk_KUAIDamntOVUps1snPwE9wgB3caH7PS77or9Sk9oINORAnfXqm3cKKuuflmnQ-46GqEvTuAnoEiX2hE74nH6diXmXOHJMhMyAqswCABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYjpjVq4WigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2dYQn-8eqxoaXKUD8kIbpNY3Kzjw%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 781484
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MO3hGxgPXchrXCFU4V7Ds1BfdwAxP1QUIh%2BajFvoa%2BTsm%2B74ZrpmtrJuYxYEmj3qkWk%2Fd%2FB1bYuVZUvKGyMtOGfTPQonjSMA%2F0alDgM%2FdElT%2FpnyAZ5TKBmLP%2BGr1WcEUcBIkr1tW6I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 8395147efea369a3-FRA
expires: Sat, 23 Dec 2023 02:54:25 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame BDC1 24 KB
9 KB 48ms
48ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gcpdemthc50j68xgc24gmj7jd8f0nc1ns56y4b0c0zynkt849mey93jrca728t52r5g1g9vegq77zx57yswgzpwmy2sngvsca27bgv5dnqjvsptbqme1bsz296pfwzwqtm3mga7h9e4gewnwsy5dtrm3pw9hhpphkb3rb2t36z4a396pbscxqs9c2r3h2y3s6v4a4egztgtwxxtn0rpwhebw71jgjthzcark4ynz0v4cx0ddtmtcn2zr07cb9hfa5ebg9hn3q73q3937670z242grgh32w66prk5y0j9wgc64jwb90ecw8yfrxnyea0gvkrbrwrw2jex09py4x7e1wbsckggjp98cstwepn6p3jgast4mfyr8sm58x9xcybvjzcxr8tgbwagwydf0069cnz9ae87kc55ps3vj7sm7tw3hbx018ggmsagw0jhj4vz4kay1vt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyuRDYPqEZeuEKISBjuwPgNyfyAqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0Op5dP-vux1U7l9bjTOpZPikHKcE4HtnEE3Ds_H2R9x_jOg0KK08vRDd6OuKcg7ZNOQF7YDaQcHLISBCtThXnqBAThbUGl7rri_iX81m392cSGgz0OpSc2tEp-THgYn-nvqlYrj0IFrChDOIfWOgiKn4R8V2rKY1Ae4W4aTjZrfLk_KUAIDamntOVUps1snPwE9wgB3caH7PS77or9Sk9oINORAnfXqm3cKKuuflmnQ-46GqEvTuAnoEiX2hE74nH6diXmXOHJMhMyAqswCABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYjpjVq4WigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2dYQn-8eqxoaXKUD8kIbpNY3Kzjw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 149975
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2S2aHu9r6%2BvgeatbuIytdHz1gxFR758NO2AASPveK0y6HbnwbuQHO7PXdbHamiAGjPZ6jV4gOFCSi2WNcnPeBexDpEH%2BuVov0DwHIDqwsGlVYBfoOrVsVO1BxeWJJ5O40fjs2ws%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 8395147efbef3a64-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 09:16:49 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame FC45 350 B
638 B 151ms
50ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1906722
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JMpKGy%2FT26nlmMxqSqts3N0ZiUwNFQbQ2jtl9Ih1yYdDL9UXZgPpk6Ry71AsW6VmNLEZtGfHjjNeDp%2BJFfyGKB5Xlc9mx%2BG5RDx%2Bbm0makt5MCoDUSTzRWiFdaTJAlc3Hba4qwNfFrgVmKH86BNkSNjw"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8395147fbfca1c7f-FRA
expires: Fri, 29 Nov 2024 01:15:43 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 5C9E 2 KB
1 KB 67ms
67ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1984254
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 8395147f1eac69a3-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Fri, 22 Dec 2023 02:54:25 GMT
expires: Wed, 29 Nov 2023 04:43:03 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQTXeDGrgcBPxeOMCo4fAsFERmogdXQcHsUJ47UjAfKW1fXgjy8p9fEH9YJZSVypWmE%2B9nqpwd90lvEDw%2FQGe09xqtAXjWXWOVBWj%2Fkgqv4s%2BzWqImV1jSBd4b2yeM72az2ocpI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame A89F 350 B
636 B 64ms
49ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1906722
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5mphqmrRDTlpUzVWzI9jTL7QSFgf9eYndFHf%2BhBVyVk5YVoDB4CoDQF3pxXcVanS6vc9DqyRSUBEmYUmqussLM9GoM3tdEnpc%2B5xCE7e9t1W%2FkBeCVyX9lvxJI8KmQhTn16CZt1ryXM4uNot1wacgxl4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8395147fbfcc1c7f-FRA
expires: Fri, 29 Nov 2024 01:15:43 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame BDC1 350 B
909 B 64ms
49ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1906722
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5kSji5BWHW4bnykCqNQGeWBjk11yUnU7e4ZdL%2BebezG861G2IH7h2CRtCSl1x5JKQhos9ND1VlAQJPNprj6jnsxPaBhaHJjWGH6ZD7OJWRXh8WiEXFFDKO1%2B2LXw%2BZktKhz8RiKJ7irZGawYKNfNWIO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 8395147fbfcb1c7f-FRA
expires: Fri, 29 Nov 2024 01:15:43 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 399B 2 KB
1 KB 48ms
48ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1984254
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 8395147faed569a3-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Fri, 22 Dec 2023 02:54:25 GMT
expires: Wed, 29 Nov 2023 04:43:03 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5V30twAxIs%2BLPKvX8hPRjZ1RXMWiYWqmMBgQ464PQ3vKpKvqMPrldpUovjH5gRglxyv9hi49ljiJxP29yj8WoTImcxvkWINAGmu7TR1YlsgCNK9Jy0BQkRaBLxid3jks%2FYxaHbs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 60F6 2 KB
1 KB 49ms
49ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1984254
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 8395147faed669a3-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Fri, 22 Dec 2023 02:54:25 GMT
expires: Wed, 29 Nov 2023 04:43:03 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QF1HzsLzaDMzLDFtahubWnZjWI5QzreEg64EdRBLC32iGSL2EgsbYHWmf1Qkv6gFaD%2Fp%2FNVCWA2nBRJPPsAod9mgCo75euPwdfXBUIERRM%2B5XVslMoWOQZKK1C%2BnLanK2Li%2FQ%2BU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 105ms
62ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8395147fea924d2b-FRA
content-length: 24
content-type: text/plain
date: Fri, 22 Dec 2023 02:54:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tKHf4LaPn%2B%2FUSo0w%2FmavmTeNcylgRvKQ1I4M%2BPsCqO93gMleSCoWUUZUwbBQAb%2BxLsDEvsPAo93gAW6NyNlqjqSGD3Ln2JYlWSN%2FUioo7olxVtRhIi1Ah7cgGU%2FPDexkwBHDz6o%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-cf45

POST
H3 200 rs Show response
ad4m.at/ Frame FC45 2 KB
2 KB 62ms
62ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69821fdc7af33beced8acdd1e0ee62b20b39b03f045b7c48bdf12e5f78375d50

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FSlPLc%2FIrIkQCYbo43wi6BZYsJaT%2F9V6gPK7HRYj%2BYd3AfgJApfrUnohzLKl3KZf%2FIRryHKA9CzjH7EBAdjqqmoq15xyX28FMNDekDItZMGkE6Bzo9GMoqUhxTF2BPIvhd2bRLU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 839514804ab94d2b-FRA
x-backend-server: aa-reachservice-group-europe-west1-cf45
alt-svc: h3=":443"; ma=86400

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 43E8 0
19 B 85ms
85ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CeoCpYPqEZeuEKISBjuwPgNyfyAqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzAFP0Op5dP-vux1U7l9bjTOpZPikHKcE4HtnEE3Ds_H2R9x_jOg0KK08vRDd6OuKcg7ZNOQF7YDaQcHLISBCtThXnqBAThbUGl7rri_iX81m392cSGgz0OpSc2tEp-THgYn-nvqlYrj0IFrChDOIfWOgiKn4R8V2rKY1Ae4W4aTjZrfLk_KUAIDamntOVUps1snPwE9wgB3caH7PS77or9Sk9oINORAnP3iHTxVzPactHTyoOeg44M36CNcOp2V8k3xujV_2QEnWyU--c-iABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYjpjVq4WigwOACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTg4NDI5NDQ3OTM5MTYzOBiZ0iE&sigh=qohUFyAruTU&uach_m=%5BUACH%5D&cid=CAQSKQAvHhf_nDx4mjUDtowv_7fi5m8LPaFo0gqtxzgIXr-5omqS4eqO4aBkGAE&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664118&bpp=173&bdt=186&idt=496&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=473881860&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C42531706%2C95320885&oid=2&pvsid=4062105731340427&tmod=200875256&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.vk1l26qrfar&fsb=1&dtd=506

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664118&bpp=173&bdt=186&idt=496&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=473881860&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C42531706%2C95320885&oid=2&pvsid=4062105731340427&tmod=200875256&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.vk1l26qrfar&fsb=1&dtd=506
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 22 Dec 2023 02:54:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 43E8 0
39 B 149ms
50ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1j9q0ejbhsrws6bn87b7s8pmajbb42565f042cj9s1sem2hy1v73gtayv7stdsx7yrm9sjrda7fxqr8essy1nqpwwf2rdh0r8e8xx2nz7dw65kqt76nq0b4jxcxt08awdygrkk2w3gv009m5bge4h0fgwekzyfmns6zvng5vh5kwr9knh1g2e7m1k9rsdt9cw89wf9q7c14y26hs8fd6fhbmrdvkb1x2xa9qfpsk5ngejs0rr7g5x7mrhjer8b9ra23ymcq0cfw5310qbjet202j7b0ne42n2qyn0afk3zspg6ma5397x6m1g5sp3qx84srnx0kqdj3bjjgjr0stb83v9z9e3vsp7s4xd7n3s6kgsdxt7wnp1wmt46zms47c0w3yx4z2nsgnth8&b=ZYT6YAAKAmsHg4CEAAfuAJYL-Tc5fQYbxLr3XA&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664118&bpp=173&bdt=186&idt=496&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=473881860&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C42531706%2C95320885&oid=2&pvsid=4062105731340427&tmod=200875256&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.vk1l26qrfar&fsb=1&dtd=506
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 02:54:25 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9868 0
19 B 83ms
83ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRyEJYPqEZZKoJOOCjuwP04y9mA6Q4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzAFP0EpMjG6qmCWrYwDoFyuBqCUAIbucQx46UdsuGvntxgjDEC8eIdxubxosEhqYbcTYe0PLF0Ln5rAurh2oWzU0aC5XEd5nH0ZSSIfabxFrb2d75vaaf8YFdaRjiD24KspUsznbEl63v-X8_X0uN5q1HVM1Z4W2aVGvCscVxnZIgrMBx-i5D5qcO0qa5CM4h0rkszAsQmu_PZMJ21UhfDZotzaXs2V5kzDm5tqQ2kq4qY5tvnOY-PmRTnhYa7TsKXweRrhgelGSa-RyFhiABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYxr_Rq4WigwOACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTg4NDI5NDQ3OTM5MTYzOBiZ0iE&sigh=YdkHX9UcPIE&uach_m=%5BUACH%5D&cid=CAQSKQAvHhf_-Yz2udG-24jYez_C_V8aryGHtHh8M5399DqR1PySMKp-MgRBGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664159&bpp=163&bdt=208&idt=395&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=951253811&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079979%2C31080103%2C42532599%2C44809005%2C95320869%2C95320884&oid=2&pvsid=3117365693374568&tmod=1040047305&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.aobx6eb24a80&fsb=1&dtd=405
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 22 Dec 2023 02:54:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 9868 0
39 B 148ms
50ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1k6gcg8aprhycw46d3q23976rr7rfpfz3f9v2mx7syjkwhqka53xnfzsx532bcpm8cgs7scbf7m8r25n5j6n1cfyxy64nqzd40qjnsm3s7f3zcyd304sjz20f3n555w4byz2kfkg7mvqwss4z06v5g8csvsw2xsk8hme5g4c4cdqhs0ywhq3x5nwkw5kt36ckqm8ec5awg9gt0nxf04j9wdnzxq6x73p3twgvjk38wvabypkmcrvqs6pqt780s06crj6ta0w1djf1kf3h7ep8rjh1sanpe07wd2kvb1wcseevpe3aw4k0j2kkpmgwcjdb7n7fyzfjj6kxw9zgq6hym1na8y3vrm2esfs3tmkmgeq0av2dpvzz7whr6szq13cdenxjd7868ad2wr&b=ZYT6YAAJFBIHg4FjAA9GU0fOr0L2USCrzKFqGQ&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664159&bpp=163&bdt=208&idt=395&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=951253811&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079979%2C31080103%2C42532599%2C44809005%2C95320869%2C95320884&oid=2&pvsid=3117365693374568&tmod=1040047305&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.aobx6eb24a80&fsb=1&dtd=405
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 02:54:25 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 532E 0
19 B 84ms
84ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnkUdYPqEZbWvLM6kjuwPzIyP6AWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzQFP0GP7fvYey615YWDKhI7FbRfN5LepqUSg0aT6NBC1Vgy9SIZIqnyFoiBvihtYydq_533W_Y4q_e3lgm1D5wet9VkFEUiPHXAmw55h8kZ5IrU3EyoiKI3evQMJv9yoIuFmY23ZzazrSr56LwdK57tMNbBE8Gn_xh0j-s2RFGqpQkVLaPQ_JNt3VnrgN2NtiKMIeHeaiEQXl8iQZVmoTd96KfLqVozQZdIAqQqbDsgQQUdrn0qnxmvIs1d67u0ROfGmY8V9M4jWsjDhCNSegAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WL3E2auFooMDgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU4ODQyOTQ0NzkzOTE2MzgYmdIh&sigh=WuIBuVakzR0&uach_m=%5BUACH%5D&cid=CAQSKQAvHhf_v0cbX0RhZ18s2a2pMp4EK3qIpvJ_tnhKGKq2Y5EE0Nd5oxy-GAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664221&bpp=153&bdt=273&idt=465&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=0&ifk=951579278&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C42532524%2C44795921%2C95320884&oid=2&pvsid=414464868954654&tmod=1465507687&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.a5ruky4zylrd&fsb=1&dtd=475
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 22 Dec 2023 02:54:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 532E 0
103 B 145ms
49ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hzp8c65y75d4cvbxkwz683cf6mrdcaw8mhwz1efet89sjb0kerp1gvvmem5et1hjjm1ecb0jk35r68zfpxr6hpr28mh6r492401jrmh6t9s28a95b3ad109wz7k353edpa18xdjxg3z5n2688vprt1t6vhf7mp6etqgerg7kpm3z98dca3czt9xbbfzrmysxem7jnew9d7v97zjwks4zcpd0ng2v4vxyd2ebkfm6vk7kbdnvjwjaar4ytq5v4y3ccwrqcqzgxkgmhkw8wdf07fbkgh4cecnsprv278nawphapjxt76j4a81xgaq15ege2a7abnd30nv1zthe3nejsnsyvypwdh44dg8myfddft5nszhj7frfzthp73t0saxgc92yybzyj42mag&b=ZYT6YAALF7UHg5JOAAPGTBHWSXGLLJQe9Iothw&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703213664221&bpp=153&bdt=273&idt=465&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7464&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=160&ish=0&ifk=951579278&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C42532524%2C44795921%2C95320884&oid=2&pvsid=414464868954654&tmod=1465507687&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.a5ruky4zylrd&fsb=1&dtd=475
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 22 Dec 2023 02:54:25 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

POST
H3 200 rs Show response
ad4m.at/ Frame A89F 2 KB
2 KB 64ms
61ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 925d479a9efda6360ac4a240166c2f4e74c3d6360444433b6c12ff505189bbfe

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FzAILeXscPxxcZlUPakccbDYKV1D4trSScp7dBm4PtlJjSkKhwM9Z5usgN0iD024pacYaAt3Wxse8a16hE2CYU%2F2XN%2BvXd%2BTNHQ2YBjy9P0fFJv%2B4SF6ryapQ5J7vp4J05%2BjH14%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 839514807ac94d2b-FRA
x-backend-server: aa-reachservice-group-europe-west1-cf45
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 59ms
59ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 839514800aa24d2b-FRA
content-length: 24
content-type: text/plain
date: Fri, 22 Dec 2023 02:54:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=flXlzu5%2BGlC0JbzIfEjuydzUuDIjPDPHyG39tzzg7f%2B81%2FOG8%2B3Km8Yi6BfaYdVAf3CVi4tPfAhvfyCJ2WvzWyfFmIwVWYdI9EZEIVXBbwZ4ec3CilzWDNZ755CMXDudYP2d6zc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-cf45

POST
H3 200 rs Show response
ad4m.at/ Frame BDC1 2 KB
2 KB 61ms
60ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be3c6af903c221d812422349dfab92cbda69943b48eea17636db3fc307531282

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rojNXGRnsxbVXgipJ9mg%2BgKq%2BwUNwanCs22R42UtkSqQxuiITkutHp9MM4Q0txyQYH2Pl%2F7rK2wNVbn8%2BywIgXWMi4yRRq96UgRJRHccQ9wHgQkybfvKNcm1UcKsFF69VuKKjnA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 839514807acb4d2b-FRA
x-backend-server: aa-reachservice-group-europe-west1-cf45
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 62ms
61ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 839514800aa34d2b-FRA
content-length: 24
content-type: text/plain
date: Fri, 22 Dec 2023 02:54:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8FlbCeVWGLoc5EYpnX1r0v10334egLHEw9tFR8H37mxZgnKxZ2GCq3A36UmGnvWukWna8dW%2BDcqbxMG0HI54bVUUE8igydEpDQpUqCeEmU7P6H0m68hfu99MNfWXK%2ByprC5ghOM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-cf45

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame A474 9 KB
4 KB 60ms
60ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=34719%2C117569%2C186460&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cbk8aQfZf5mB8hYHbHztKtpb1tbSJTMMZHKqQP&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C3qjcpf4fXjKbH7HrHAtXCpY1tPSWTKKMsg2Y3&c=160&d=600&e=&g=38587e0d836560be13e155290a68adb3%2F15916377107025026543&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665305&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcrg2jgaqp056pg4fhfhhrft35anjy0vfd07x39mwb1y7bvpybxzzbjy98f325v80wwx92nwh06cehn1n9c9nzweqa06g5tn7s619ekpw4my5y7b1q48y1de77pexmntz5sp8d90rtd0ra6rby89rmsdvaqgh1pkzmst8j6xsj3skbpn9gd3c5qpkpb80eb7jjj176yz61vfxpagcpcyfpcg95wyykykf129vwfmy6fcyxgrek6znccrb5wxfwffrpdgb387m71pm8gm58xj9xb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzwGmYPqEZbWvLM6kjuwPzIyP6AWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoE0AFP0GP7fvYey615YWDKhI7FbRfN5LepqUSg0aT6NBC1Vgy9SIZIqnyFoiBvihtYydq_533W_Y4q_e3lgm1D5wet9VkFEUiPHXAmw55h8kZ5IrU3EyoiKI3evQMJv9yoIuFmY23ZzazrSr56LwdK57tMNbBE8Gn_xh0j-s2RFGqpQkVLaPQ_JNt3VnrgN2NtiKMIeHeaiEQXl8iQZVmoTd96KfLqVozQZZACiJhM909QicAjCZDuVJnxp13X5MMJ5HFkKleFp5b6quU9l5RW5v4rgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WL3E2auFooMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0E-sZzH2UzK8XflhXSQWOZY54DnA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0a4289c14676dfc0f0a4e67406c4e3925a4560aafd34c364352307b215dce8

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jxsqf8z0n4hm922dz2dtvm2m40yz47azd86mxafrmyntrmmj474zykg8gy74nyzxjqdbt25pbaqm4m1j0rwhnr2jpwk2y8n4jzz0axcmq569tmdzgfxwmggrjg4baj30b26qgzzryv0ksy37wmxh9eafqgn1cxpp9hmncadx9rfj5kmscr0gsc02z28x2p2w02jmh9j4vx88jn05w692x6rkvr5hp8a228f7kbjt80sxkrfsnzwzf1kg43b6kesfbxeqawa73vdkmf6ekn90wem3bh7hrm1bh61td5vpkg89whvxj938n33vmr4hb8vxcsdhg58d1mze9nemt78ckbeb1xbagsm7w52h8zaef62wjqj59pm60t5b9tbv4kw8h6ajyw4y251p8j53dzwz06nzd19f0rt1zc5v5ee6y91jzb0wnr358qhe35jjwg1ce25dxwpw8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzwGmYPqEZbWvLM6kjuwPzIyP6AWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoE0AFP0GP7fvYey615YWDKhI7FbRfN5LepqUSg0aT6NBC1Vgy9SIZIqnyFoiBvihtYydq_533W_Y4q_e3lgm1D5wet9VkFEUiPHXAmw55h8kZ5IrU3EyoiKI3evQMJv9yoIuFmY23ZzazrSr56LwdK57tMNbBE8Gn_xh0j-s2RFGqpQkVLaPQ_JNt3VnrgN2NtiKMIeHeaiEQXl8iQZVmoTd96KfLqVozQZZACiJhM909QicAjCZDuVJnxp13X5MMJ5HFkKleFp5b6quU9l5RW5v4rgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WL3E2auFooMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0E-sZzH2UzK8XflhXSQWOZY54DnA%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83951480bf2269a3-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 02:54:25 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 88CC 12 KB
5 KB 72ms
71ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=43766%2C19769%2C197862&b=791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=EDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=774f1bcbd26475852907acf81697e492%2F15003327681042682644&i=24891%2C21630%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665327&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkf1ka9hzfggpb3s5k7rg5hw7ke8q7f3209cx54x1y5zye2qth03bxbc0rcyhthrk14s5gvykksmfk19pxa85zm5tcrszp39yjb44410bejq2khjkcwekbgap2wce04t545e6xjzeb6as06zpfhktr2w9cjgmawn6jbsszg2vqf1ypm2h6rcrxxy8hh0p4jr2hv6y5s814f6jnpmcxktzf7m0nwedm8saqrfa4gf77zthz4kbr512w4tj995xn48gsnjty0qw71dpg13ycnzqax%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmYMzYPqEZZKoJOOCjuwP04y9mA6Q4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0EpMjG6qmCWrYwDoFyuBqCUAIbucQx46UdsuGvntxgjDEC8eIdxubxosEhqYbcTYe0PLF0Ln5rAurh2oWzU0aC5XEd5nH0ZSSIfabxFrb2d75vaaf8YFdaRjiD24KspUsznbEl63v-X8_X0uN5q1HVM1Z4W2aVGvCscVxnZIgrMBx-i5D5qcO0qa5CM4h0rkszAsQmu_PZMJ21UhfDZotzaXs2V50TLHdA1pXQpwLsb7ZDoKCsCFRNVSRawxqb5X1ED0ZH2KvjjtVtCIqJOABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYxr_Rq4WigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3g-omR_KxnBiFj5rUvQGdu1yei3w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3caf8f65729ece5b88a5d80c2ed78cc766a7effba9e2698074fb570496ce8a58

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1h02ce4efd19e63gkf5ckd42074q8wdtb1nzq0kw2e3yp8d9j5hcvd8ecetabekbrt8ypc377ha0e56jf9dhap1e7n5qwqszc99rc9bc8bskn6v15a1a05rr32t645evhyg7q5v4tdrb2etak366q0acy7bxabje075gmpchnpxbvvx2p3eh3jyrggw9jdvyva425hsbanc734f247rsv0dzpgt6cj33sxs74q1vphfp35d7m17g9nhn7vqrj6vzw390j1pgsjvqadtn7ze9b51jvasfrsrv1k96keyr6q8fam16bytgbsh409wt30njr6vpcj37djtye5q6dsytbsk5gr5te0jmg42ttwwm3pq234vcn19mhcbkf5ajtpc9avxn9683mxabwwxwb179nz1znsppa6zv6a39t38n8sncpxzvebyt1g7jk4012yp71pa77yx7&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmYMzYPqEZZKoJOOCjuwP04y9mA6Q4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0EpMjG6qmCWrYwDoFyuBqCUAIbucQx46UdsuGvntxgjDEC8eIdxubxosEhqYbcTYe0PLF0Ln5rAurh2oWzU0aC5XEd5nH0ZSSIfabxFrb2d75vaaf8YFdaRjiD24KspUsznbEl63v-X8_X0uN5q1HVM1Z4W2aVGvCscVxnZIgrMBx-i5D5qcO0qa5CM4h0rkszAsQmu_PZMJ21UhfDZotzaXs2V50TLHdA1pXQpwLsb7ZDoKCsCFRNVSRawxqb5X1ED0ZH2KvjjtVtCIqJOABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYxr_Rq4WigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3g-omR_KxnBiFj5rUvQGdu1yei3w%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83951480df2969a3-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 02:54:25 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 66F0 12 KB
5 KB 64ms
64ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=537178%2C183975%2C22925&b=dk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye&f=KXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k&c=728&d=90&e=&g=1211612987f6e0d2ad53f4d010e6fdb5%2F12398439266323129819&i=21596%2C20597%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665328&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jfpag63yzjyka8hjex2m5t7d4jdz4g856pvzh5p24twp5mmj8j057dw7tk7d3g0q1wxveyehv31fwxg1stvj8535rmq9b7y3b5be2qzwbvwanc7624ksgr7gxrjgdehhbbed88dstqvfm7emf5en0xk5fvzgfsz1y5gs21dsamwb6wnpav4qyam2sv8hsfrhj3fzh06j0cfk5exb02bs3035h8r7mqjxsfaarj8vfrfgcgzred7wewraz0h197j2n8dw43vths72w71m34yrnw6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyuRDYPqEZeuEKISBjuwPgNyfyAqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0Op5dP-vux1U7l9bjTOpZPikHKcE4HtnEE3Ds_H2R9x_jOg0KK08vRDd6OuKcg7ZNOQF7YDaQcHLISBCtThXnqBAThbUGl7rri_iX81m392cSGgz0OpSc2tEp-THgYn-nvqlYrj0IFrChDOIfWOgiKn4R8V2rKY1Ae4W4aTjZrfLk_KUAIDamntOVUps1snPwE9wgB3caH7PS77or9Sk9oINORAnfXqm3cKKuuflmnQ-46GqEvTuAnoEiX2hE74nH6diXmXOHJMhMyAqswCABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYjpjVq4WigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2dYQn-8eqxoaXKUD8kIbpNY3Kzjw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b96cfbd69a218f70655dcef6405c3fbc4e6c90c41030ec5d38232510697b0404

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1gcpdemthc50j68xgc24gmj7jd8f0nc1ns56y4b0c0zynkt849mey93jrca728t52r5g1g9vegq77zx57yswgzpwmy2sngvsca27bgv5dnqjvsptbqme1bsz296pfwzwqtm3mga7h9e4gewnwsy5dtrm3pw9hhpphkb3rb2t36z4a396pbscxqs9c2r3h2y3s6v4a4egztgtwxxtn0rpwhebw71jgjthzcark4ynz0v4cx0ddtmtcn2zr07cb9hfa5ebg9hn3q73q3937670z242grgh32w66prk5y0j9wgc64jwb90ecw8yfrxnyea0gvkrbrwrw2jex09py4x7e1wbsckggjp98cstwepn6p3jgast4mfyr8sm58x9xcybvjzcxr8tgbwagwydf0069cnz9ae87kc55ps3vj7sm7tw3hbx018ggmsagw0jhj4vz4kay1vt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyuRDYPqEZeuEKISBjuwPgNyfyAqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0Op5dP-vux1U7l9bjTOpZPikHKcE4HtnEE3Ds_H2R9x_jOg0KK08vRDd6OuKcg7ZNOQF7YDaQcHLISBCtThXnqBAThbUGl7rri_iX81m392cSGgz0OpSc2tEp-THgYn-nvqlYrj0IFrChDOIfWOgiKn4R8V2rKY1Ae4W4aTjZrfLk_KUAIDamntOVUps1snPwE9wgB3caH7PS77or9Sk9oINORAnfXqm3cKKuuflmnQ-46GqEvTuAnoEiX2hE74nH6diXmXOHJMhMyAqswCABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYjpjVq4WigwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2dYQn-8eqxoaXKUD8kIbpNY3Kzjw%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83951480df2a69a3-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 02:54:25 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame A474 115 KB
14 KB 52ms
51ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C117569%2C186460&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cbk8aQfZf5mB8hYHbHztKtpb1tbSJTMMZHKqQP&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C3qjcpf4fXjKbH7HrHAtXCpY1tPSWTKKMsg2Y3&c=160&d=600&e=&g=38587e0d836560be13e155290a68adb3%2F15916377107025026543&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665305&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcrg2jgaqp056pg4fhfhhrft35anjy0vfd07x39mwb1y7bvpybxzzbjy98f325v80wwx92nwh06cehn1n9c9nzweqa06g5tn7s619ekpw4my5y7b1q48y1de77pexmntz5sp8d90rtd0ra6rby89rmsdvaqgh1pkzmst8j6xsj3skbpn9gd3c5qpkpb80eb7jjj176yz61vfxpagcpcyfpcg95wyykykf129vwfmy6fcyxgrek6znccrb5wxfwffrpdgb387m71pm8gm58xj9xb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzwGmYPqEZbWvLM6kjuwPzIyP6AWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoE0AFP0GP7fvYey615YWDKhI7FbRfN5LepqUSg0aT6NBC1Vgy9SIZIqnyFoiBvihtYydq_533W_Y4q_e3lgm1D5wet9VkFEUiPHXAmw55h8kZ5IrU3EyoiKI3evQMJv9yoIuFmY23ZzazrSr56LwdK57tMNbBE8Gn_xh0j-s2RFGqpQkVLaPQ_JNt3VnrgN2NtiKMIeHeaiEQXl8iQZVmoTd96KfLqVozQZZACiJhM909QicAjCZDuVJnxp13X5MMJ5HFkKleFp5b6quU9l5RW5v4rgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WL3E2auFooMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0E-sZzH2UzK8XflhXSQWOZY54DnA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=34719%2C117569%2C186460&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cbk8aQfZf5mB8hYHbHztKtpb1tbSJTMMZHKqQP&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C3qjcpf4fXjKbH7HrHAtXCpY1tPSWTKKMsg2Y3&c=160&d=600&e=&g=38587e0d836560be13e155290a68adb3%2F15916377107025026543&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665305&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcrg2jgaqp056pg4fhfhhrft35anjy0vfd07x39mwb1y7bvpybxzzbjy98f325v80wwx92nwh06cehn1n9c9nzweqa06g5tn7s619ekpw4my5y7b1q48y1de77pexmntz5sp8d90rtd0ra6rby89rmsdvaqgh1pkzmst8j6xsj3skbpn9gd3c5qpkpb80eb7jjj176yz61vfxpagcpcyfpcg95wyykykf129vwfmy6fcyxgrek6znccrb5wxfwffrpdgb387m71pm8gm58xj9xb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzwGmYPqEZbWvLM6kjuwPzIyP6AWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoE0AFP0GP7fvYey615YWDKhI7FbRfN5LepqUSg0aT6NBC1Vgy9SIZIqnyFoiBvihtYydq_533W_Y4q_e3lgm1D5wet9VkFEUiPHXAmw55h8kZ5IrU3EyoiKI3evQMJv9yoIuFmY23ZzazrSr56LwdK57tMNbBE8Gn_xh0j-s2RFGqpQkVLaPQ_JNt3VnrgN2NtiKMIeHeaiEQXl8iQZVmoTd96KfLqVozQZZACiJhM909QicAjCZDuVJnxp13X5MMJ5HFkKleFp5b6quU9l5RW5v4rgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WL3E2auFooMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0E-sZzH2UzK8XflhXSQWOZY54DnA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 781484
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLdHH0R0Tk9fcdnq8HB1ujmJm0V1pTTuVCZBZJAaDm5sPwZ0L5uAnjPplvlkx9RdDI5%2Bd3c3nhY6dP1uPGBq2yAM9VPWzCFiE5LL2MrCB9%2Fh0fI1zHrnYDPDZ6QZzYOt6JswG%2BqonRw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 839514811f6269a3-FRA
expires: Sat, 23 Dec 2023 02:54:25 GMT

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame A474 9 KB
9 KB 107ms
91ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C117569%2C186460&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cbk8aQfZf5mB8hYHbHztKtpb1tbSJTMMZHKqQP&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C3qjcpf4fXjKbH7HrHAtXCpY1tPSWTKKMsg2Y3&c=160&d=600&e=&g=38587e0d836560be13e155290a68adb3%2F15916377107025026543&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665305&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcrg2jgaqp056pg4fhfhhrft35anjy0vfd07x39mwb1y7bvpybxzzbjy98f325v80wwx92nwh06cehn1n9c9nzweqa06g5tn7s619ekpw4my5y7b1q48y1de77pexmntz5sp8d90rtd0ra6rby89rmsdvaqgh1pkzmst8j6xsj3skbpn9gd3c5qpkpb80eb7jjj176yz61vfxpagcpcyfpcg95wyykykf129vwfmy6fcyxgrek6znccrb5wxfwffrpdgb387m71pm8gm58xj9xb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzwGmYPqEZbWvLM6kjuwPzIyP6AWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoE0AFP0GP7fvYey615YWDKhI7FbRfN5LepqUSg0aT6NBC1Vgy9SIZIqnyFoiBvihtYydq_533W_Y4q_e3lgm1D5wet9VkFEUiPHXAmw55h8kZ5IrU3EyoiKI3evQMJv9yoIuFmY23ZzazrSr56LwdK57tMNbBE8Gn_xh0j-s2RFGqpQkVLaPQ_JNt3VnrgN2NtiKMIeHeaiEQXl8iQZVmoTd96KfLqVozQZZACiJhM909QicAjCZDuVJnxp13X5MMJ5HFkKleFp5b6quU9l5RW5v4rgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WL3E2auFooMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0E-sZzH2UzK8XflhXSQWOZY54DnA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2070237
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 8772
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:13:38 GMT
server: cloudflare
etag: "15b1f39d668aa86c2ba2ba17d94cc733"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6c61BZi9WkkeaVLmzgwyDrgvXyq7IvcNkZsXxBmwkdAYhRIrLhLD03t7P0Vq6Q54Gh75bGzRJSOyTHGZan1PxVyw8aj3lSb2TL1l95XsKQjHVPGwC4WrIIh9nGhMIhrmopW4SBBdUl4jWdr"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 839514813d5f3a64-FRA

GET
H2 200 2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
assets.ad4m.at/ Frame A474 32 KB
33 KB 66ms
50ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C117569%2C186460&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cbk8aQfZf5mB8hYHbHztKtpb1tbSJTMMZHKqQP&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C3qjcpf4fXjKbH7HrHAtXCpY1tPSWTKKMsg2Y3&c=160&d=600&e=&g=38587e0d836560be13e155290a68adb3%2F15916377107025026543&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665305&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcrg2jgaqp056pg4fhfhhrft35anjy0vfd07x39mwb1y7bvpybxzzbjy98f325v80wwx92nwh06cehn1n9c9nzweqa06g5tn7s619ekpw4my5y7b1q48y1de77pexmntz5sp8d90rtd0ra6rby89rmsdvaqgh1pkzmst8j6xsj3skbpn9gd3c5qpkpb80eb7jjj176yz61vfxpagcpcyfpcg95wyykykf129vwfmy6fcyxgrek6znccrb5wxfwffrpdgb387m71pm8gm58xj9xb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzwGmYPqEZbWvLM6kjuwPzIyP6AWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoE0AFP0GP7fvYey615YWDKhI7FbRfN5LepqUSg0aT6NBC1Vgy9SIZIqnyFoiBvihtYydq_533W_Y4q_e3lgm1D5wet9VkFEUiPHXAmw55h8kZ5IrU3EyoiKI3evQMJv9yoIuFmY23ZzazrSr56LwdK57tMNbBE8Gn_xh0j-s2RFGqpQkVLaPQ_JNt3VnrgN2NtiKMIeHeaiEQXl8iQZVmoTd96KfLqVozQZZACiJhM909QicAjCZDuVJnxp13X5MMJ5HFkKleFp5b6quU9l5RW5v4rgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WL3E2auFooMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0E-sZzH2UzK8XflhXSQWOZY54DnA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e23b6f4539643a37f0d615a630a76fc48571ebb8b0a9219ad38b4827a60ee18c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3461522
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 33043
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:07:19 GMT
server: cloudflare
etag: "4248eb804269666620fb86952a326d7e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2F9FkVFBKa7ZIWBOmfQHLTvjjcKcmefa5Tn2CXa1O8p2PMMl7yFSY6CrOGn%2B9Wxjpn4ESbC5IVMGLfQTXdGuD9S52jfq4kcREEi62HXjouwXSDzcb956v79UdptRRr4fEg1INdGCP8%2FXrHQN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 839514813d633a64-FRA

GET
H2 200 2aed39855b5f46b7651ba591340f258c
pv.medialead.de/trck/epv/ Frame A474 0
327 B 451ms
310ms Image
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/epv/2aed39855b5f46b7651ba591340f258c?t=htlp&subid=wkzMotivBoneidKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25boneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C117569%2C186460&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cbk8aQfZf5mB8hYHbHztKtpb1tbSJTMMZHKqQP&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C3qjcpf4fXjKbH7HrHAtXCpY1tPSWTKKMsg2Y3&c=160&d=600&e=&g=38587e0d836560be13e155290a68adb3%2F15916377107025026543&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665305&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcrg2jgaqp056pg4fhfhhrft35anjy0vfd07x39mwb1y7bvpybxzzbjy98f325v80wwx92nwh06cehn1n9c9nzweqa06g5tn7s619ekpw4my5y7b1q48y1de77pexmntz5sp8d90rtd0ra6rby89rmsdvaqgh1pkzmst8j6xsj3skbpn9gd3c5qpkpb80eb7jjj176yz61vfxpagcpcyfpcg95wyykykf129vwfmy6fcyxgrek6znccrb5wxfwffrpdgb387m71pm8gm58xj9xb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzwGmYPqEZbWvLM6kjuwPzIyP6AWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoE0AFP0GP7fvYey615YWDKhI7FbRfN5LepqUSg0aT6NBC1Vgy9SIZIqnyFoiBvihtYydq_533W_Y4q_e3lgm1D5wet9VkFEUiPHXAmw55h8kZ5IrU3EyoiKI3evQMJv9yoIuFmY23ZzazrSr56LwdK57tMNbBE8Gn_xh0j-s2RFGqpQkVLaPQ_JNt3VnrgN2NtiKMIeHeaiEQXl8iQZVmoTd96KfLqVozQZZACiJhM909QicAjCZDuVJnxp13X5MMJ5HFkKleFp5b6quU9l5RW5v4rgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WL3E2auFooMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0E-sZzH2UzK8XflhXSQWOZY54DnA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
attribution-reporting-register-source: {"source_event_id":"17200573720103333","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame A474 2 KB
2 KB 105ms
91ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C117569%2C186460&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cbk8aQfZf5mB8hYHbHztKtpb1tbSJTMMZHKqQP&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C3qjcpf4fXjKbH7HrHAtXCpY1tPSWTKKMsg2Y3&c=160&d=600&e=&g=38587e0d836560be13e155290a68adb3%2F15916377107025026543&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665305&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcrg2jgaqp056pg4fhfhhrft35anjy0vfd07x39mwb1y7bvpybxzzbjy98f325v80wwx92nwh06cehn1n9c9nzweqa06g5tn7s619ekpw4my5y7b1q48y1de77pexmntz5sp8d90rtd0ra6rby89rmsdvaqgh1pkzmst8j6xsj3skbpn9gd3c5qpkpb80eb7jjj176yz61vfxpagcpcyfpcg95wyykykf129vwfmy6fcyxgrek6znccrb5wxfwffrpdgb387m71pm8gm58xj9xb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzwGmYPqEZbWvLM6kjuwPzIyP6AWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoE0AFP0GP7fvYey615YWDKhI7FbRfN5LepqUSg0aT6NBC1Vgy9SIZIqnyFoiBvihtYydq_533W_Y4q_e3lgm1D5wet9VkFEUiPHXAmw55h8kZ5IrU3EyoiKI3evQMJv9yoIuFmY23ZzazrSr56LwdK57tMNbBE8Gn_xh0j-s2RFGqpQkVLaPQ_JNt3VnrgN2NtiKMIeHeaiEQXl8iQZVmoTd96KfLqVozQZZACiJhM909QicAjCZDuVJnxp13X5MMJ5HFkKleFp5b6quU9l5RW5v4rgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WL3E2auFooMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0E-sZzH2UzK8XflhXSQWOZY54DnA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 99161
cf-polished: origFmt=png, origSize=2170
alt-svc: h3=":443"; ma=86400
content-length: 1662
cf-bgj: imgq:85,h2pri
last-modified: Mon, 13 Nov 2023 08:38:25 GMT
server: cloudflare
etag: "4721aa7c2d5fa652c8092463f9a485bd"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nv1AoOCntWUPrRSx0RQKWqqo0lD4yXiJY4nlAVubIGFGxwBSYEPJlx8h8sltW4fR%2FvB1HYw5ZSDcr4KrA3WpYES5xhzRFHZNN4aw50fThxkyaKt4qMuKYATuLOJS%2B9%2FGRmNTsJbJR8vWJiQu"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 839514813d623a64-FRA

GET
H2 200 B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame A474 23 KB
23 KB 62ms
49ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C117569%2C186460&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cbk8aQfZf5mB8hYHbHztKtpb1tbSJTMMZHKqQP&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C3qjcpf4fXjKbH7HrHAtXCpY1tPSWTKKMsg2Y3&c=160&d=600&e=&g=38587e0d836560be13e155290a68adb3%2F15916377107025026543&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665305&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcrg2jgaqp056pg4fhfhhrft35anjy0vfd07x39mwb1y7bvpybxzzbjy98f325v80wwx92nwh06cehn1n9c9nzweqa06g5tn7s619ekpw4my5y7b1q48y1de77pexmntz5sp8d90rtd0ra6rby89rmsdvaqgh1pkzmst8j6xsj3skbpn9gd3c5qpkpb80eb7jjj176yz61vfxpagcpcyfpcg95wyykykf129vwfmy6fcyxgrek6znccrb5wxfwffrpdgb387m71pm8gm58xj9xb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzwGmYPqEZbWvLM6kjuwPzIyP6AWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoE0AFP0GP7fvYey615YWDKhI7FbRfN5LepqUSg0aT6NBC1Vgy9SIZIqnyFoiBvihtYydq_533W_Y4q_e3lgm1D5wet9VkFEUiPHXAmw55h8kZ5IrU3EyoiKI3evQMJv9yoIuFmY23ZzazrSr56LwdK57tMNbBE8Gn_xh0j-s2RFGqpQkVLaPQ_JNt3VnrgN2NtiKMIeHeaiEQXl8iQZVmoTd96KfLqVozQZZACiJhM909QicAjCZDuVJnxp13X5MMJ5HFkKleFp5b6quU9l5RW5v4rgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WL3E2auFooMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0E-sZzH2UzK8XflhXSQWOZY54DnA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3270720
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 23392
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:08:23 GMT
server: cloudflare
etag: "faa9f958d13ef03f911b71f117846705"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5O4%2FtlXWFOX8cLKE1J8ADltN%2Bm4MDyS1UKpP%2FX8MbVIgaafMT4YPKXsbIA%2FFpNpnXnYFjhYslcHC6YZP4E1NZhAFA%2FBhszk5WHAkNUH1hBk8RHDfjWtZexo6Jir3pmsD%2F5iL%2BD4OU22ZWWvD"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 839514813d613a64-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame A474 43 B
702 B 212ms
90ms Image
image/gif 2.23.68.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C117569%2C186460&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cbk8aQfZf5mB8hYHbHztKtpb1tbSJTMMZHKqQP&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C3qjcpf4fXjKbH7HrHAtXCpY1tPSWTKKMsg2Y3&c=160&d=600&e=&g=38587e0d836560be13e155290a68adb3%2F15916377107025026543&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665305&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcrg2jgaqp056pg4fhfhhrft35anjy0vfd07x39mwb1y7bvpybxzzbjy98f325v80wwx92nwh06cehn1n9c9nzweqa06g5tn7s619ekpw4my5y7b1q48y1de77pexmntz5sp8d90rtd0ra6rby89rmsdvaqgh1pkzmst8j6xsj3skbpn9gd3c5qpkpb80eb7jjj176yz61vfxpagcpcyfpcg95wyykykf129vwfmy6fcyxgrek6znccrb5wxfwffrpdgb387m71pm8gm58xj9xb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzwGmYPqEZbWvLM6kjuwPzIyP6AWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoE0AFP0GP7fvYey615YWDKhI7FbRfN5LepqUSg0aT6NBC1Vgy9SIZIqnyFoiBvihtYydq_533W_Y4q_e3lgm1D5wet9VkFEUiPHXAmw55h8kZ5IrU3EyoiKI3evQMJv9yoIuFmY23ZzazrSr56LwdK57tMNbBE8Gn_xh0j-s2RFGqpQkVLaPQ_JNt3VnrgN2NtiKMIeHeaiEQXl8iQZVmoTd96KfLqVozQZZACiJhM909QicAjCZDuVJnxp13X5MMJ5HFkKleFp5b6quU9l5RW5v4rgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WL3E2auFooMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0E-sZzH2UzK8XflhXSQWOZY54DnA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.23.68.89 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-23-68-89.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Dec 2023 02:54:25 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 F1668CEEF41AAD8A0C029F9D23FE46EC6F8068CDC15DA60F85AFC1E3BD14A8C560B4DF91D88D53A78DBCC7160246BC21A8B17CCED604428331EE91402A545B83
assets.ad4m.at/logo/ Frame A474 9 KB
10 KB 103ms
90ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F1668CEEF41AAD8A0C029F9D23FE46EC6F8068CDC15DA60F85AFC1E3BD14A8C560B4DF91D88D53A78DBCC7160246BC21A8B17CCED604428331EE91402A545B83
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C117569%2C186460&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cbk8aQfZf5mB8hYHbHztKtpb1tbSJTMMZHKqQP&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C3qjcpf4fXjKbH7HrHAtXCpY1tPSWTKKMsg2Y3&c=160&d=600&e=&g=38587e0d836560be13e155290a68adb3%2F15916377107025026543&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665305&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcrg2jgaqp056pg4fhfhhrft35anjy0vfd07x39mwb1y7bvpybxzzbjy98f325v80wwx92nwh06cehn1n9c9nzweqa06g5tn7s619ekpw4my5y7b1q48y1de77pexmntz5sp8d90rtd0ra6rby89rmsdvaqgh1pkzmst8j6xsj3skbpn9gd3c5qpkpb80eb7jjj176yz61vfxpagcpcyfpcg95wyykykf129vwfmy6fcyxgrek6znccrb5wxfwffrpdgb387m71pm8gm58xj9xb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzwGmYPqEZbWvLM6kjuwPzIyP6AWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoE0AFP0GP7fvYey615YWDKhI7FbRfN5LepqUSg0aT6NBC1Vgy9SIZIqnyFoiBvihtYydq_533W_Y4q_e3lgm1D5wet9VkFEUiPHXAmw55h8kZ5IrU3EyoiKI3evQMJv9yoIuFmY23ZzazrSr56LwdK57tMNbBE8Gn_xh0j-s2RFGqpQkVLaPQ_JNt3VnrgN2NtiKMIeHeaiEQXl8iQZVmoTd96KfLqVozQZZACiJhM909QicAjCZDuVJnxp13X5MMJ5HFkKleFp5b6quU9l5RW5v4rgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WL3E2auFooMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0E-sZzH2UzK8XflhXSQWOZY54DnA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dd5bb9fda081a3cb1bd6d513edb1a71746031bec07d8c646abe5813ba9dd4c4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100818
cf-polished: qual=85, origFmt=jpeg, origSize=13332
alt-svc: h3=":443"; ma=86400
content-length: 9604
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Nov 2023 17:02:02 GMT
server: cloudflare
etag: "23e86ef8ba51d351917574e3e8d33ca5"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h7wt%2FZcxLh%2BBtQZCDX6jXTcAiSoKjfixxBJRre5JLAeLwednJ0Mf%2BOTrTqn8eRSoBV2dyewSbjqwqTVZv9haT%2BOcGx7j0ss%2BAzIw2AloDKPRQ%2BwfDo01ArDObmjK2XEtSeR24MsauTzxnWbH"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 839514813d653a64-FRA

GET
H2 200 BE6DC3223230068E9577E01057A3B7B2EF16298C4CB50492A156BC698A0B935475C050BE8658A2EEFAFF80ECE4CCAAFC1E82AC22B24DC4054F36591D448FD712
assets.ad4m.at/ Frame A474 28 KB
29 KB 62ms
50ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/BE6DC3223230068E9577E01057A3B7B2EF16298C4CB50492A156BC698A0B935475C050BE8658A2EEFAFF80ECE4CCAAFC1E82AC22B24DC4054F36591D448FD712
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C117569%2C186460&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cbk8aQfZf5mB8hYHbHztKtpb1tbSJTMMZHKqQP&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C3qjcpf4fXjKbH7HrHAtXCpY1tPSWTKKMsg2Y3&c=160&d=600&e=&g=38587e0d836560be13e155290a68adb3%2F15916377107025026543&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665305&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcrg2jgaqp056pg4fhfhhrft35anjy0vfd07x39mwb1y7bvpybxzzbjy98f325v80wwx92nwh06cehn1n9c9nzweqa06g5tn7s619ekpw4my5y7b1q48y1de77pexmntz5sp8d90rtd0ra6rby89rmsdvaqgh1pkzmst8j6xsj3skbpn9gd3c5qpkpb80eb7jjj176yz61vfxpagcpcyfpcg95wyykykf129vwfmy6fcyxgrek6znccrb5wxfwffrpdgb387m71pm8gm58xj9xb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzwGmYPqEZbWvLM6kjuwPzIyP6AWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoE0AFP0GP7fvYey615YWDKhI7FbRfN5LepqUSg0aT6NBC1Vgy9SIZIqnyFoiBvihtYydq_533W_Y4q_e3lgm1D5wet9VkFEUiPHXAmw55h8kZ5IrU3EyoiKI3evQMJv9yoIuFmY23ZzazrSr56LwdK57tMNbBE8Gn_xh0j-s2RFGqpQkVLaPQ_JNt3VnrgN2NtiKMIeHeaiEQXl8iQZVmoTd96KfLqVozQZZACiJhM909QicAjCZDuVJnxp13X5MMJ5HFkKleFp5b6quU9l5RW5v4rgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WL3E2auFooMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0E-sZzH2UzK8XflhXSQWOZY54DnA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 013c46bb69056b44df46c3a4d22b3b4ec4eb52aa2d8253019988ffe1494caf7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1983637
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 28954
cf-bgj: imgq:85,h2pri
last-modified: Thu, 23 Nov 2023 07:58:31 GMT
server: cloudflare
etag: "85b2952dc2f72512aefd9f8454909e82"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzoLweUzb781krzbQDLrH1qhO65EKUAbPmVRvEkKEP6q26bFxMd2p9bep121p3R7i3%2Fm63a28PZ9dCv14Y3JTte1KPi3GwUXhFhZsVh2QHtnmJJA0oLhvJ3jpMmKyHiltg7jGsOhwcNmcliE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 839514813d663a64-FRA

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame A474
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CKOsjqyFooMDFXCNgwcd2SoP5Q;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbk8aQfZf5mB8hYHbHztKtpb1tbSJTMMZHKqQPoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1703213665_6abaf840-a075-11ee-8661-22610dd0df18

0
549 B

144ms
41ms

Image
text/plain

87.118.116.9
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1703213665_6abaf840-a075-11ee-8661-22610dd0df18
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C117569%2C186460&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2Cbk8aQfZf5mB8hYHbHztKtpb1tbSJTMMZHKqQP&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2C3qjcpf4fXjKbH7HrHAtXCpY1tPSWTKKMsg2Y3&c=160&d=600&e=&g=38587e0d836560be13e155290a68adb3%2F15916377107025026543&i=26474%2C29981%2C25174&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665305&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcrg2jgaqp056pg4fhfhhrft35anjy0vfd07x39mwb1y7bvpybxzzbjy98f325v80wwx92nwh06cehn1n9c9nzweqa06g5tn7s619ekpw4my5y7b1q48y1de77pexmntz5sp8d90rtd0ra6rby89rmsdvaqgh1pkzmst8j6xsj3skbpn9gd3c5qpkpb80eb7jjj176yz61vfxpagcpcyfpcg95wyykykf129vwfmy6fcyxgrek6znccrb5wxfwffrpdgb387m71pm8gm58xj9xb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzwGmYPqEZbWvLM6kjuwPzIyP6AWQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoE0AFP0GP7fvYey615YWDKhI7FbRfN5LepqUSg0aT6NBC1Vgy9SIZIqnyFoiBvihtYydq_533W_Y4q_e3lgm1D5wet9VkFEUiPHXAmw55h8kZ5IrU3EyoiKI3evQMJv9yoIuFmY23ZzazrSr56LwdK57tMNbBE8Gn_xh0j-s2RFGqpQkVLaPQ_JNt3VnrgN2NtiKMIeHeaiEQXl8iQZVmoTd96KfLqVozQZZACiJhM909QicAjCZDuVJnxp13X5MMJ5HFkKleFp5b6quU9l5RW5v4rgAblrL3p4bKX778BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WL3E2auFooMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0E-sZzH2UzK8XflhXSQWOZY54DnA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 87.118.116.9 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: km36617.keymachine.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Dec 2023 02:54:25 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Fri, 22 Dec 2023 02:54:25 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1703213665_6abaf840-a075-11ee-8661-22610dd0df18
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 66F0 115 KB
14 KB 50ms
49ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C183975%2C22925&b=dk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye&f=KXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k&c=728&d=90&e=&g=1211612987f6e0d2ad53f4d010e6fdb5%2F12398439266323129819&i=21596%2C20597%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665328&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jfpag63yzjyka8hjex2m5t7d4jdz4g856pvzh5p24twp5mmj8j057dw7tk7d3g0q1wxveyehv31fwxg1stvj8535rmq9b7y3b5be2qzwbvwanc7624ksgr7gxrjgdehhbbed88dstqvfm7emf5en0xk5fvzgfsz1y5gs21dsamwb6wnpav4qyam2sv8hsfrhj3fzh06j0cfk5exb02bs3035h8r7mqjxsfaarj8vfrfgcgzred7wewraz0h197j2n8dw43vths72w71m34yrnw6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyuRDYPqEZeuEKISBjuwPgNyfyAqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0Op5dP-vux1U7l9bjTOpZPikHKcE4HtnEE3Ds_H2R9x_jOg0KK08vRDd6OuKcg7ZNOQF7YDaQcHLISBCtThXnqBAThbUGl7rri_iX81m392cSGgz0OpSc2tEp-THgYn-nvqlYrj0IFrChDOIfWOgiKn4R8V2rKY1Ae4W4aTjZrfLk_KUAIDamntOVUps1snPwE9wgB3caH7PS77or9Sk9oINORAnfXqm3cKKuuflmnQ-46GqEvTuAnoEiX2hE74nH6diXmXOHJMhMyAqswCABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYjpjVq4WigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2dYQn-8eqxoaXKUD8kIbpNY3Kzjw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=537178%2C183975%2C22925&b=dk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye&f=KXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k&c=728&d=90&e=&g=1211612987f6e0d2ad53f4d010e6fdb5%2F12398439266323129819&i=21596%2C20597%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665328&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jfpag63yzjyka8hjex2m5t7d4jdz4g856pvzh5p24twp5mmj8j057dw7tk7d3g0q1wxveyehv31fwxg1stvj8535rmq9b7y3b5be2qzwbvwanc7624ksgr7gxrjgdehhbbed88dstqvfm7emf5en0xk5fvzgfsz1y5gs21dsamwb6wnpav4qyam2sv8hsfrhj3fzh06j0cfk5exb02bs3035h8r7mqjxsfaarj8vfrfgcgzred7wewraz0h197j2n8dw43vths72w71m34yrnw6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyuRDYPqEZeuEKISBjuwPgNyfyAqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0Op5dP-vux1U7l9bjTOpZPikHKcE4HtnEE3Ds_H2R9x_jOg0KK08vRDd6OuKcg7ZNOQF7YDaQcHLISBCtThXnqBAThbUGl7rri_iX81m392cSGgz0OpSc2tEp-THgYn-nvqlYrj0IFrChDOIfWOgiKn4R8V2rKY1Ae4W4aTjZrfLk_KUAIDamntOVUps1snPwE9wgB3caH7PS77or9Sk9oINORAnfXqm3cKKuuflmnQ-46GqEvTuAnoEiX2hE74nH6diXmXOHJMhMyAqswCABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYjpjVq4WigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2dYQn-8eqxoaXKUD8kIbpNY3Kzjw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 781484
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQ7J0vzCLbEJhd3ivxM%2F1WFIeYvTOXp9JVlRXjGdcM6J%2BpYPOwRpYxsVGfiOAhP1YqHn9nhmuZcHpnc9tSw24FtIdUqixStPd7MpD0vdnexgs8gYQGILTENxqnNUvOzwoHMTgNSd%2BG0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 839514814f6c69a3-FRA
expires: Sat, 23 Dec 2023 02:54:25 GMT

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 66F0 7 KB
7 KB 83ms
82ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C183975%2C22925&b=dk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye&f=KXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k&c=728&d=90&e=&g=1211612987f6e0d2ad53f4d010e6fdb5%2F12398439266323129819&i=21596%2C20597%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665328&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jfpag63yzjyka8hjex2m5t7d4jdz4g856pvzh5p24twp5mmj8j057dw7tk7d3g0q1wxveyehv31fwxg1stvj8535rmq9b7y3b5be2qzwbvwanc7624ksgr7gxrjgdehhbbed88dstqvfm7emf5en0xk5fvzgfsz1y5gs21dsamwb6wnpav4qyam2sv8hsfrhj3fzh06j0cfk5exb02bs3035h8r7mqjxsfaarj8vfrfgcgzred7wewraz0h197j2n8dw43vths72w71m34yrnw6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyuRDYPqEZeuEKISBjuwPgNyfyAqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0Op5dP-vux1U7l9bjTOpZPikHKcE4HtnEE3Ds_H2R9x_jOg0KK08vRDd6OuKcg7ZNOQF7YDaQcHLISBCtThXnqBAThbUGl7rri_iX81m392cSGgz0OpSc2tEp-THgYn-nvqlYrj0IFrChDOIfWOgiKn4R8V2rKY1Ae4W4aTjZrfLk_KUAIDamntOVUps1snPwE9wgB3caH7PS77or9Sk9oINORAnfXqm3cKKuuflmnQ-46GqEvTuAnoEiX2hE74nH6diXmXOHJMhMyAqswCABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYjpjVq4WigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2dYQn-8eqxoaXKUD8kIbpNY3Kzjw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 103716
cf-polished: qual=85, origFmt=jpeg, origSize=8714
alt-svc: h3=":443"; ma=86400
content-length: 6672
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 08:50:26 GMT
server: cloudflare
etag: "52953af169f970e1ac17ba40d8c26548"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mxmvEIjhdkH4wrf0POmp1FZi1nEe3pHfY%2FAvfwb0XmM3%2BawYJBwaP3AdXV9p8eb5DuNK8kdZMFq5xf7BlexK%2BreF%2Bx%2FI6z30M91dlVLF%2FxM4rLKOsat5r4omKQzy%2BUWpiEoiGvkvw2kRM9Z0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 839514814d693a64-FRA

GET
H2 200 E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
assets.ad4m.at/ Frame 66F0 25 KB
25 KB 82ms
81ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C183975%2C22925&b=dk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye&f=KXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k&c=728&d=90&e=&g=1211612987f6e0d2ad53f4d010e6fdb5%2F12398439266323129819&i=21596%2C20597%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665328&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jfpag63yzjyka8hjex2m5t7d4jdz4g856pvzh5p24twp5mmj8j057dw7tk7d3g0q1wxveyehv31fwxg1stvj8535rmq9b7y3b5be2qzwbvwanc7624ksgr7gxrjgdehhbbed88dstqvfm7emf5en0xk5fvzgfsz1y5gs21dsamwb6wnpav4qyam2sv8hsfrhj3fzh06j0cfk5exb02bs3035h8r7mqjxsfaarj8vfrfgcgzred7wewraz0h197j2n8dw43vths72w71m34yrnw6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyuRDYPqEZeuEKISBjuwPgNyfyAqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0Op5dP-vux1U7l9bjTOpZPikHKcE4HtnEE3Ds_H2R9x_jOg0KK08vRDd6OuKcg7ZNOQF7YDaQcHLISBCtThXnqBAThbUGl7rri_iX81m392cSGgz0OpSc2tEp-THgYn-nvqlYrj0IFrChDOIfWOgiKn4R8V2rKY1Ae4W4aTjZrfLk_KUAIDamntOVUps1snPwE9wgB3caH7PS77or9Sk9oINORAnfXqm3cKKuuflmnQ-46GqEvTuAnoEiX2hE74nH6diXmXOHJMhMyAqswCABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYjpjVq4WigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2dYQn-8eqxoaXKUD8kIbpNY3Kzjw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d276da068fea1049fbb29d0aaeda5b9fa8a38e50b3f55741ffe2899cd52e6d5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1362607
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 25413
cf-bgj: imgq:85,h2pri
last-modified: Wed, 06 Dec 2023 08:24:17 GMT
server: cloudflare
etag: "7e811696e8763f5dce86bbb648013620"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bBwKzSe3g9xL3RBnv6HwYMDgW2opXAdH9zvQQYtMcEaBHhhJ1xB%2BYQyaownol%2FFE2cZZ3ltCllM5wt%2BQYVkRoozG%2BPgjQ85DVXxD9yN1x42%2FunLsVXeLJfACAu1GDQ4hjEMff9xctETOH9hA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 839514814d6a3a64-FRA

GET
H2

200

ztpv.php
www.conrad.de/ Frame 66F0
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneiddk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPWoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1703213665_6aa83390-a075-11ee-bd07-2236e1f32b64&insert=AW&&gdpr=0&gdpr_consent=

0
493 B

152ms
51ms

Image
text/html

2606:4700::6810:c0cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1703213665_6aa83390-a075-11ee-bd07-2236e1f32b64&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C183975%2C22925&b=dk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye&f=KXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k&c=728&d=90&e=&g=1211612987f6e0d2ad53f4d010e6fdb5%2F12398439266323129819&i=21596%2C20597%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665328&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jfpag63yzjyka8hjex2m5t7d4jdz4g856pvzh5p24twp5mmj8j057dw7tk7d3g0q1wxveyehv31fwxg1stvj8535rmq9b7y3b5be2qzwbvwanc7624ksgr7gxrjgdehhbbed88dstqvfm7emf5en0xk5fvzgfsz1y5gs21dsamwb6wnpav4qyam2sv8hsfrhj3fzh06j0cfk5exb02bs3035h8r7mqjxsfaarj8vfrfgcgzred7wewraz0h197j2n8dw43vths72w71m34yrnw6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyuRDYPqEZeuEKISBjuwPgNyfyAqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0Op5dP-vux1U7l9bjTOpZPikHKcE4HtnEE3Ds_H2R9x_jOg0KK08vRDd6OuKcg7ZNOQF7YDaQcHLISBCtThXnqBAThbUGl7rri_iX81m392cSGgz0OpSc2tEp-THgYn-nvqlYrj0IFrChDOIfWOgiKn4R8V2rKY1Ae4W4aTjZrfLk_KUAIDamntOVUps1snPwE9wgB3caH7PS77or9Sk9oINORAnfXqm3cKKuuflmnQ-46GqEvTuAnoEiX2hE74nH6diXmXOHJMhMyAqswCABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYjpjVq4WigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2dYQn-8eqxoaXKUD8kIbpNY3Kzjw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6810:c0cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
cf-ray: 839514830fb02bcd-FRA
content-length: 0
expires: -1

Redirect headers

Date: Fri, 22 Dec 2023 02:54:25 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1703213665_6aa83390-a075-11ee-bd07-2236e1f32b64&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 71822252443746CAFD12D9E55FD268C1CD4E723FC7E6FEA7C619297C18F60F705EDC75D8C302298612ADE97D145F0B4D195653C63CDD1F77FE140282FF3AC22A
assets.ad4m.at/logo/ Frame 66F0 10 KB
10 KB 82ms
80ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/71822252443746CAFD12D9E55FD268C1CD4E723FC7E6FEA7C619297C18F60F705EDC75D8C302298612ADE97D145F0B4D195653C63CDD1F77FE140282FF3AC22A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C183975%2C22925&b=dk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye&f=KXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k&c=728&d=90&e=&g=1211612987f6e0d2ad53f4d010e6fdb5%2F12398439266323129819&i=21596%2C20597%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665328&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jfpag63yzjyka8hjex2m5t7d4jdz4g856pvzh5p24twp5mmj8j057dw7tk7d3g0q1wxveyehv31fwxg1stvj8535rmq9b7y3b5be2qzwbvwanc7624ksgr7gxrjgdehhbbed88dstqvfm7emf5en0xk5fvzgfsz1y5gs21dsamwb6wnpav4qyam2sv8hsfrhj3fzh06j0cfk5exb02bs3035h8r7mqjxsfaarj8vfrfgcgzred7wewraz0h197j2n8dw43vths72w71m34yrnw6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyuRDYPqEZeuEKISBjuwPgNyfyAqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0Op5dP-vux1U7l9bjTOpZPikHKcE4HtnEE3Ds_H2R9x_jOg0KK08vRDd6OuKcg7ZNOQF7YDaQcHLISBCtThXnqBAThbUGl7rri_iX81m392cSGgz0OpSc2tEp-THgYn-nvqlYrj0IFrChDOIfWOgiKn4R8V2rKY1Ae4W4aTjZrfLk_KUAIDamntOVUps1snPwE9wgB3caH7PS77or9Sk9oINORAnfXqm3cKKuuflmnQ-46GqEvTuAnoEiX2hE74nH6diXmXOHJMhMyAqswCABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYjpjVq4WigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2dYQn-8eqxoaXKUD8kIbpNY3Kzjw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40df2b78182e4ea8c29b45c73a0e7bef10dc5ab61798ce22238d039d2bd81b92

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100725
cf-polished: origFmt=png, origSize=10653
alt-svc: h3=":443"; ma=86400
content-length: 9924
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Nov 2023 11:11:38 GMT
server: cloudflare
etag: "ca1cf24fc82b7541b262f0d4b15a8100"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHlAT%2FoIB%2BGqhSOCJsKFrY%2FGEZ9qXYsJMGwu7d31Zi5b2Zbbcx9uYtKvQDV5eMp5redwuvGGzEOd0AmrNGUPB2CYLokzE%2BDQ0WdFK%2FGbb9Srq51DC5l5mWs%2F%2Bc4woaskbk8A3mSxuUp3jLev"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 839514814d6b3a64-FRA

GET
H2 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame 66F0 28 KB
28 KB 81ms
79ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C183975%2C22925&b=dk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye&f=KXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k&c=728&d=90&e=&g=1211612987f6e0d2ad53f4d010e6fdb5%2F12398439266323129819&i=21596%2C20597%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665328&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jfpag63yzjyka8hjex2m5t7d4jdz4g856pvzh5p24twp5mmj8j057dw7tk7d3g0q1wxveyehv31fwxg1stvj8535rmq9b7y3b5be2qzwbvwanc7624ksgr7gxrjgdehhbbed88dstqvfm7emf5en0xk5fvzgfsz1y5gs21dsamwb6wnpav4qyam2sv8hsfrhj3fzh06j0cfk5exb02bs3035h8r7mqjxsfaarj8vfrfgcgzred7wewraz0h197j2n8dw43vths72w71m34yrnw6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyuRDYPqEZeuEKISBjuwPgNyfyAqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0Op5dP-vux1U7l9bjTOpZPikHKcE4HtnEE3Ds_H2R9x_jOg0KK08vRDd6OuKcg7ZNOQF7YDaQcHLISBCtThXnqBAThbUGl7rri_iX81m392cSGgz0OpSc2tEp-THgYn-nvqlYrj0IFrChDOIfWOgiKn4R8V2rKY1Ae4W4aTjZrfLk_KUAIDamntOVUps1snPwE9wgB3caH7PS77or9Sk9oINORAnfXqm3cKKuuflmnQ-46GqEvTuAnoEiX2hE74nH6diXmXOHJMhMyAqswCABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYjpjVq4WigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2dYQn-8eqxoaXKUD8kIbpNY3Kzjw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dc0b8445f80ad134748d7c83953db4326302247a34ba6fa2239b61836930842

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3519842
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 28452
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:10:32 GMT
server: cloudflare
etag: "ad60aab65075d58e4390c75c7ea7b04e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BGsV0qzNOMrXlyK7Jz3GoqVnHzp%2Fmtrw6p76p6uQklbIouDotuTolcegXCDCjsmtZ0g9eTrS%2Brp4hEyBKUb1lAFt3qbovCWrEo2J4KU5JsvtwtfhsMH1yWzGPQqxYOFoD4tSvZvjJmVSbhJ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 839514814d6c3a64-FRA

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 66F0 8 KB
8 KB 83ms
81ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C183975%2C22925&b=dk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye&f=KXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k&c=728&d=90&e=&g=1211612987f6e0d2ad53f4d010e6fdb5%2F12398439266323129819&i=21596%2C20597%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665328&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jfpag63yzjyka8hjex2m5t7d4jdz4g856pvzh5p24twp5mmj8j057dw7tk7d3g0q1wxveyehv31fwxg1stvj8535rmq9b7y3b5be2qzwbvwanc7624ksgr7gxrjgdehhbbed88dstqvfm7emf5en0xk5fvzgfsz1y5gs21dsamwb6wnpav4qyam2sv8hsfrhj3fzh06j0cfk5exb02bs3035h8r7mqjxsfaarj8vfrfgcgzred7wewraz0h197j2n8dw43vths72w71m34yrnw6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyuRDYPqEZeuEKISBjuwPgNyfyAqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0Op5dP-vux1U7l9bjTOpZPikHKcE4HtnEE3Ds_H2R9x_jOg0KK08vRDd6OuKcg7ZNOQF7YDaQcHLISBCtThXnqBAThbUGl7rri_iX81m392cSGgz0OpSc2tEp-THgYn-nvqlYrj0IFrChDOIfWOgiKn4R8V2rKY1Ae4W4aTjZrfLk_KUAIDamntOVUps1snPwE9wgB3caH7PS77or9Sk9oINORAnfXqm3cKKuuflmnQ-46GqEvTuAnoEiX2hE74nH6diXmXOHJMhMyAqswCABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYjpjVq4WigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2dYQn-8eqxoaXKUD8kIbpNY3Kzjw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 108508
cf-polished: qual=85, origFmt=jpeg, origSize=12951
alt-svc: h3=":443"; ma=86400
content-length: 7758
cf-bgj: imgq:85,h2pri
last-modified: Fri, 20 Oct 2023 22:22:01 GMT
server: cloudflare
etag: "12e3523b35b31c7ddfe7c77dcdb14a34"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ouxZwQaPdHdyroVvYfZQPX%2FeGHk9hAzzmQN%2BmBjL1tuq4QeRLEdm0G7sa%2FTgqjhG5oXMo5ccoNZsrN14bR1vL3LyqPgYtzN7Smg%2Fp14Ywy2gaas3G7pNQQkxRl17IjXTfZtSr4ONnQxZkXRw"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 839514817d7f3a64-FRA

GET
H2 200 6486455729BD96BDB8E481E3F0AFB23C855E4C9DE0A632584D1F8D6C5F1005300BBB8C5B4E62E496B41D404576EFD68869DA14CD92C2EDFC6AAE9F735B87038D
assets.ad4m.at/product_image/ Frame 66F0 14 KB
14 KB 89ms
87ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/6486455729BD96BDB8E481E3F0AFB23C855E4C9DE0A632584D1F8D6C5F1005300BBB8C5B4E62E496B41D404576EFD68869DA14CD92C2EDFC6AAE9F735B87038D
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C183975%2C22925&b=dk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye&f=KXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k&c=728&d=90&e=&g=1211612987f6e0d2ad53f4d010e6fdb5%2F12398439266323129819&i=21596%2C20597%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665328&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jfpag63yzjyka8hjex2m5t7d4jdz4g856pvzh5p24twp5mmj8j057dw7tk7d3g0q1wxveyehv31fwxg1stvj8535rmq9b7y3b5be2qzwbvwanc7624ksgr7gxrjgdehhbbed88dstqvfm7emf5en0xk5fvzgfsz1y5gs21dsamwb6wnpav4qyam2sv8hsfrhj3fzh06j0cfk5exb02bs3035h8r7mqjxsfaarj8vfrfgcgzred7wewraz0h197j2n8dw43vths72w71m34yrnw6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyuRDYPqEZeuEKISBjuwPgNyfyAqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0Op5dP-vux1U7l9bjTOpZPikHKcE4HtnEE3Ds_H2R9x_jOg0KK08vRDd6OuKcg7ZNOQF7YDaQcHLISBCtThXnqBAThbUGl7rri_iX81m392cSGgz0OpSc2tEp-THgYn-nvqlYrj0IFrChDOIfWOgiKn4R8V2rKY1Ae4W4aTjZrfLk_KUAIDamntOVUps1snPwE9wgB3caH7PS77or9Sk9oINORAnfXqm3cKKuuflmnQ-46GqEvTuAnoEiX2hE74nH6diXmXOHJMhMyAqswCABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYjpjVq4WigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2dYQn-8eqxoaXKUD8kIbpNY3Kzjw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0354c512fe9ac534670f42761c954a5cb683ae7a1c74b6e93e866113cc76863

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 101230
cf-polished: qual=85, origFmt=jpeg, origSize=16323
alt-svc: h3=":443"; ma=86400
content-length: 13986
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 11:42:12 GMT
server: cloudflare
etag: "2bec681a82cced862b1f711ea5cf61b5"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oodO86gB0tj%2FT3qZ4mVzbdUx6o2OfeJGj%2BitvBZU1e8GfYAPAK72SD6ah%2FbOhmPLalYZWcY%2FNzKj51wEr0%2FryrgB2I22iQWD4ezO227QYFfMyt9ccbArvK935WMNHQobrmKIfs30VX%2FKzOaD"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 839514817d803a64-FRA

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 66F0
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CJXHkKyFooMDFYyhgwcdfBECLw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023122203542591520913091X117679V1226132702MSviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite...

49 B
1 KB

167ms
67ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023122203542591520913091X117679V1226132702MSviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023122203542591520913091X117679V1226132702MSviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C183975%2C22925&b=dk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye&f=KXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k&c=728&d=90&e=&g=1211612987f6e0d2ad53f4d010e6fdb5%2F12398439266323129819&i=21596%2C20597%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665328&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jfpag63yzjyka8hjex2m5t7d4jdz4g856pvzh5p24twp5mmj8j057dw7tk7d3g0q1wxveyehv31fwxg1stvj8535rmq9b7y3b5be2qzwbvwanc7624ksgr7gxrjgdehhbbed88dstqvfm7emf5en0xk5fvzgfsz1y5gs21dsamwb6wnpav4qyam2sv8hsfrhj3fzh06j0cfk5exb02bs3035h8r7mqjxsfaarj8vfrfgcgzred7wewraz0h197j2n8dw43vths72w71m34yrnw6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyuRDYPqEZeuEKISBjuwPgNyfyAqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0Op5dP-vux1U7l9bjTOpZPikHKcE4HtnEE3Ds_H2R9x_jOg0KK08vRDd6OuKcg7ZNOQF7YDaQcHLISBCtThXnqBAThbUGl7rri_iX81m392cSGgz0OpSc2tEp-THgYn-nvqlYrj0IFrChDOIfWOgiKn4R8V2rKY1Ae4W4aTjZrfLk_KUAIDamntOVUps1snPwE9wgB3caH7PS77or9Sk9oINORAnfXqm3cKKuuflmnQ-46GqEvTuAnoEiX2hE74nH6diXmXOHJMhMyAqswCABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYjpjVq4WigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2dYQn-8eqxoaXKUD8kIbpNY3Kzjw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 02:54:26 GMT
X-NODEIP: 46.4.41.145
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023122203542591520913091X117679V1226132702MSviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023122203542591520913091X117679V1226132702MSviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
date: Fri, 22 Dec 2023 02:54:25 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 88CC 115 KB
14 KB 61ms
60ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43766%2C19769%2C197862&b=791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=EDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=774f1bcbd26475852907acf81697e492%2F15003327681042682644&i=24891%2C21630%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665327&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkf1ka9hzfggpb3s5k7rg5hw7ke8q7f3209cx54x1y5zye2qth03bxbc0rcyhthrk14s5gvykksmfk19pxa85zm5tcrszp39yjb44410bejq2khjkcwekbgap2wce04t545e6xjzeb6as06zpfhktr2w9cjgmawn6jbsszg2vqf1ypm2h6rcrxxy8hh0p4jr2hv6y5s814f6jnpmcxktzf7m0nwedm8saqrfa4gf77zthz4kbr512w4tj995xn48gsnjty0qw71dpg13ycnzqax%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmYMzYPqEZZKoJOOCjuwP04y9mA6Q4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0EpMjG6qmCWrYwDoFyuBqCUAIbucQx46UdsuGvntxgjDEC8eIdxubxosEhqYbcTYe0PLF0Ln5rAurh2oWzU0aC5XEd5nH0ZSSIfabxFrb2d75vaaf8YFdaRjiD24KspUsznbEl63v-X8_X0uN5q1HVM1Z4W2aVGvCscVxnZIgrMBx-i5D5qcO0qa5CM4h0rkszAsQmu_PZMJ21UhfDZotzaXs2V50TLHdA1pXQpwLsb7ZDoKCsCFRNVSRawxqb5X1ED0ZH2KvjjtVtCIqJOABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYxr_Rq4WigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3g-omR_KxnBiFj5rUvQGdu1yei3w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=43766%2C19769%2C197862&b=791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=EDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=774f1bcbd26475852907acf81697e492%2F15003327681042682644&i=24891%2C21630%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665327&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkf1ka9hzfggpb3s5k7rg5hw7ke8q7f3209cx54x1y5zye2qth03bxbc0rcyhthrk14s5gvykksmfk19pxa85zm5tcrszp39yjb44410bejq2khjkcwekbgap2wce04t545e6xjzeb6as06zpfhktr2w9cjgmawn6jbsszg2vqf1ypm2h6rcrxxy8hh0p4jr2hv6y5s814f6jnpmcxktzf7m0nwedm8saqrfa4gf77zthz4kbr512w4tj995xn48gsnjty0qw71dpg13ycnzqax%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmYMzYPqEZZKoJOOCjuwP04y9mA6Q4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0EpMjG6qmCWrYwDoFyuBqCUAIbucQx46UdsuGvntxgjDEC8eIdxubxosEhqYbcTYe0PLF0Ln5rAurh2oWzU0aC5XEd5nH0ZSSIfabxFrb2d75vaaf8YFdaRjiD24KspUsznbEl63v-X8_X0uN5q1HVM1Z4W2aVGvCscVxnZIgrMBx-i5D5qcO0qa5CM4h0rkszAsQmu_PZMJ21UhfDZotzaXs2V50TLHdA1pXQpwLsb7ZDoKCsCFRNVSRawxqb5X1ED0ZH2KvjjtVtCIqJOABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYxr_Rq4WigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3g-omR_KxnBiFj5rUvQGdu1yei3w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 781484
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xc26sGQOiUEpzuGyI2d9HmqAla%2F72NVAMKpCwH8NthQT7IpGcc0yIft%2FU5U%2Bwa5VckqXp79xpQz1Paxh9r0YIylUVsBu4XuMf8wk0aFW1U6WyfM0Hh4Ngtdt0hVNVmjUJuabq8s7ZC4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 839514815f6e69a3-FRA
expires: Sat, 23 Dec 2023 02:54:25 GMT

GET
H2 200 4CF27F3A6A2F6D91C5A3622C8F01C9A26CFA811CA6347403820EFE1173CC3C68B9FBEA4FDD4B7737FA67797C095DA1E54C193B8458F430E3BCD6ACC6B33929DA
assets.ad4m.at/logo/ Frame 88CC 10 KB
10 KB 85ms
84ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/4CF27F3A6A2F6D91C5A3622C8F01C9A26CFA811CA6347403820EFE1173CC3C68B9FBEA4FDD4B7737FA67797C095DA1E54C193B8458F430E3BCD6ACC6B33929DA
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43766%2C19769%2C197862&b=791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=EDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=774f1bcbd26475852907acf81697e492%2F15003327681042682644&i=24891%2C21630%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665327&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkf1ka9hzfggpb3s5k7rg5hw7ke8q7f3209cx54x1y5zye2qth03bxbc0rcyhthrk14s5gvykksmfk19pxa85zm5tcrszp39yjb44410bejq2khjkcwekbgap2wce04t545e6xjzeb6as06zpfhktr2w9cjgmawn6jbsszg2vqf1ypm2h6rcrxxy8hh0p4jr2hv6y5s814f6jnpmcxktzf7m0nwedm8saqrfa4gf77zthz4kbr512w4tj995xn48gsnjty0qw71dpg13ycnzqax%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmYMzYPqEZZKoJOOCjuwP04y9mA6Q4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0EpMjG6qmCWrYwDoFyuBqCUAIbucQx46UdsuGvntxgjDEC8eIdxubxosEhqYbcTYe0PLF0Ln5rAurh2oWzU0aC5XEd5nH0ZSSIfabxFrb2d75vaaf8YFdaRjiD24KspUsznbEl63v-X8_X0uN5q1HVM1Z4W2aVGvCscVxnZIgrMBx-i5D5qcO0qa5CM4h0rkszAsQmu_PZMJ21UhfDZotzaXs2V50TLHdA1pXQpwLsb7ZDoKCsCFRNVSRawxqb5X1ED0ZH2KvjjtVtCIqJOABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYxr_Rq4WigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3g-omR_KxnBiFj5rUvQGdu1yei3w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 617175475dd7762c2557066f330446636c982b371b142462cf7b4cd7c395f79a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 93556
cf-polished: qual=85, origFmt=jpeg, origSize=11698
alt-svc: h3=":443"; ma=86400
content-length: 10082
cf-bgj: imgq:85,h2pri
last-modified: Sat, 04 Nov 2023 16:39:26 GMT
server: cloudflare
etag: "bf7d8cf3c1179b8166a2b621809cce6b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88QnRh64z3UbBcvZO%2BLae2OBKJHxvzG6Es%2FeMw0wszz%2F3QtLL0xVZ0srbFTCfiGryimPeFeIn8LfoP5rJ4u%2BdtPKFhtryoTT7uSQoNA8PZqe2JDfH2mksPu8YmDGxxRhDReDgXy3x7BH20ey"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 839514817d813a64-FRA

GET
H2 200 D0B9541CF4E773D41DBC4ABCC9F6E672B34430F49375E17E41F087E6D1C801229BC513C607F51A81B070BEEF036EED35D1C1A6EBC0C47606BF42647C16A34FCE
assets.ad4m.at/product_image/ Frame 88CC 14 KB
14 KB 84ms
83ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/D0B9541CF4E773D41DBC4ABCC9F6E672B34430F49375E17E41F087E6D1C801229BC513C607F51A81B070BEEF036EED35D1C1A6EBC0C47606BF42647C16A34FCE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43766%2C19769%2C197862&b=791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=EDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=774f1bcbd26475852907acf81697e492%2F15003327681042682644&i=24891%2C21630%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665327&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkf1ka9hzfggpb3s5k7rg5hw7ke8q7f3209cx54x1y5zye2qth03bxbc0rcyhthrk14s5gvykksmfk19pxa85zm5tcrszp39yjb44410bejq2khjkcwekbgap2wce04t545e6xjzeb6as06zpfhktr2w9cjgmawn6jbsszg2vqf1ypm2h6rcrxxy8hh0p4jr2hv6y5s814f6jnpmcxktzf7m0nwedm8saqrfa4gf77zthz4kbr512w4tj995xn48gsnjty0qw71dpg13ycnzqax%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmYMzYPqEZZKoJOOCjuwP04y9mA6Q4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0EpMjG6qmCWrYwDoFyuBqCUAIbucQx46UdsuGvntxgjDEC8eIdxubxosEhqYbcTYe0PLF0Ln5rAurh2oWzU0aC5XEd5nH0ZSSIfabxFrb2d75vaaf8YFdaRjiD24KspUsznbEl63v-X8_X0uN5q1HVM1Z4W2aVGvCscVxnZIgrMBx-i5D5qcO0qa5CM4h0rkszAsQmu_PZMJ21UhfDZotzaXs2V50TLHdA1pXQpwLsb7ZDoKCsCFRNVSRawxqb5X1ED0ZH2KvjjtVtCIqJOABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYxr_Rq4WigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3g-omR_KxnBiFj5rUvQGdu1yei3w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a9e1eedba53e281f772796dd83eb2280b1a1c1c1c9ebd114d5bb7499fde7bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3632334
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 14254
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 09:11:52 GMT
server: cloudflare
etag: "5354ec8a9e72c8f64868101f5dd44ece"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=De0eCTqxC0Bxwu6D%2FkRdgZsQJ0uMAB6FQ5cN77PJYsK6Tz7SX9M4Dcn9cKHQkdlb8PQz89NAN4EB0aECwfLY6p017R%2FbAKxRFZgwUHHqwB7OyDmKfk3iIxJpY%2B2lSobtExYuEniW%2BOKMbrdF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 839514817d823a64-FRA

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 88CC 4 KB
5 KB 84ms
83ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43766%2C19769%2C197862&b=791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=EDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=774f1bcbd26475852907acf81697e492%2F15003327681042682644&i=24891%2C21630%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665327&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkf1ka9hzfggpb3s5k7rg5hw7ke8q7f3209cx54x1y5zye2qth03bxbc0rcyhthrk14s5gvykksmfk19pxa85zm5tcrszp39yjb44410bejq2khjkcwekbgap2wce04t545e6xjzeb6as06zpfhktr2w9cjgmawn6jbsszg2vqf1ypm2h6rcrxxy8hh0p4jr2hv6y5s814f6jnpmcxktzf7m0nwedm8saqrfa4gf77zthz4kbr512w4tj995xn48gsnjty0qw71dpg13ycnzqax%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmYMzYPqEZZKoJOOCjuwP04y9mA6Q4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0EpMjG6qmCWrYwDoFyuBqCUAIbucQx46UdsuGvntxgjDEC8eIdxubxosEhqYbcTYe0PLF0Ln5rAurh2oWzU0aC5XEd5nH0ZSSIfabxFrb2d75vaaf8YFdaRjiD24KspUsznbEl63v-X8_X0uN5q1HVM1Z4W2aVGvCscVxnZIgrMBx-i5D5qcO0qa5CM4h0rkszAsQmu_PZMJ21UhfDZotzaXs2V50TLHdA1pXQpwLsb7ZDoKCsCFRNVSRawxqb5X1ED0ZH2KvjjtVtCIqJOABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYxr_Rq4WigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3g-omR_KxnBiFj5rUvQGdu1yei3w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 100165
cf-polished: qual=85, origFmt=jpeg, origSize=7258
alt-svc: h3=":443"; ma=86400
content-length: 4294
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 09:56:16 GMT
server: cloudflare
etag: "679602b08629bcaaabfcfad4e68fe53a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FhNvxzl22HYiDjDz5KKI2Q5AmzvB6N6metcEZo1Ov7eMHkXilo1lqj5sHBCaJcHJx2L7AqjvE3ntK7m8qVxyL%2FSiX6kpw10RSXH04rF%2FuyElHc8CLYJZlcOxFvfzT90H7S2fd0V4wdbnrEIG"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 839514817d833a64-FRA

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 88CC 15 KB
16 KB 85ms
84ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43766%2C19769%2C197862&b=791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=EDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=774f1bcbd26475852907acf81697e492%2F15003327681042682644&i=24891%2C21630%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665327&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkf1ka9hzfggpb3s5k7rg5hw7ke8q7f3209cx54x1y5zye2qth03bxbc0rcyhthrk14s5gvykksmfk19pxa85zm5tcrszp39yjb44410bejq2khjkcwekbgap2wce04t545e6xjzeb6as06zpfhktr2w9cjgmawn6jbsszg2vqf1ypm2h6rcrxxy8hh0p4jr2hv6y5s814f6jnpmcxktzf7m0nwedm8saqrfa4gf77zthz4kbr512w4tj995xn48gsnjty0qw71dpg13ycnzqax%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmYMzYPqEZZKoJOOCjuwP04y9mA6Q4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0EpMjG6qmCWrYwDoFyuBqCUAIbucQx46UdsuGvntxgjDEC8eIdxubxosEhqYbcTYe0PLF0Ln5rAurh2oWzU0aC5XEd5nH0ZSSIfabxFrb2d75vaaf8YFdaRjiD24KspUsznbEl63v-X8_X0uN5q1HVM1Z4W2aVGvCscVxnZIgrMBx-i5D5qcO0qa5CM4h0rkszAsQmu_PZMJ21UhfDZotzaXs2V50TLHdA1pXQpwLsb7ZDoKCsCFRNVSRawxqb5X1ED0ZH2KvjjtVtCIqJOABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYxr_Rq4WigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3g-omR_KxnBiFj5rUvQGdu1yei3w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3617461
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 15521
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:09:52 GMT
server: cloudflare
etag: "269bd58060bc660c3aec98b388bae571"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rlwM%2FyElU5YHci6pS0evJTlnShidYyBSL7tQTjJkp2q4FMVUn0j1%2Fl5sRPWXaX87V02m%2FSyRO8QtsZZ7EQ16MHBUEp5X0h5Yj3dRfCNpVPtDIrswCq8wXhOD5t%2FNQBEHcKh4yww35Yrq2pLu"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 839514817d843a64-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 88CC 43 B
702 B 174ms
84ms Image
image/gif 2.23.68.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43766%2C19769%2C197862&b=791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=EDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=774f1bcbd26475852907acf81697e492%2F15003327681042682644&i=24891%2C21630%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665327&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkf1ka9hzfggpb3s5k7rg5hw7ke8q7f3209cx54x1y5zye2qth03bxbc0rcyhthrk14s5gvykksmfk19pxa85zm5tcrszp39yjb44410bejq2khjkcwekbgap2wce04t545e6xjzeb6as06zpfhktr2w9cjgmawn6jbsszg2vqf1ypm2h6rcrxxy8hh0p4jr2hv6y5s814f6jnpmcxktzf7m0nwedm8saqrfa4gf77zthz4kbr512w4tj995xn48gsnjty0qw71dpg13ycnzqax%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmYMzYPqEZZKoJOOCjuwP04y9mA6Q4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0EpMjG6qmCWrYwDoFyuBqCUAIbucQx46UdsuGvntxgjDEC8eIdxubxosEhqYbcTYe0PLF0Ln5rAurh2oWzU0aC5XEd5nH0ZSSIfabxFrb2d75vaaf8YFdaRjiD24KspUsznbEl63v-X8_X0uN5q1HVM1Z4W2aVGvCscVxnZIgrMBx-i5D5qcO0qa5CM4h0rkszAsQmu_PZMJ21UhfDZotzaXs2V50TLHdA1pXQpwLsb7ZDoKCsCFRNVSRawxqb5X1ED0ZH2KvjjtVtCIqJOABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYxr_Rq4WigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3g-omR_KxnBiFj5rUvQGdu1yei3w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.23.68.89 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-23-68-89.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Dec 2023 02:54:25 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
assets.ad4m.at/logo/ Frame 88CC 8 KB
8 KB 83ms
82ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43766%2C19769%2C197862&b=791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=EDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=774f1bcbd26475852907acf81697e492%2F15003327681042682644&i=24891%2C21630%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665327&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkf1ka9hzfggpb3s5k7rg5hw7ke8q7f3209cx54x1y5zye2qth03bxbc0rcyhthrk14s5gvykksmfk19pxa85zm5tcrszp39yjb44410bejq2khjkcwekbgap2wce04t545e6xjzeb6as06zpfhktr2w9cjgmawn6jbsszg2vqf1ypm2h6rcrxxy8hh0p4jr2hv6y5s814f6jnpmcxktzf7m0nwedm8saqrfa4gf77zthz4kbr512w4tj995xn48gsnjty0qw71dpg13ycnzqax%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmYMzYPqEZZKoJOOCjuwP04y9mA6Q4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0EpMjG6qmCWrYwDoFyuBqCUAIbucQx46UdsuGvntxgjDEC8eIdxubxosEhqYbcTYe0PLF0Ln5rAurh2oWzU0aC5XEd5nH0ZSSIfabxFrb2d75vaaf8YFdaRjiD24KspUsznbEl63v-X8_X0uN5q1HVM1Z4W2aVGvCscVxnZIgrMBx-i5D5qcO0qa5CM4h0rkszAsQmu_PZMJ21UhfDZotzaXs2V50TLHdA1pXQpwLsb7ZDoKCsCFRNVSRawxqb5X1ED0ZH2KvjjtVtCIqJOABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYxr_Rq4WigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3g-omR_KxnBiFj5rUvQGdu1yei3w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1126261762db36bce53560ac36f5ede1954662d33a6d6eeb62d84b715070e7bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 107150
cf-polished: qual=85, origFmt=jpeg, origSize=10446
alt-svc: h3=":443"; ma=86400
content-length: 7728
cf-bgj: imgq:85,h2pri
last-modified: Sat, 04 Nov 2023 16:41:23 GMT
server: cloudflare
etag: "bddcb815cd8abad672404f9cdec6f97c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DUEsA1MFMH2bUgHGxb2krnx0JXLKNMi2lkzPRETR8yGR%2BV%2FKaaWfcgZiigWbgoesqGPrEiYMzb23wW%2FcmKhzOIV3XmoxKXzkRoNx9HQL9pdTngF7aV9zWMn%2FbTIPoKC03wZLYM9whp2%2B9UPG"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 839514817d853a64-FRA

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 88CC 11 KB
11 KB 84ms
83ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43766%2C19769%2C197862&b=791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=EDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=774f1bcbd26475852907acf81697e492%2F15003327681042682644&i=24891%2C21630%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665327&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkf1ka9hzfggpb3s5k7rg5hw7ke8q7f3209cx54x1y5zye2qth03bxbc0rcyhthrk14s5gvykksmfk19pxa85zm5tcrszp39yjb44410bejq2khjkcwekbgap2wce04t545e6xjzeb6as06zpfhktr2w9cjgmawn6jbsszg2vqf1ypm2h6rcrxxy8hh0p4jr2hv6y5s814f6jnpmcxktzf7m0nwedm8saqrfa4gf77zthz4kbr512w4tj995xn48gsnjty0qw71dpg13ycnzqax%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmYMzYPqEZZKoJOOCjuwP04y9mA6Q4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0EpMjG6qmCWrYwDoFyuBqCUAIbucQx46UdsuGvntxgjDEC8eIdxubxosEhqYbcTYe0PLF0Ln5rAurh2oWzU0aC5XEd5nH0ZSSIfabxFrb2d75vaaf8YFdaRjiD24KspUsznbEl63v-X8_X0uN5q1HVM1Z4W2aVGvCscVxnZIgrMBx-i5D5qcO0qa5CM4h0rkszAsQmu_PZMJ21UhfDZotzaXs2V50TLHdA1pXQpwLsb7ZDoKCsCFRNVSRawxqb5X1ED0ZH2KvjjtVtCIqJOABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYxr_Rq4WigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3g-omR_KxnBiFj5rUvQGdu1yei3w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7f7f5265aeb0202ce88e8a6dfcc0ca25a7b990bb9ffac2f9e430ae6af2b6154

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 103034
cf-polished: qual=85, origFmt=jpeg, origSize=13532
alt-svc: h3=":443"; ma=86400
content-length: 11268
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Nov 2023 22:13:51 GMT
server: cloudflare
etag: "d9fd29c7a268fd485230a60f0d2e0192"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qufcbFMDITI4ZSd4ERM8gvD%2FEkXDUDhCVpzR9GIGovA%2Fry4HA%2BR2fbubrEWra4ukpXtrqjE3NoOjjaAUusqXMA7eq8WVarzkHQw7w70S%2FkI4i1AaGbpNIuicHdw3BuEwgNfzNJ%2FcZGq0ZpgC"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 839514817d863a64-FRA

GET
H2 429 link.html
track.webgains.com/ Frame 66F0 0
0 213ms
60ms Script
text/html 35.176.134.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2370525&wgcampaignid=1384975&wgprogramid=265645&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ky6g4w9ry416ama632529zmh8de6w58pbptmwg3deyy2k245eqepxfcgvhpwfshy2h4e3z39m4j6x95h8fhej85r8vsfwrehyw6a12z9zp41venjs7tv1wafb5vrnsbt0m8pfhzmr5k5dna65ms2qxf6kryh5xb9bp7jpm9fgsq9rcw9kj6n9whbsm8x2cedxhhneywme0a9xan5bqc76392z4qcagbw4vnjnn1rcn8bjkf46x2sbg4m745802t45s8y%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jfpag63yzjyka8hjex2m5t7d4jdz4g856pvzh5p24twp5mmj8j057dw7tk7d3g0q1wxveyehv31fwxg1stvj8535rmq9b7y3b5be2qzwbvwanc7624ksgr7gxrjgdehhbbed88dstqvfm7emf5en0xk5fvzgfsz1y5gs21dsamwb6wnpav4qyam2sv8hsfrhj3fzh06j0cfk5exb02bs3035h8r7mqjxsfaarj8vfrfgcgzred7wewraz0h197j2n8dw43vths72w71m34yrnw6%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCyuRDYPqEZeuEKISBjuwPgNyfyAqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0Op5dP-vux1U7l9bjTOpZPikHKcE4HtnEE3Ds_H2R9x_jOg0KK08vRDd6OuKcg7ZNOQF7YDaQcHLISBCtThXnqBAThbUGl7rri_iX81m392cSGgz0OpSc2tEp-THgYn-nvqlYrj0IFrChDOIfWOgiKn4R8V2rKY1Ae4W4aTjZrfLk_KUAIDamntOVUps1snPwE9wgB3caH7PS77or9Sk9oINORAnfXqm3cKKuuflmnQ-46GqEvTuAnoEiX2hE74nH6diXmXOHJMhMyAqswCABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYjpjVq4WigwP6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2dYQn-8eqxoaXKUD8kIbpNY3Kzjw%252526client%25253Dca-pub-5884294479391638%252526adurl%25253D&clickref=oneid9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneidZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C183975%2C22925&b=dk8aEfkf47VzcEHjHwtEtbXQfeS4T55PfgVPW%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye&f=KXRURfZfK8m6S5HMHktzCB2Gh7SAT88qcp25b%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k&c=728&d=90&e=&g=1211612987f6e0d2ad53f4d010e6fdb5%2F12398439266323129819&i=21596%2C20597%2C20774&j=16%2C21%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665328&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jfpag63yzjyka8hjex2m5t7d4jdz4g856pvzh5p24twp5mmj8j057dw7tk7d3g0q1wxveyehv31fwxg1stvj8535rmq9b7y3b5be2qzwbvwanc7624ksgr7gxrjgdehhbbed88dstqvfm7emf5en0xk5fvzgfsz1y5gs21dsamwb6wnpav4qyam2sv8hsfrhj3fzh06j0cfk5exb02bs3035h8r7mqjxsfaarj8vfrfgcgzred7wewraz0h197j2n8dw43vths72w71m34yrnw6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCyuRDYPqEZeuEKISBjuwPgNyfyAqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0Op5dP-vux1U7l9bjTOpZPikHKcE4HtnEE3Ds_H2R9x_jOg0KK08vRDd6OuKcg7ZNOQF7YDaQcHLISBCtThXnqBAThbUGl7rri_iX81m392cSGgz0OpSc2tEp-THgYn-nvqlYrj0IFrChDOIfWOgiKn4R8V2rKY1Ae4W4aTjZrfLk_KUAIDamntOVUps1snPwE9wgB3caH7PS77or9Sk9oINORAnfXqm3cKKuuflmnQ-46GqEvTuAnoEiX2hE74nH6diXmXOHJMhMyAqswCABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYjpjVq4WigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2dYQn-8eqxoaXKUD8kIbpNY3Kzjw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.134.178 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-176-134-178.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
server: awselb/2.0
content-length: 45
content-type: text/html

GET
H2 429 link.html
track.webgains.com/ Frame 88CC 0
0 224ms
82ms Script
text/html 35.176.134.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3118461&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gap7zrdg3k9e5a6tc8acr9kxqq5s9qbv213mbf1ht0p34fdnwkbkm3f60mftmz0f6h47g7ccd5q7vcqgx0agpxsvmzcme7022np37szrjzn9gtcz905e6cbvnte9zxk610ytcbax00pg4qqrahypvmvnwpch84vhzf8rp55ngqt3x0dpzzyp2bz57azqgk4bfb6ar7b1e10m3mt70nkr019wdedag1w4gsyawfk2n4rggz7e36nc7v8vnp2q3sd112g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hkf1ka9hzfggpb3s5k7rg5hw7ke8q7f3209cx54x1y5zye2qth03bxbc0rcyhthrk14s5gvykksmfk19pxa85zm5tcrszp39yjb44410bejq2khjkcwekbgap2wce04t545e6xjzeb6as06zpfhktr2w9cjgmawn6jbsszg2vqf1ypm2h6rcrxxy8hh0p4jr2hv6y5s814f6jnpmcxktzf7m0nwedm8saqrfa4gf77zthz4kbr512w4tj995xn48gsnjty0qw71dpg13ycnzqax%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCmYMzYPqEZZKoJOOCjuwP04y9mA6Q4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0EpMjG6qmCWrYwDoFyuBqCUAIbucQx46UdsuGvntxgjDEC8eIdxubxosEhqYbcTYe0PLF0Ln5rAurh2oWzU0aC5XEd5nH0ZSSIfabxFrb2d75vaaf8YFdaRjiD24KspUsznbEl63v-X8_X0uN5q1HVM1Z4W2aVGvCscVxnZIgrMBx-i5D5qcO0qa5CM4h0rkszAsQmu_PZMJ21UhfDZotzaXs2V50TLHdA1pXQpwLsb7ZDoKCsCFRNVSRawxqb5X1ED0ZH2KvjjtVtCIqJOABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYxr_Rq4WigwP6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3g-omR_KxnBiFj5rUvQGdu1yei3w%252526client%25253Dca-pub-5884294479391638%252526adurl%25253D&clickref=oneidEDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdPoneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBWoneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43766%2C19769%2C197862&b=791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=EDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=774f1bcbd26475852907acf81697e492%2F15003327681042682644&i=24891%2C21630%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665327&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkf1ka9hzfggpb3s5k7rg5hw7ke8q7f3209cx54x1y5zye2qth03bxbc0rcyhthrk14s5gvykksmfk19pxa85zm5tcrszp39yjb44410bejq2khjkcwekbgap2wce04t545e6xjzeb6as06zpfhktr2w9cjgmawn6jbsszg2vqf1ypm2h6rcrxxy8hh0p4jr2hv6y5s814f6jnpmcxktzf7m0nwedm8saqrfa4gf77zthz4kbr512w4tj995xn48gsnjty0qw71dpg13ycnzqax%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmYMzYPqEZZKoJOOCjuwP04y9mA6Q4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0EpMjG6qmCWrYwDoFyuBqCUAIbucQx46UdsuGvntxgjDEC8eIdxubxosEhqYbcTYe0PLF0Ln5rAurh2oWzU0aC5XEd5nH0ZSSIfabxFrb2d75vaaf8YFdaRjiD24KspUsznbEl63v-X8_X0uN5q1HVM1Z4W2aVGvCscVxnZIgrMBx-i5D5qcO0qa5CM4h0rkszAsQmu_PZMJ21UhfDZotzaXs2V50TLHdA1pXQpwLsb7ZDoKCsCFRNVSRawxqb5X1ED0ZH2KvjjtVtCIqJOABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYxr_Rq4WigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3g-omR_KxnBiFj5rUvQGdu1yei3w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.134.178 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-176-134-178.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
server: awselb/2.0
content-length: 45
content-type: text/html

GET
H2 200 link.html Show response
track.webgains.com/ Frame 88CC 2 KB
2 KB 229ms
93ms Script
text/html 35.176.134.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&wgprogramid=286305&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hzanc4c95v7zk2bek1ss4yg9asbnf17c93asnjt44ak815779e5kmaqjamjwvb7bmk6q3d8vt2kkb0dmj4a7cp25d3nge1nr8jr6rxsxsc1syzy0vefksscr6nym12v4gk8bdsbxkqja8ekm8ac1dyzhy0w328ap9d5fnydxvbapagmhtgxvnb0dyrxcat23kvg4exk88v0kwh3fsqf2qh8jf1prxsb085ktv56ynge97kpsrsk7bnt7cmn57dcdjn00%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hkf1ka9hzfggpb3s5k7rg5hw7ke8q7f3209cx54x1y5zye2qth03bxbc0rcyhthrk14s5gvykksmfk19pxa85zm5tcrszp39yjb44410bejq2khjkcwekbgap2wce04t545e6xjzeb6as06zpfhktr2w9cjgmawn6jbsszg2vqf1ypm2h6rcrxxy8hh0p4jr2hv6y5s814f6jnpmcxktzf7m0nwedm8saqrfa4gf77zthz4kbr512w4tj995xn48gsnjty0qw71dpg13ycnzqax%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCmYMzYPqEZZKoJOOCjuwP04y9mA6Q4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0EpMjG6qmCWrYwDoFyuBqCUAIbucQx46UdsuGvntxgjDEC8eIdxubxosEhqYbcTYe0PLF0Ln5rAurh2oWzU0aC5XEd5nH0ZSSIfabxFrb2d75vaaf8YFdaRjiD24KspUsznbEl63v-X8_X0uN5q1HVM1Z4W2aVGvCscVxnZIgrMBx-i5D5qcO0qa5CM4h0rkszAsQmu_PZMJ21UhfDZotzaXs2V50TLHdA1pXQpwLsb7ZDoKCsCFRNVSRawxqb5X1ED0ZH2KvjjtVtCIqJOABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYxr_Rq4WigwP6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3g-omR_KxnBiFj5rUvQGdu1yei3w%252526client%25253Dca-pub-5884294479391638%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43766%2C19769%2C197862&b=791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=EDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=774f1bcbd26475852907acf81697e492%2F15003327681042682644&i=24891%2C21630%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665327&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkf1ka9hzfggpb3s5k7rg5hw7ke8q7f3209cx54x1y5zye2qth03bxbc0rcyhthrk14s5gvykksmfk19pxa85zm5tcrszp39yjb44410bejq2khjkcwekbgap2wce04t545e6xjzeb6as06zpfhktr2w9cjgmawn6jbsszg2vqf1ypm2h6rcrxxy8hh0p4jr2hv6y5s814f6jnpmcxktzf7m0nwedm8saqrfa4gf77zthz4kbr512w4tj995xn48gsnjty0qw71dpg13ycnzqax%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmYMzYPqEZZKoJOOCjuwP04y9mA6Q4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0EpMjG6qmCWrYwDoFyuBqCUAIbucQx46UdsuGvntxgjDEC8eIdxubxosEhqYbcTYe0PLF0Ln5rAurh2oWzU0aC5XEd5nH0ZSSIfabxFrb2d75vaaf8YFdaRjiD24KspUsznbEl63v-X8_X0uN5q1HVM1Z4W2aVGvCscVxnZIgrMBx-i5D5qcO0qa5CM4h0rkszAsQmu_PZMJ21UhfDZotzaXs2V50TLHdA1pXQpwLsb7ZDoKCsCFRNVSRawxqb5X1ED0ZH2KvjjtVtCIqJOABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYxr_Rq4WigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3g-omR_KxnBiFj5rUvQGdu1yei3w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.134.178 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-176-134-178.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: ea4703fd5139975d9eb25423036d2c25824a2388367d6739a548a5770ecdd4aa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:25 GMT
last-modified: Fri, 22 Dec 2023 02:54:25 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 22 Dec 2023 02:55:25 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 88CC 53 KB
19 KB 167ms
46ms Script
application/javascript 18.66.147.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&wgprogramid=286305&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hzanc4c95v7zk2bek1ss4yg9asbnf17c93asnjt44ak815779e5kmaqjamjwvb7bmk6q3d8vt2kkb0dmj4a7cp25d3nge1nr8jr6rxsxsc1syzy0vefksscr6nym12v4gk8bdsbxkqja8ekm8ac1dyzhy0w328ap9d5fnydxvbapagmhtgxvnb0dyrxcat23kvg4exk88v0kwh3fsqf2qh8jf1prxsb085ktv56ynge97kpsrsk7bnt7cmn57dcdjn00%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hkf1ka9hzfggpb3s5k7rg5hw7ke8q7f3209cx54x1y5zye2qth03bxbc0rcyhthrk14s5gvykksmfk19pxa85zm5tcrszp39yjb44410bejq2khjkcwekbgap2wce04t545e6xjzeb6as06zpfhktr2w9cjgmawn6jbsszg2vqf1ypm2h6rcrxxy8hh0p4jr2hv6y5s814f6jnpmcxktzf7m0nwedm8saqrfa4gf77zthz4kbr512w4tj995xn48gsnjty0qw71dpg13ycnzqax%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCmYMzYPqEZZKoJOOCjuwP04y9mA6Q4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0EpMjG6qmCWrYwDoFyuBqCUAIbucQx46UdsuGvntxgjDEC8eIdxubxosEhqYbcTYe0PLF0Ln5rAurh2oWzU0aC5XEd5nH0ZSSIfabxFrb2d75vaaf8YFdaRjiD24KspUsznbEl63v-X8_X0uN5q1HVM1Z4W2aVGvCscVxnZIgrMBx-i5D5qcO0qa5CM4h0rkszAsQmu_PZMJ21UhfDZotzaXs2V50TLHdA1pXQpwLsb7ZDoKCsCFRNVSRawxqb5X1ED0ZH2KvjjtVtCIqJOABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYxr_Rq4WigwP6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3g-omR_KxnBiFj5rUvQGdu1yei3w%252526client%25253Dca-pub-5884294479391638%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 01:58:54 GMT
content-encoding: gzip
via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
last-modified: Sat, 09 Dec 2023 12:01:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 3332
x-amz-server-side-encryption: AES256
etag: W/"1180a1bfee0aad979766ecd6180b923e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: yo-pt1Fa_o9daw4qDz8DH8v96Vf8ydVV1LmZswivdG8kBwA1S-7kdQ==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 88CC 15 KB
15 KB 147ms
45ms Image
image/png 99.86.4.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1703213965&Signature=XqNdpopucfaGgWnErdBfzyrXlX-OUYz8h-qrGQjNlp0VTyWSB-RT6OhXJviVDnoYcmPCRQv6YhAQOeMTY31ByTNyPJDBLMsOf1WTcYIWZZZgwmM74lHBIzMEyRymFOsewLZ7EMzE04yfdWzZkqK9dAomY~vhLt2pEK0AV4O9T8tRiLjgUoy3imVcBffgUzUiAKLTtA6V5LTrjoRkiArcTnhKZBidhmqgcXKOFhvhKy0WBDPdK9dDtpmwvnegyCupl6uAvl4NwTbIbybMB39X6qZehg3FvjvLX~jLi5FkgJOehkl4WxLenrPlbq6Z-fus-Eg6afwS5hZk-Wr-SgbeyQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43766%2C19769%2C197862&b=791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBW%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=EDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdP%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=728&d=90&e=&g=774f1bcbd26475852907acf81697e492%2F15003327681042682644&i=24891%2C21630%2C71725&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1703213665327&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkf1ka9hzfggpb3s5k7rg5hw7ke8q7f3209cx54x1y5zye2qth03bxbc0rcyhthrk14s5gvykksmfk19pxa85zm5tcrszp39yjb44410bejq2khjkcwekbgap2wce04t545e6xjzeb6as06zpfhktr2w9cjgmawn6jbsszg2vqf1ypm2h6rcrxxy8hh0p4jr2hv6y5s814f6jnpmcxktzf7m0nwedm8saqrfa4gf77zthz4kbr512w4tj995xn48gsnjty0qw71dpg13ycnzqax%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmYMzYPqEZZKoJOOCjuwP04y9mA6Q4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0EpMjG6qmCWrYwDoFyuBqCUAIbucQx46UdsuGvntxgjDEC8eIdxubxosEhqYbcTYe0PLF0Ln5rAurh2oWzU0aC5XEd5nH0ZSSIfabxFrb2d75vaaf8YFdaRjiD24KspUsznbEl63v-X8_X0uN5q1HVM1Z4W2aVGvCscVxnZIgrMBx-i5D5qcO0qa5CM4h0rkszAsQmu_PZMJ21UhfDZotzaXs2V50TLHdA1pXQpwLsb7ZDoKCsCFRNVSRawxqb5X1ED0ZH2KvjjtVtCIqJOABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYxr_Rq4WigwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3g-omR_KxnBiFj5rUvQGdu1yei3w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-53.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 21 Dec 2023 08:34:38 GMT
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 65988
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: lCudKaI6By3tPu1c2MTHTYBL8dlVHqnpEcZgBqKNPpTZCXt4SM0kEQ==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CCE6 0
0 165ms
77ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6wSSHz0-bZEO1ZKhIfe5je9Xgk2Js6RvDE1e3bbkqoGIQnQNCq7ryGbaIkR9F14IMfbNhN2oVnGrqC-ulCaJvb_eg9GInWlqMNDJrC3vhPjJXa0vWeb8SQZZKk1Xl_4xKISp9IiJI7YQ0cDTYx3uFLZ64z-I8k_MfAvxDGMMOM8PAv7yzha0K2qhGYs3836GkIjipBZmSuh5Q0jjy5Q1-VLnEMyeU-gTlhEInTCr8vaV33dzn_4J3YF70oce2ESODRFNMndC_5gWbjoHnDeVtsChGDyRzq1m5f1tlwTgzo2G4CHWyiXwmy8e2YAg_1X8o7cro9PQohDxuIS27BKIFJRKEMCzIZk-CrtRyLZYUmq23T-vlqN_ypQir3Uux1tzpNFSOPePYRZFQA1E9UjZX&sai=AMfl-YTC2njIGIkpg7n-MrdndQ3TaxpLOfVIxA8ocXz9gSpyASXqFLPPLbxxjcDhR2lL6v4fL9hwqbej6OtK-Jk&sig=Cg0ArKJSzEY4GVYZjcQxEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 22 Dec 2023 02:54:26 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame CCE6 16 KB
12 KB 173ms
86ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e10946c8a41518d6547baf4cff7cd6eb553fdf6600e256cadf2f610b1c2b943

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12088
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2F00 0
0 90ms
76ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsutUv-F5rLAVfDigmLMkSfk1HSCctbm_JBObV7HFdi0aL3bvvHUwwRXdDCNhYdKRGU_YsxDr965kwGYmF797URLAhLboHFZriDU8p1fKeDhYm0MQPDtjBpU7oeWZLekBoDac7aeuaggn3_RlDu1mfOG_I5QZ5FCtptIYvoNBQUe3n0t-GPftH9pvLHITmlnNOPXj4k99IL9xVBlvQ5COQi5pj79XCnkh7lTJxX9PrweHP2SdwlHgixIyRoroXc51FXzm7TU5Q-zTGoXfBnNn2fAFXV6eH_6IzxQ-1Fh0qwgnQb5yu0T34A-leUogq0cugQmx7ktIxC9br75pm_68oTEwhax5Sec2bFZV2U0MbAqh5UHE3nCztU10VbVmA6G5ThiNf35z4SoLWRA17QPfWsl&sai=AMfl-YSZJAK2IRgAGwLlOvKVGHHgT4Xk4NHGZ_NUrtb0VRTkqT9-Ar35IkyGI-Dvtf6UBqN4Dup2OfRzDTBGTiM&sig=Cg0ArKJSzGT8OuZGgNeyEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 22 Dec 2023 02:54:26 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2F00 16 KB
12 KB 101ms
88ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1f98512cbd33b5de073e8ff3f143ceaf822c283199a2e54bd914c6f2f7a8d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12093
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame CCE6 17 KB
6 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 02:54:26 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 43E8 42 B
64 B 82ms
82ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuMqXRaTwuKOxr4nPfSoFZnTl1L-nSmT92i4uHBsFKnaXfLg9YNSLWVl_xBtDkKauSWXYBBgfezHWsO0az11P1zl5-p8okU1rUIeKATScjTKtRaKI2KOQ&sig=Cg0ArKJSzPFDT5bUSPMuEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1418711512&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703213664626&rpt=456&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 02:54:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2F00 17 KB
6 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 02:54:26 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0BF7 13 KB
5 KB 46ms
41ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 49412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 13:10:54 GMT
expires: Fri, 20 Dec 2024 13:10:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F52C 829 B
1 KB 54ms
52ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3c6dd634a29e503c44a998e14d79b192f65ea26135698ca2bd845fae4428e3e8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xAGWGfOWZlAHwENJqnLrvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-xAGWGfOWZlAHwENJqnLrvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 02:54:26 GMT
expires: Fri, 22 Dec 2023 02:54:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4AE9 0
0 78ms
78ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssz1uzUBReVtXtzvnMBXg1DT4BbTSvPoOYjOrv9_vuVa3XBRVG_bRoYLr3jgrmcJ53G29VGsXNzFYHVJbmd1-lUB_O-C7b_O7MYCNB3_xdtcY4xEoaGz3kjbntLg__lpFxbktslinmQVREjTeCMIZ0alFeBgag3NwFUOhr9oGHEOVoWapI5aE-PayFvYMNwqDbMYoRsSw3MVpmiN44fjZJQ706n-76EG_STDwaFBlMS9-5iEfPfnQG7rYeC4pps6_X5dG0hTZ44v0IdWodCO4IVOAL4ZbKzwIsHJwWO8mxck_jDc4UODtVeg19yjhaf5njPqOd1VPyZcPhJUyo3DJJNs9UrjAR2GujMUz63LL2uPL4Uhmeksel3jH2raeMfkcD5GDcSxQDMuMuZGRuLnTuD&sai=AMfl-YTslsqc93IPocHGNbihfkKD3BRiB6I0tF_LFZKT4naJ7t46sefpv7Ck6qVIImaAjzxSOg6R-WVqN6qNOVs&sig=Cg0ArKJSzEhOl2GHs8MDEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 22 Dec 2023 02:54:26 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4AE9 16 KB
12 KB 93ms
93ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a341a28eb1eefd031ddca9b2cb48029cd32b08673e9db84555072076cdcde40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12377
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DEEF 13 KB
5 KB 43ms
42ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 49412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 13:10:54 GMT
expires: Fri, 20 Dec 2024 13:10:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1983 829 B
769 B 50ms
49ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a2051d1313ce6f047d7bfc41fdef8d6da4d279aa607200fe130235b6515c5dd9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bRp8N-ShPGw1lpPn6R1Gvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-bRp8N-ShPGw1lpPn6R1Gvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 02:54:26 GMT
expires: Fri, 22 Dec 2023 02:54:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F52C 0
0 73ms
73ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=414464868954654&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1983 0
0 73ms
73ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=3117365693374568&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 0BF7 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 20:47:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Dec 2024 20:47:59 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame DEEF 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 20:47:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Dec 2024 20:47:59 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4AE9 17 KB
6 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 02:54:26 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5932 13 KB
5 KB 40ms
40ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 49412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Dec 2023 13:10:54 GMT
expires: Fri, 20 Dec 2024 13:10:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6972 829 B
559 B 52ms
52ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

252b9f3f45b6d5f8f4596196b367c29d4b005704d977e6ea5f60a4dc4411d43f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lFsOAFM96Lmt1n6KmF7jOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-lFsOAFM96Lmt1n6KmF7jOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 02:54:26 GMT
expires: Fri, 22 Dec 2023 02:54:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0BF7 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?kXJO8g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DEEF 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?oAaMLQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6972 0
0 73ms
73ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=4062105731340427&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 5932 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 20:47:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Dec 2024 20:47:59 GMT

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 194ms
46ms Preflight 3.9.60.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.60.26 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-60-26.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 22 Dec 2023 02:54:26 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 88CC 16 B
209 B 95ms
94ms Fetch
application/json 3.9.60.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.9.60.26 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-9-60-26.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 22 Dec 2023 02:54:26 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5932 0
10 B 94ms
94ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?yGmnkw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:54:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CCE6 0
0 77ms
77ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=414464868954654&bg=!3t2l3ZLNAAY3kmNgF5I7ADQBe5WfOO_Sx0FQBlCI5TSH7rA2Jq-Z3YvH_tTjhuYTNcSR_E65CxVMjxoNsE3UkUEmoc7qAgAAAHdSAAAAA2gBB5kDa1Rib12C3NbhsawwW1Cv_KGm0ZkHRtK1i6qOqow1XTzjHbRLmnxeox70VkxIN2PJRVWNWulbOAfUd1KLsgfwfknEFJRNFB3LmPJARTN3zF692QWNxZ9XyCjlgEKAx4kHq9DNwuR7VE4AajvIo_AJMG9oPOIR8_4LcMKMYKyFhYX1tFY_mLRt-_jJ5x081rdULwSQWOPF2P5XRAxQp8EJuYNrLMAHRmygyWWuLA9Mt9wpHwa_ZG9c2HmzHZAcQdGp-id2Qrg21cYfKdYEr4LTSvU2cxAqUgbnaO7mV33d9aJSge70qGYX0gZIBWFSvXh0nDGBz__iFLLF-GPQSYpYPpNtbyG__VLRcfxZRmdElpaisOWyum97s-MnwDoXjFbukNYeO_8j3iq-wF6HYUbte96Kb4Iw5zZ9ix4548NwQMmT5KWR43LUKT6s5f2_hOZGeqfbAqf5FEdt75HVWraAhDADAHVhykbo77jrCSroja3HtKqA61ps8xMJTgr0wMPY1eC0s0bzx95OZBDJMz37D5hM02AAxFwuxRhgqrvs6jK7ddBNMlXu4RKqUhoPGqzm_KB1A7QI7kphIRnNnYPqUq8ZiCM1RNe-QTTw8s7g_8aKv69XDqrQR_Qrc-kdzeWqH21aj5uBnGnBYbQNfB_jXPGJGx5y8dgswUie-Wr63WZyYHNtia-Y_88xWnUa--bagWkuH67RaYA7qkdyVF7vorsIq4NeS4tJKPX5Hv6DZ_qlysgAWP5OjOUSfxnucAJiUj_9iJySSHwBXtSQG_vdY0W2zkHsFInMhRvcDh5ClWFJih8mYXMPsIkZiXAzmhrmnG309IViZCPMLOewFfKER4eJBSBYiejiHTFL6sh49ty2YV6nF-TW9ExeVwRAjVkjvL5mx56Jm2Bh-uUHnFLhkacOn6wXLsYgxJ3EtpQxzczuEfkxzojCYrOmwvwxS8IXoz_CI52dPRMsRiZNrEVE--Fa-tGGG97F_D6ZYbHUjCmGtfVECnzqLDI1VXD6-nLTGRvnNKlGBMOY3DvJZ0RnnoeQi_u5IuauDStiwGoTfFPTnH_doxNTQtVVhumdIw-n22kPZjEJlnkHIj-ZVjck_1pvFtNkbmxeryNOmjy4rb5nBZAPWUJeFLNlkHA6w6qa_9ufeqfP_NwZp8gy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2F00 0
0 76ms
76ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=3117365693374568&bg=!29il2JfNAAY3kmNgF5I7ADQBe5WfOCTL6l3eSs6Cv18Mk8qxfK5c_UJjZpexyk1TY3iTk2IsW8r68nJdw0D9uRCJVDkxAgAAAGxSAAAAA2gBBwoANRAD9RWiWS4xMZBkWpdNhvu94otoZGZoYUUgxEUdUK5w6U_0asUINc8jgbwC010TQ1wiZ6yOmQM7KLkAS937Srms17SAqiDbmhoU2-PSDNBmANBrqvi-x5e6rZy7pXwWFx0MBLnOrl_1c1HCjnvxavgdCFbdet3-V7sqg_2Rgv_KW01saMEN1TiJuE2S7drNUePr8OS8ZhkNWmedpFESh7Yl5LNy4n0SCGF3l7RtgvkpOmy7Ay44zg3zbyQJFc4p11PEfYrQfBHu6wjzbwuDTCgOfmYq74dojpkujUhgBObxhDaFR9S0GmCJUczXtr3MFqtTxP2Thmgu4fwJfNQTbOIij4KjYNF-X9XWAPjb2BGHvEMNc86_hfmbbkBMbJg1Ogx37v7pyRldprUI5q1kcDya7kVTXk-R5Zbn0jNjQaRZArOZFnoJAI8-GSptxEKSK5XIauRZu6AfG72qJPlVoDUTy5iBPa1QxojDQCNQfxeYaKQtQeSGzwcDO7qF-IjT5M3xP8CF6o7ryEz7XQd3yYRW7TPQR3or9Vse3at7yo3AqeEX8fzqb6jmcL4ugCBL-TFUnxntXTnDmfqksxcDEr0fZpxKCbOAudZxAkPOThqvDMfiiJ4HXoBvwc4Na_l7mC6r7bimwhLDxHuLrg7SL5MbRY_5mpOsYcNyKNTDh3yL2ZL6vQMYxH7fOfw9s16t0ATIkPVnHmka7ISYIezeeAnvnZQQ0BSxlWJMq2LHGvLxyRMw8Rj-KLYO3JvHiNXeWlD3vdeUYqJWvrPEfzaPBkVdTgvQQwjkHBgsFq6ZW7e8K2cCnbqlDJCtb4oKogtqI4Fs0OGXRM47WP_GQq2-veL3T0kjSW_AMO_9OnaKDPvad2Nzwr5KY_GPgiDvzrzO_DaaN0KFJnU3D41fALIwPw8x3MGUQCRi6GIcTiFM0qxrecVoL0pYQ4mla9YT14O8K9BD5VzdHDrTMwnOSdSdchAnrhFqI9O5QzxTj3tuZg_zZyYioo2h0v-D0Bknz_xedIjT7CkjYzmBCXOaECB8AjBLWV5nFgamj9rmu6NnKIFX1evFI5Rxj-DkbE0ntvao2m2pyEdGWplseS3VL-_HpkaOH7my7maLrFGB_b6cE9Mnp_JHAg_LHa_dJ7imZRrINDOrJnJ_58-dB92vOv-BavNhchc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4AE9 0
0 74ms
74ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=4062105731340427&bg=!4uGl4a7NAAY3kmNgF5I7ADQBe5WfOIvZd3LYE18hPW_4JCcbKLGhieEXsI53ASt-YHG-7e0KDmLqJm4L_6kZokdVWNXtAgAAAEtSAAAAAmgBB5kDO_mcqPtdJbbwu_Lae_-TqDxh7epMe1P6iHBE6OBENQuXLg-nn926YU8L7hphTQVa9i80RAnq9eA953ui7K6F1uvJ0xIHN9KOfQqJxGPwry9Qu_o9qWMqwYrq4hfhGvT6whZZXQWG_KGfrhBSBWHtRNQ7czCNKHdO1qrYWlLLvXQcP5i8CcoE3Vh3LO5iI3gq2sohKx5LsN4fa7Aq0SRBhS4sj7OW4wCsvt6AmGRO0lesm6p838D1SCcXfko4kJuON2CSeV-kks0wKJNbS17F0aHKeHtROlui3Qq7j40twMll4re6lgD0w0o4deM8ov2ruYM7qpmr7vE531qPsSqQP_qY2i0mGGMn7G85kbOk15cKSi4PXhYVGk5DF5G5o70lPQT2g8uC2odOQnl9BOC60NlQJUmIL9A5rxrhlQD5IjsBr3RO64TFCZElguZEz-qS8ogrf41ggnQTGsOlVvuADNKRvqj4k7L3bZzpoquhl9i5hGMrEjdYjoMbNHKuSIgQjX5PYWarz6_KgR927_GTFZzAiqm0nlN8mn4ihyl8b5Kr5_I-637bmNi61P1reXEgjgNU9BZbvqnk2XYGtGqL7_U8HZRYqmiVhups-dtfZVWbzW8g0VfRZw6Z87OxtgLVq1k1w-u66ToCmZOeMxsqGrmKa029VPDifwvRZahCVUkhIHxbdr8eFj5wxb-CHFeib9sa9JRgd6ygu4O2xemfvGvSecIwJU4lSg9wIag2aexCn7zPmE4JgupF0Wwpd7epkxTDDSzcPvNXTztGad7HYZ_occSgqn4WCRH7OXT1ixobHXEjk-E4HrN5PeKfRXSErwQuz_An2eXcEARG7Lmo4VwoZtk0EL2ePuoPyT-kNAZkVyzRo_nETc6BYF5Ce6KJOOl04JA4otjpCa_-tBvCAvBxrDjrKKWISCLdqyURz6msLrSkmwZrIjV2zLj0-ZznH021JfApFhd24DmpsmwyFtWm44_ZWa20lYqUgP5rH8zQz8Bj7bRtuNfMB0l-qCtYPUk4osri2FThhCNUkG-zuC9m9iNuebno4HCdMp1nqHWiTXwHAmpl2A0Ehh0glFZtZ__wtPTPSgsHmT61
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4AE9 42 B
64 B 77ms
77ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvvZ0O4CLtnT0rF6tewzwHNgzOE29b8bYU1vktVJN3LcP1kC1nzpv5FZ1cPWwfF7yHVClK9MiFrguCS42ChMWRGlw2hoF3mc8LE8iGHgNIyL8XJJyY0mk2Stu0f4RHMjfMXGLRqB1o8pgRLj97Uni36hg&sig=Cg0ArKJSzKeyAYVm_whGEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1412529771&rs=1&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703213663880&rpt=2315&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 02:54:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ad4m.at/cookie-frame.html	1970-01-20 17:50:05	Name: userId Value: 5tC-VI9SQMqehewspmyXpKAsKaMXhe6r
.statcounter.com/	1970-01-21 02:42:53	Name: is_unique Value: sc12916097.1703213661.0
.statcounter.com/	1970-01-21 02:42:53	Name: is_visitor_unique Value: 1703213661188001759
.xgcartoon.com/	1970-01-21 01:52:29	Name: _ga Value: amp-6W2ulUToPtze1wVOie-twQ
.adfarm1.adition.com/	1970-01-20 19:16:29	Name: UserID1 Value: 0
.doubleclick.net/	1970-01-21 02:28:29	Name: IDE Value: AHWqTUmmqeEk2CH46LdWYTlPQiHkEXLtUEaJU4KqaluyV4G45BE6BeEjCMs90Z6JMQc
.casalemedia.com/	1970-01-21 01:52:29	Name: CMID Value: ZYT6YUGY1yf-pRRGZPLVUgAA
.casalemedia.com/	1970-01-20 19:16:29	Name: CMPS Value: 1170
.casalemedia.com/	1970-01-20 19:16:29	Name: CMPRO Value: 1170
.adnxs.com/	1970-01-20 19:16:29	Name: uuid2 Value: 8089145404638764277
.adform.net/	1970-01-20 17:51:32	Name: C Value: 1
.simpli.fi/	1970-01-21 01:53:56	Name: suid Value: C26A6CA088824365B534F9EE3D1C6A1A
.yahoo.com/	1970-01-21 01:52:51	Name: A3 Value: d=AQABBGH6hGUCEKfHtnse3SUrdV7rxLLNEswFEgEBAQFLhmWOZQAAAAAA_eMAAA&S=AQAAAuv1FwapM6ubPMYOSkYl4IA
.1rx.io/	1970-01-21 01:52:29	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-4b10703a-2423-4e8a-8361-f61d287a3250-003%22%7D
.adform.net/	1970-01-20 18:33:17	Name: uid Value: 7018798748426719541
.csync.loopme.me/	1970-01-20 19:17:56	Name: viewer_token Value: 3c4040df-8d9d-4aec-beb0-1c833ee1ba3a
.de17a.com/	1970-01-21 01:45:17	Name: guid Value: 1.3070446900153967918
.turn.com/	1970-01-20 21:26:05	Name: uid Value: 9004498559720892669
.tribalfusion.com/	1970-01-20 19:16:29	Name: ANON_ID Value: a4ntuJSZdIijSTnMSXONpaCCgDH9NY9DeHelbieYlveyFvAZaWsqTEMpWLfZaad7yap1ZaJ8hcxYTK2S8HpaGbIeeQkF
.targeting.unrulymedia.com/	1970-01-21 01:52:29	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-4b10703a-2423-4e8a-8361-f61d287a3250-003%22%7D
.awin1.com/	1970-01-20 17:11:12	Name: awpv11354 Value: 412871\|1703213665\|6aa83390-a075-11ee-bd07-2236e1f32b64
.awin1.com/	1970-01-20 17:09:46	Name: awpv14702 Value: 412871\|1703213665\|6aa94500-a075-11ee-bd07-2236e1f32b64
.awin1.com/	1970-01-20 17:09:46	Name: awpv20044 Value: 412871\|1703213665\|6aa96c11-a075-11ee-86a2-223889379c61
.doubleclick.net/	1970-01-20 21:26:05	Name: APC Value: AfxxVi5uCRMTrBUMATBg6oM9tGqwaZV7mFK4dg5bxJMzIkFdkjIsTg
.awin1.com/	1970-01-20 17:16:58	Name: awpv11938 Value: 412871\|1703213665\|6abaf840-a075-11ee-8661-22610dd0df18
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
www.conrad.de/	1970-01-20 17:11:12	Name: HTLP_timestamp Value: 1703213665776
www.conrad.de/	1970-01-20 17:11:12	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 17:06:55	Name: __cf_bm Value: dNFWBeNVJD3LKmQofw9lJySiTYxR_uFpriK_EcoPeK8-1703213665-1-AUUBG3CzgSm1ajexVbSVyT1SQvvQ/Da5iDBq5mIeN+JIhBuLbXyPfwhZsagPGQUuVV2LYns45rikzaU/LTwg4Qs=
.congstar.de/	1970-01-20 17:17:02	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1703213665_6abaf840-a075-11ee-8661-22610dd0df18%22%2C%22sp%22%3A%22awin%22%7D
.o2online.de/	1970-01-20 17:16:58	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTcwMzIxMzY2NnZsZWExZGUyMDIzMTIyMjAzNTQyNTkxNTIwOTEzMDkxWDExNzY3OVYxMjI2MTMyNzAyTVN2aWV3b25laWRra0RhNWYzZmtRMXU0SHdIZXRCdFZWV2ZaU2pUbW1BYTkxWWVvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTIxX0JFU1RQRVJGT1JNRVIxMTc2Nzk
.o2online.de/	1970-01-20 17:16:58	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 17:16:58	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023122203542591520913091X117679V1226132702MSviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTcwMzIxMzY2NnZsZWExZGUyMDIzMTIyMjAzNTQyNTkxNTIwOTEzMDkxWDExNzY3OVYxMjI2MTMyNzAyT

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Message: Refused to execute script from 'https://imagesrv.adition.com/1x1.gif' because its MIME type ('image/gif') is not executable.
security	error	URL: https://3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0 Message: Refused to execute script from 'https://imagesrv.adition.com/1x1.gif' because its MIME type ('image/gif') is not executable.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network	error	URL: https://track.webgains.com/link.html?wglinkid=2370525&wgcampaignid=1384975&wgprogramid=265645&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ky6g4w9ry416ama632529zmh8de6w58pbptmwg3deyy2k245eqepxfcgvhpwfshy2h4e3z39m4j6x95h8fhej85r8vsfwrehyw6a12z9zp41venjs7tv1wafb5vrnsbt0m8pfhzmr5k5dna65ms2qxf6kryh5xb9bp7jpm9fgsq9rcw9kj6n9whbsm8x2cedxhhneywme0a9xan5bqc76392z4qcagbw4vnjnn1rcn8bjkf46x2sbg4m745802t45s8y%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jfpag63yzjyka8hjex2m5t7d4jdz4g856pvzh5p24twp5mmj8j057dw7tk7d3g0q1wxveyehv31fwxg1stvj8535rmq9b7y3b5be2qzwbvwanc7624ksgr7gxrjgdehhbbed88dstqvfm7emf5en0xk5fvzgfsz1y5gs21dsamwb6wnpav4qyam2sv8hsfrhj3fzh06j0cfk5exb02bs3035h8r7mqjxsfaarj8vfrfgcgzred7wewraz0h197j2n8dw43vths72w71m34yrnw6%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCyuRDYPqEZeuEKISBjuwPgNyfyAqQ4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0Op5dP-vux1U7l9bjTOpZPikHKcE4HtnEE3Ds_H2R9x_jOg0KK08vRDd6OuKcg7ZNOQF7YDaQcHLISBCtThXnqBAThbUGl7rri_iX81m392cSGgz0OpSc2tEp-THgYn-nvqlYrj0IFrChDOIfWOgiKn4R8V2rKY1Ae4W4aTjZrfLk_KUAIDamntOVUps1snPwE9wgB3caH7PS77or9Sk9oINORAnfXqm3cKKuuflmnQ-46GqEvTuAnoEiX2hE74nH6diXmXOHJMhMyAqswCABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYjpjVq4WigwP6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2dYQn-8eqxoaXKUD8kIbpNY3Kzjw%252526client%25253Dca-pub-5884294479391638%252526adurl%25253D&clickref=oneid9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneidZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://track.webgains.com/link.html?wglinkid=3118461&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gap7zrdg3k9e5a6tc8acr9kxqq5s9qbv213mbf1ht0p34fdnwkbkm3f60mftmz0f6h47g7ccd5q7vcqgx0agpxsvmzcme7022np37szrjzn9gtcz905e6cbvnte9zxk610ytcbax00pg4qqrahypvmvnwpch84vhzf8rp55ngqt3x0dpzzyp2bz57azqgk4bfb6ar7b1e10m3mt70nkr019wdedag1w4gsyawfk2n4rggz7e36nc7v8vnp2q3sd112g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hkf1ka9hzfggpb3s5k7rg5hw7ke8q7f3209cx54x1y5zye2qth03bxbc0rcyhthrk14s5gvykksmfk19pxa85zm5tcrszp39yjb44410bejq2khjkcwekbgap2wce04t545e6xjzeb6as06zpfhktr2w9cjgmawn6jbsszg2vqf1ypm2h6rcrxxy8hh0p4jr2hv6y5s814f6jnpmcxktzf7m0nwedm8saqrfa4gf77zthz4kbr512w4tj995xn48gsnjty0qw71dpg13ycnzqax%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCmYMzYPqEZZKoJOOCjuwP04y9mA6Q4YGEXLaoworwAsCNtwEQASAAYJW6_YGUB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIDIRZit3WyPqgDAcgDAqoEzwFP0EpMjG6qmCWrYwDoFyuBqCUAIbucQx46UdsuGvntxgjDEC8eIdxubxosEhqYbcTYe0PLF0Ln5rAurh2oWzU0aC5XEd5nH0ZSSIfabxFrb2d75vaaf8YFdaRjiD24KspUsznbEl63v-X8_X0uN5q1HVM1Z4W2aVGvCscVxnZIgrMBx-i5D5qcO0qa5CM4h0rkszAsQmu_PZMJ21UhfDZotzaXs2V50TLHdA1pXQpwLsb7ZDoKCsCFRNVSRawxqb5X1ED0ZH2KvjjtVtCIqJOABrnqssHX0466vgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYxr_Rq4WigwP6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3g-omR_KxnBiFj5rUvQGdu1yei3w%252526client%25253Dca-pub-5884294479391638%252526adurl%25253D&clickref=oneidEDbhDfEfRDqFzHAHjt6C3BqfKSVTYYgSBgdPoneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid791CqfzfGk6urHXHgtAtWJBH4S1TQQ2f2kBWoneid__suite_Netmix_Reach121_BESTPERFORMER Message: Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3aae2c438d98114d442ad7e5e4333a93.safeframe.googlesyndication.com
a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ad4m.at
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
c.statcounter.com
c1.adform.net
cdn.ampproject.org
cdn.track.production.webgains.team
cm.g.doubleclick.net
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dsp.active-agent.com
dsp.adfarm1.adition.com
dspcluster.adfarm1.adition.com
googleads.g.doubleclick.net
image6.pubmatic.com
imagesrv.adition.com
match.360yield.com
match.adsrvr.org
pagead2.googlesyndication.com
partner.o2online.de
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
pv.medialead.de
r.turn.com
region1.google-analytics.com
s.tribalfusion.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-a.xgcartoon.com
static-de.ad4mat.net
sync.1rx.io
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
www.awin1.com
www.conrad.de
www.google.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
www.xgcartoon.com
x.bidswitch.net
104.20.94.138
142.250.185.70
142.250.186.130
167.233.13.224
169.150.222.217
172.64.151.101
178.250.1.9
18.185.219.207
18.66.147.52
185.89.211.84
198.47.127.19
2.23.68.89
2001:4860:4802:34::36
213.155.156.180
217.79.188.10
2600:1901:0:76b9::
2606:4700:20::681a:3f3
2606:4700:20::681a:61b
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700::6810:c0cb
2606:4700::6812:18ad
2a00:1450:4001:800::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2004
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a05:d018:d29:3602:897:817d:b550:36d6
3.9.60.26
35.176.134.178
35.204.158.49
35.214.218.94
35.71.131.137
37.157.2.229
46.228.164.11
46.228.174.117
54.76.229.46
81.17.55.122
84.200.5.215
85.114.159.66
85.114.159.67
85.114.159.93
87.118.116.9
91.121.248.44
99.86.4.53
00ec1365c05b2843c4e57ff0b5006e9501b19c4138d7d1286a7d42ab133b0d03
013c46bb69056b44df46c3a4d22b3b4ec4eb52aa2d8253019988ffe1494caf7f
0478d8885cc21ba5f73900c13eb666e11c8ab9b5b749836cf55355405ab0e278
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cc4300a9fffaf77f0abe572bc905ccd085437d5f6511057f2078caecace10ed
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
10a9496c968fb01e420759b953e1c683c7620261d4d04ae9a290d42dd63d4455
1126261762db36bce53560ac36f5ede1954662d33a6d6eeb62d84b715070e7bc
19a08b09f1fba87ded2b0c479fac3cd05aa481c8703a29590aebf31ff7c4b16e
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e2aa31ea0b4c14103915ba7d906536f68d021c22d3038b36c145bc2e6a2cc1d
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
252b9f3f45b6d5f8f4596196b367c29d4b005704d977e6ea5f60a4dc4411d43f
25d794f257954acca3b1b22a6c0555cac34e70394a4b822ec0d3baae19f30a09
293c77c6050e6d5b873a388ca5533ee4aedfb9c7a44d25fd89e22bb38cb44f86
2a341a28eb1eefd031ddca9b2cb48029cd32b08673e9db84555072076cdcde40
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669
2a9e1eedba53e281f772796dd83eb2280b1a1c1c1c9ebd114d5bb7499fde7bdc
2dfc3120b346b740f323485e3711448804353c1c5c213ec822a6ff76e0c7b8ad
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
362d7d4efa2a8e7abdd16b9164e7f83633a72844408450ab55fe3071c07f9c03
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254
3b8fd957271a7089ccbf728bf63e93fd5de3d78b076ad856a91bed46b09d5abf
3c54442f21c2cbd18f8e6e2508129e77dab00b67022621679202cfe3b9baa4e9
3c6dd634a29e503c44a998e14d79b192f65ea26135698ca2bd845fae4428e3e8
3caf8f65729ece5b88a5d80c2ed78cc766a7effba9e2698074fb570496ce8a58
3dd5bb9fda081a3cb1bd6d513edb1a71746031bec07d8c646abe5813ba9dd4c4
3e56a2057a66a746d21671d7610be971886c8b179de9249f01d90b6709f29c91
40df2b78182e4ea8c29b45c73a0e7bef10dc5ab61798ce22238d039d2bd81b92
41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37
4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7
43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28
4644c8170155f76f5c8812e6de5625011b0dab3ea1dccc9ea1df6ead950243c1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d1c3afbe864e51bf70e7ae493a7d5ee1670309ec2675b0e5ed9cbdcb922cdcf
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e0a4289c14676dfc0f0a4e67406c4e3925a4560aafd34c364352307b215dce8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
58d77df73010ae57c1f0f3c873844964f92c7f70120b00d725f66ca8f8ae9cfd
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
6131dc1f5f4917d39d60cc5a0acdf6cc86983144801036d6a6dfde7e265a1b00
617175475dd7762c2557066f330446636c982b371b142462cf7b4cd7c395f79a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
69821fdc7af33beced8acdd1e0ee62b20b39b03f045b7c48bdf12e5f78375d50
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
709080eec057252bf0cd0c7385575345ca010c18737ab8d2d60eec953ec99b7c
733f3312d0a6ea385c56131985cad375dd697cfb4a810621a33269e67ea2ede3
7493a7c48c602e4ce573f3f5ddb03736ed23af2f1cc182948dc37ba7b5b9c0c7
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b
8013407130f3d1c34679b5d4a3ca7d56ce95e0a656d501bf0920e8bd8732b6a3
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2
83af0c09a4f51158ec41f22995415aad509db6ef38d91c7feda2503acf5c49f6
873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d
878a2cd75957206fa5958be9c549e0b8f9adf16b6ae5aa305b1405649f2d84a5
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc0b8445f80ad134748d7c83953db4326302247a34ba6fa2239b61836930842
8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad
925d479a9efda6360ac4a240166c2f4e74c3d6360444433b6c12ff505189bbfe
94aea748a7ee24920e714e2e7f90b23d48298e7a79ae1c666308e020ab157a3f
95c16229b4093d6c3072a6d73fbdd307b44c240500ef2fa6b2db7d11901d51f0
95f9669f86fe28fac80e3a754575893953ce4880b37490c44fb603257ccfd95b
9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66
991527057c4c620bf47ba162dfcb358e253067b2546112b6e0547d70729baeef
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9afa63af9964d85659ddd2f43fc165552d9519afb064c00a824e4c883aa9bb01
9e10946c8a41518d6547baf4cff7cd6eb553fdf6600e256cadf2f610b1c2b943
a0267ff9e8e76422602cbafb9535cce4d7da459634ad7fa463c6b9c75cc6de34
a2051d1313ce6f047d7bfc41fdef8d6da4d279aa607200fe130235b6515c5dd9
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1
a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e
a79928b73546a82e1cc99c47ce7426b913cf6738903430099df7934ca7cdf06c
a8d2d5901c583b96eca1451b01e2f83e067c6423953a35b833bf5886482103cf
a9c679b12158e52c9347a6357a3b758839aa2eade1b287c196da02edf772d866
ac79466527bbddc1f62ebc9439506bf48c8c6f19cfbb8e2bb71541c45e0e032d
af4196cab4bab6f2452bac47a71954efd5da7cb4544428d5c305af3876bbce44
b96cfbd69a218f70655dcef6405c3fbc4e6c90c41030ec5d38232510697b0404
bb22b6f1eaa16879c8550599bc09f556bba897ecd3826a49db742558c1e0751a
be3c6af903c221d812422349dfab92cbda69943b48eea17636db3fc307531282
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5
bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447
c0354c512fe9ac534670f42761c954a5cb683ae7a1c74b6e93e866113cc76863
c1f98512cbd33b5de073e8ff3f143ceaf822c283199a2e54bd914c6f2f7a8d60
c4eb454ca1005c72043e4b1f8196fcef86740068a2cd7fbf8a8e4a9ae74e81db
c7f7f5265aeb0202ce88e8a6dfcc0ca25a7b990bb9ffac2f9e430ae6af2b6154
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9cd13c76220a76e98fa526ef274e04c74830901e5cc8eaca803cd4c8ff17178
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cab518d71ed7b450b7c83f3ceffcd17f4fbc2b40916d88b016baa277a6b94dc7
d276da068fea1049fbb29d0aaeda5b9fa8a38e50b3f55741ffe2899cd52e6d5d
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8
d50653c6b567749e8af96b01371c0830a1ab0731ac3e13230bc12913e00c4f52
dca1a0dc1f2b52f18cf46789de016d2937b1829b3f2db9a19aa78f31a9694e5a
de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421
de6f3845be49878afb5314dd5297e48423a4e952b0ad7fc367627de0338d49d7
e0435079f9a4a1280a9ccfbb593d29768c3f96b4cd7b0c6ee2134f820b5f65cf
e23b6f4539643a37f0d615a630a76fc48571ebb8b0a9219ad38b4827a60ee18c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40d97b983b5756bf934b6b97d8d3fbb7cd719406bf82fee6e8a2c1acced376d
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348
e69919ed1f9c4370d6b057d29ed0c03ed5ffb06a3d2a392d493a5f5da056873b
e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212
ea4703fd5139975d9eb25423036d2c25824a2388367d6739a548a5770ecdd4aa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6465336b565dbdd8b06a7e6c1ceada445cbeedbc2e9b4d5fea58ec154633a4
f8d1dcfecd75072e5d920d31a9965c616a7a09d98ecd25071e3d62b2aff4329b
f9c3bb28a6e6eab6fa5de75a854147165a0c7bd7e872387183ed079646e3f22b
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd
ff4668b4b46ded69f5e105279647a0c7d41e331c824b193ff1d2825b9907f9d9

www.xgcartoon.com Open in urlscan Pro 169.150.222.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

209 Requests

91 %HTTPS

35 %IPv6

39 Domains

53 Subdomains

38 IPs

10 Countries

2777 kBTransfer

6920 kBSize

33 Cookies

1 Outgoing links

Redirected requests

209 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.xgcartoon.com Open in urlscan Pro
169.150.222.217 Public Scan

Screenshot
Live screenshot

Full Image

209
Requests

91 %
HTTPS

35 %
IPv6

39
Domains

53
Subdomains

38
IPs

10
Countries

2777 kB
Transfer

6920 kB
Size

33
Cookies

209 HTTP transactions
14 data transactions