www.xgcartoon.com Open in urlscan Pro
169.150.222.217 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.xgcartoon.com/
Effective URL:
https://www.xgcartoon.com/
Submission: On January 22 via api (January 22nd 2024, 5:25:00 pm UTC) from US — Scanned from DE

Summary HTTP 446 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 54 IPs in 11 countries across 46 domains to perform 446 HTTP transactions. The main IP is 169.150.222.217, located in Hong Kong, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.xgcartoon.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on September 24th 2023. Valid for: a year.

This is the only time www.xgcartoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	169.150.222.217 169.150.222.217	60068 (CDN77 ^_^) (CDN77 ^_^)
13	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	104.20.95.138 104.20.95.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
51	2606:4700:20:... 2606:4700:20::ac43:47bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
32	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
49	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
61	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
21	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
15	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
14	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
1 3	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
3 3	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
6 42	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
4 4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
3 3	185.89.210.82 185.89.210.82	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	35.214.205.187 35.214.205.187	15169 (GOOGLE) (GOOGLE)
3 5	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
1	213.202.235.9 213.202.235.9	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	2600:9000:25a... 2600:9000:25a2:a800:3:4706:a6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:249... 2600:9000:2491:4e00:1b:f040:3600:93a1	16509 (AMAZON-02) (AMAZON-02)
2	154.58.197.185 154.58.197.185	174 (COGENT-174) (COGENT-174)
28	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	2a05:d018:d29... 2a05:d018:d29:3602:5ae9:3b9c:4769:a477	16509 (AMAZON-02) (AMAZON-02)
6 6	37.157.2.230 37.157.2.230	198622 (ADFORM) (ADFORM)
4 4	216.52.2.86 216.52.2.86	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
3	2600:9000:219... 2600:9000:2190:b800:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	178.32.210.231 178.32.210.231	16276 (OVH) (OVH)
3 3	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.255.141.62 34.255.141.62	16509 (AMAZON-02) (AMAZON-02)
2	3.76.149.124 3.76.149.124	16509 (AMAZON-02) (AMAZON-02)
2 4	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
3	35.214.149.91 35.214.149.91	15169 (GOOGLE) (GOOGLE)
3	35.227.252.103 35.227.252.103	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
1 1	52.57.164.72 52.57.164.72	16509 (AMAZON-02) (AMAZON-02)
2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:cb40:200... 2a02:cb40:200::242	20546 (SOPRADO-ANY) (SOPRADO-ANY)
1 2	23.56.205.163 23.56.205.163	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:c0cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	147.135.143.66 147.135.143.66	16276 (OVH) (OVH)
1	13.42.201.144 13.42.201.144	16509 (AMAZON-02) (AMAZON-02)
1	13.224.103.78 13.224.103.78	16509 (AMAZON-02) (AMAZON-02)
1	18.165.183.89 18.165.183.89	16509 (AMAZON-02) (AMAZON-02)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2	18.196.137.47 18.196.137.47	16509 (AMAZON-02) (AMAZON-02)
1	54.37.204.178 54.37.204.178	16276 (OVH) (OVH)
2	18.171.41.162 18.171.41.162	16509 (AMAZON-02) (AMAZON-02)
446	54

6 169.150.222.217 (Hong Kong, Hong Kong) 1 redirects

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-222-217.datapacket.com

www.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.95.138 (None, )

ASN13335 (CLOUDFLARENET, US)

c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2606:4700:20::ac43:47bf (United States)

ASN13335 (CLOUDFLARENET, US)

static-a.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

61 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.0.66 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 172.217.16.194 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.251 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.82 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.214.205.187 (Groningen, Netherlands) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 187.205.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.64.151.101 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.122 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.9 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:25a2:a800:3:4706:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cti.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2491:4e00:1b:f040:3600:93a1 (United States)

ASN16509 (AMAZON-02, US)

ads.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 154.58.197.185 (Spain)

ASN174 (COGENT-174, US)
PTR: staticip-hv4m185.hispavista.com

t.hspvst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3602:5ae9:3b9c:4769:a477 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.2.230 (Denmark) 6 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.52.2.86 (United States) 4 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2190:b800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.32.210.231 (France)

ASN16276 (OVH, FR)
PTR: ip231.ip-178-32-210.eu

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.91.62.186 (Groningen, Netherlands) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.141.62 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-141-62.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.76.149.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-149-124.eu-central-1.compute.amazonaws.com

i.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.214.149.91 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.164.72 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-164-72.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:cb40:200::242 (Germany)

ASN20546 (SOPRADO-ANY, DE)

t.adcell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.56.205.163 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-205-163.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:c0cb (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.135.143.66 (Montpellier, France)

ASN16276 (OVH, FR)

netzwerk.uppr.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.42.201.144 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-42-201-144.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.103.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-78.zrh50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.183.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-89.zrh55.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.137.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-137-47.eu-central-1.compute.amazonaws.com

www.eprimo.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.37.204.178 (France)

ASN16276 (OVH, FR)
PTR: 178.ip-54-37-204.eu

ht.uppr.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.171.41.162 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-171-41-162.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
122	googlesyndication.com 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157 pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com	2 MB
90	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 ad.doubleclick.net — Cisco Umbrella Rank: 163	534 KB
57	xgcartoon.com 1 redirects www.xgcartoon.com static-a.xgcartoon.com	3 MB
40	criteo.net static.criteo.net — Cisco Umbrella Rank: 657 csm.eu.criteo.net — Cisco Umbrella Rank: 8850 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9386	238 KB
34	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 29340 ad4m.at — Cisco Umbrella Rank: 11475 assets.ad4m.at — Cisco Umbrella Rank: 41583	308 KB
16	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	1 MB
13	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 410	260 KB
12	google.com www.google.com — Cisco Umbrella Rank: 2	4 KB
10	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	257 KB
9	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 8778 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10462 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 15457	120 KB
7	w55c.net 1 redirects cti.w55c.net — Cisco Umbrella Rank: 3573 ads.w55c.net — Cisco Umbrella Rank: 13720 i.w55c.net — Cisco Umbrella Rank: 1530 pm.w55c.net — Cisco Umbrella Rank: 875	96 KB
6	adform.net 6 redirects c1.adform.net — Cisco Umbrella Rank: 583	4 KB
6	adnxs.com 5 redirects secure.adnxs.com — Cisco Umbrella Rank: 490 ib.adnxs.com — Cisco Umbrella Rank: 253	6 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 497	3 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 843 r.turn.com — Cisco Umbrella Rank: 4167	2 KB
4	lijit.com 4 redirects ap.lijit.com — Cisco Umbrella Rank: 671	3 KB
4	rubiconproject.com 4 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 381	3 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 28599 api.webgains.io — Cisco Umbrella Rank: 69568	19 KB
3	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 125344	181 B
3	openx.net rtb.openx.net — Cisco Umbrella Rank: 625	424 B
3	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 373	705 B
3	simpli.fi 3 redirects um.simpli.fi — Cisco Umbrella Rank: 856	2 KB
3	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 662	713 B
3	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495	2 KB
3	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 707	1 KB
3	travelaudience.com 3 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5893	969 B
3	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 764	1 KB
2	eprimo.de www.eprimo.de — Cisco Umbrella Rank: 230444	3 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 412	1 KB
2	uppr.de netzwerk.uppr.de — Cisco Umbrella Rank: 241191 ht.uppr.de — Cisco Umbrella Rank: 127060	6 KB
2	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 16092	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 874 s.tribalfusion.com — Cisco Umbrella Rank: 2405	1 KB
2	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 805	207 B
2	hspvst.com t.hspvst.com — Cisco Umbrella Rank: 324838	2 KB
2	loopme.me 2 redirects csync.loopme.me — Cisco Umbrella Rank: 897	869 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 69384	15 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 55633	2 KB
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 86865	494 B
1	adcell.com t.adcell.com — Cisco Umbrella Rank: 57836	460 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 357	149 B
1	360yield.com match.360yield.com — Cisco Umbrella Rank: 1918	199 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 742	45 B
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 13028	60 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3445	104 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2029	256 B
1	statcounter.com c.statcounter.com — Cisco Umbrella Rank: 10394	469 B
446	46

	Domain	Requested by
61	pagead2.googlesyndication.com	740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com pagead2.googlesyndication.com securepubads.g.doubleclick.net www.xgcartoon.com 31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com s0.2mdn.net
51	static-a.xgcartoon.com	www.xgcartoon.com
49	tpc.googlesyndication.com	740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.xgcartoon.com 31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com googleads.g.doubleclick.net pagead2.googlesyndication.com s0.2mdn.net
42	cm.g.doubleclick.net	6 redirects 31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com googleads.g.doubleclick.net
32	securepubads.g.doubleclick.net	cdn.ampproject.org www.xgcartoon.com 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
21	static.criteo.net	ads.eu.criteo.com
16	www.googletagservices.com	740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com 31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com googleads.g.doubleclick.net
15	imageproxy.eu.criteo.net	ads.eu.criteo.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com 31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com googleads.g.doubleclick.net 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
13	cdn.ampproject.org	www.xgcartoon.com cdn.ampproject.org
12	ad4m.at	as.ad4m.at ad4m.at
12	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
12	www.google.com	tpc.googlesyndication.com 31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com googleads.g.doubleclick.net
10	assets.ad4m.at	as.ad4m.at
10	s0.2mdn.net	www.xgcartoon.com s0.2mdn.net
10	740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com	cdn.ampproject.org
6	c1.adform.net	6 redirects
6	www.xgcartoon.com	1 redirects www.xgcartoon.com cdn.ampproject.org
4	ap.lijit.com	4 redirects
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	pixel.rubiconproject.com	4 redirects
4	csm.eu.criteo.net	ads.eu.criteo.com
3	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
3	rtb.openx.net	googleads.g.doubleclick.net
3	x.bidswitch.net	googleads.g.doubleclick.net
3	um.simpli.fi	3 redirects
3	s.ad.smaato.net	googleads.g.doubleclick.net
3	pr-bh.ybp.yahoo.com	3 redirects
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	secure.adnxs.com	3 redirects
3	onetag-sys.com	2 redirects
3	ads.travelaudience.com	3 redirects
3	cms.quantserve.com	1 redirects 31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com googleads.g.doubleclick.net
3	rtb.nl3.eu.criteo.com	740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
3	cat.nl3.eu.criteo.com	ads.eu.criteo.com
3	ads.eu.criteo.com	740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com googleads.g.doubleclick.net
2	api.webgains.io	analytics.webgains.io
2	www.eprimo.de	netzwerk.uppr.de www.eprimo.de
2	eb2.3lift.com	2 redirects
2	www.awin1.com	1 redirects as.ad4m.at
2	image6.pubmatic.com	googleads.g.doubleclick.net
2	r.turn.com	googleads.g.doubleclick.net
2	ad.turn.com	2 redirects
2	i.w55c.net	googleads.g.doubleclick.net
2	t.hspvst.com	googleads.g.doubleclick.net
2	ads.w55c.net	googleads.g.doubleclick.net
2	cti.w55c.net	googleads.g.doubleclick.net
2	ad.doubleclick.net	www.xgcartoon.com
2	csync.loopme.me	2 redirects
2	31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ht.uppr.de	as.ad4m.at
1	ssum-sec.casalemedia.com	1 redirects
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	track.webgains.com	as.ad4m.at
1	netzwerk.uppr.de	as.ad4m.at
1	www.conrad.de	as.ad4m.at
1	t.adcell.com	as.ad4m.at
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	pm.w55c.net	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	match.360yield.com	googleads.g.doubleclick.net
1	ssbsync.smartadserver.com	googleads.g.doubleclick.net
1	m.exactag.com	31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com
1	dclk-match.dotomi.com	31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com
1	region1.google-analytics.com	cdn.ampproject.org
1	c.statcounter.com	www.xgcartoon.com
446	68

This site contains links to these domains. Also see Links.

Domain
cn.xgcartoon.com

Subject Issuer	Validity	Valid
*.xgcartoon.com AlphaSSL CA - SHA256 - G4	`2023-09-24` - `2024-10-25`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-05` - `2025-01-03`	a year	crt.sh
xgcartoon.com GTS CA 1P5	`2024-01-14` - `2024-04-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-03` - `2024-02-28`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-27` - `2024-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
quantserve.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2023-04-03` - `2024-05-03`	a year	crt.sh
*.w55c.net Amazon RSA 2048 M02	`2023-05-29` - `2024-06-25`	a year	crt.sh
ads.w55c.net Amazon RSA 2048 M02	`2023-07-19` - `2024-08-16`	a year	crt.sh
*.hspvst.com Gandi RSA Domain Validation Secure Server CA 3	`2023-11-21` - `2024-12-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2024-01-18` - `2024-04-17`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
adcell.com Certum Domain Validation CA SHA2	`2023-07-28` - `2024-07-27`	a year	crt.sh
netzwerk.uppr.de R3	`2023-12-21` - `2024-03-20`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-10` - `2025-01-10`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
eprimo.de Amazon RSA 2048 M01	`2023-04-29` - `2024-05-27`	a year	crt.sh
ht.uppr.de R3	`2023-12-03` - `2024-03-02`	3 months	crt.sh

This page contains 60 frames:

Primary Page: https://www.xgcartoon.com/
Frame ID: 77B86A96C889BE01A88C256197A30442
Requests: 86 HTTP requests in this frame

Frame: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 2A40A12D4A6EAB4A8A94EBD7B942E3F8
Requests: 9 HTTP requests in this frame

Frame: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 1DC7E4C14DE1A3A58D3496ED156A24B8
Requests: 11 HTTP requests in this frame

Frame: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 345D6CDD0E2A826DCCDE4D4D73BDD2E3
Requests: 12 HTTP requests in this frame

Frame: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: CB66C1959E0BAC4DFEC809C9FA82CEDF
Requests: 7 HTTP requests in this frame

Frame: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: DC39EA9F456FA16BAF4DB7D033366B6B
Requests: 11 HTTP requests in this frame

Frame: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 3F10CAC4D5D4A67D6B7AF36616BDE554
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Za6k5QABXNAIu8AAAA1VI7Vy9JSelRrUXJLQ7w&u=%7CE%2FDxOxr7%2FjL0dXJsh9WWUkfDh9K3sIz8ZjyraKmxSZY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeh-9e0_zoWZIcGk1DbR3RxDJZtNkSd2Nl9qAWN4w5HcTTXVVvjvZdWDE5AkQsFM-s04nUS83gDXEIlUeeMjEYgbdjWE8aJ-2xUN8KIF8iOB4sgu5XgdQLrLpseaUAtNUCR5rS_OSqSuhHzFIU1kRicK3JV0ohlRHYQldLUQySEB3ORIOWggrHOL-dc0e9eCqD-u11W-MIPRjPriCHuVDonuMOqPkvQauTLUF32Jzc7zZJD44IWs0cE1yLEQJSndCgc1TSqxOIHuMGtCU3RUvFz_1aBiW5Wd9hBSzYQddCmBxfb7RmvSOATS2erShLKiRc_IwBWHz-8FE2PS8ZzpUBNjH1MNGzQJGOJCm6PxZN5iSkMmwD6dNr07HzO1uPYVYOl0luJnACg2DzoQvIjouZFyr1QqA5FOhnBfw1Y1UOloJiZigvIdUMNZSnlfS4sLtPmZ2cQyxtIAPJD4Mu9bFBsELTzlxBaNvy8eiV642yYW1lQkZv07Com0fK3eGYTRwot0RXboAtuZsQFdA1_ypAbyVZYVCLlvRPk9PSk8-TZIWnjcvH40PoUKOvRynK83HlKmTveRObjeHuESFZnYabUc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8l215aSuZdC5BYCA7_UPo6q1yAvJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAjbE8JEfR7I-4AIAqAMByAMCqgSDAk_Q2SBnNLjh7Y3F9SSpzETTmDkP-Ye618wRD1s5w0G29ubTuYvWeDLmKg2aT3Dl7RY0ut_pwqpi4M_qfBWzZ8uSB-i16vlrCnIKnkXEDEMJw_J5M1FLpB4NvhNg7Pju4zyCPJVBjQX_gT5HfnlQR3VprFzvRBV93hIgd5u306UFl8WdGK1mSWjUoL8bf2ETZwXFDtYWCZeYcfvdpBqOL7fvNegNEBni4l-96LYyzIktWUm05b-uDpr0JQ6zgF1CL92IPx_tVAvgnPsQaTe6mcX0h9kJ1cfNoFhpBCFqXJnM8R3SmM1olPYSlRFGF37ZzRaqbkEGlEGqaiIBOMojyLbMq3bgBAGABtLMod-Djvfv6gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY9dbF3MHxgwP6CwIIAYAMAeINEwi__8XcwfGDAxUAwLsIHSNVDbnQFQGAFwE%26num%3D1%26sig%3DAOD64_3fYfigSDbX8FR-aoDjbO3gr0X8BQ%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: 6C17459671DE2CD811A81D59CFE40E4A
Requests: 21 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Za6k5QAE9VgH_aKbAAiKmCisvmN_1Jk8yx4dFA&u=%7CE%2FDxOxr7%2FjKkXE8rAdtBHEZOZngLHgIIidlObkvIYx8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1M8xd9eNSjINIlOUU4sFEoqWllTu1Raf0MwdlBzgBaOiJgoN2qa-VEEHS00gme5E1J71zEhkLnAvXyROsqP2p5NzW6qa6UGLyANzdoO7cmgonag4wBG5FiObZ5lVKsVtMUjaU-q6JvTQRi2K-D59jSWAe9zCCC9Tp5W07skaMP6VYFB-4adU1leFNx4nqFY442Jyan8VMmbjv4BylwK1b2Q8I4nzU-8L3h8dZxbq0aZ-23SMH9WA-qlxNtTF9zXMvszGlSxpw4QtBAKjveJ0YS9dyiIzSl_d_r4ajbtHQMsieA5EUjjcSJOeD2MFYidlbXIxhamcJXkU5d5V4j1WNRgIKie2_BFEYyFtX__dAliWfmV9FRasg5iaQ7sYJnEmUfp2vYY9X9S0x5KbX4GFnn4-VuGFu3W6WYqPIDGToUONeW8lMlBNcSiW4JP3TSgs3GaLpOFupYX98KhUhZIiBdvwGn2Nn0MUcLvVEjiZOxcXpoTosdH6mF-tWRTO12ZcmGm6xwYp3yeFZzOZY8sLOHyPy1CuS6Q3zISLurIuiszCcaRdRixyS_3wza4Umk3aNP7ZDf4YZEXs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClguT5aSuZdjqE5vF9u8PmJWigAvJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpArTNAzOYRbI-4AIAqAMByAMCqgSDAk_Qqsypi3nyszoQoOg7yhHXvmMyDxQQulwgJR2-7bhb3TtjSqUHB1hLSGO0uuZN0AqV302qjSb4Oe0lqVdBfIo0lX8jegIJ3eYcUwFJA8G9OlY2h065bpRocyOUMPaqdXXzZNSslmIAX6XLtbMnr3pjA1CXyKtPwLPi9MX0RqbWhkj7N0V4iVhtyadZh-UbMcDUhU-r-T_FMA9TidaB8N7RMLbtf6R7U0yg-2OsAKpMKE-lOZQGCUaprkYYdcTnnr7cVPT2AeK8xE4BNnfLE6cwm8yQZApFsvRsLuTsSQaB05-Kg3Bkee4XzN-BJ1ZvgvFRleaVy5F5YHn_CWLhBuIQohngBAGABrCu2_a-3468nQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYxNrF3MHxgwP6CwIIAYAMAeINEwjjhMbcwfGDAxWbov0HHZiKCLDQFQGAFwE%26num%3D1%26sig%3DAOD64_3S4nB2m0kJtNzlEkDHyy0Agk2OVw%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: 7EF8C2015EF8FC04A1A8FE062F29056C
Requests: 10 HTTP requests in this frame

Frame: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: F56A7178D28E5C18E22B421729745CF4
Requests: 11 HTTP requests in this frame

Frame: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: CBF8CA1FA99931AF5999CCA8433E6739
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_inhead_fy2021.html?hello=world
Frame ID: 9D29E99B0E25CED7C03593A0332AF5CC
Requests: 1 HTTP requests in this frame

Frame: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 3F06774657A54C9B3B1081E229FEB2C9
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294143&bpp=250&bdt=235&idt=573&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C31080334%2C44809004%2C31080504%2C95320890%2C95321626%2C95321966%2C95322166%2C95322319%2C95322326%2C21065725&oid=2&pvsid=2422972194057826&tmod=1061803649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.dok9qfjvd2b5&fsb=1&dtd=579
Frame ID: 56E1A627B1B4272C960944D97F9A459C
Requests: 1 HTTP requests in this frame

Frame: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: E32943CE0883EB0531217DDDC378487D
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=228266070&adf=3173046730&pi=t.ma~as.3654094576&w=970&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294278&bpp=188&bdt=370&idt=465&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=0&ifk=45754261&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080533%2C44809530%2C95322182%2C95320889%2C95321627%2C95322164%2C31080557&oid=2&pvsid=3736950477463667&tmod=1824658010&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.65fr1dddswvm&fsb=1&dtd=471
Frame ID: C9C87B676DD1D5767FDF22703447BEB9
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046727&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294179&bpp=253&bdt=263&idt=586&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080443%2C31080591%2C44809004%2C31080504%2C95321963%2C95320890%2C95321627%2C95322165%2C95322325&oid=2&pvsid=798554487245127&tmod=1786190092&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.84ackw6m3jqq&fsb=1&dtd=591
Frame ID: 2C5C4D46351639C4B7B95407016B2926
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A66541076B231A66BE0FA8BB31555539
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C757E8C85E07A836A9301D85A7B42A86
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQt9LfAhif7sOAAjAB&v=APEucNU5r6-mj9E3QqEXtdDvzv4_fcPaHOgdCu-qJCqDHZnMTGCq8gRvpor6gLS4jz3iLh3YgbHo6zwu5jcu0CACk3U0syy5bKuzgj7gCMAZATol1derIvLjccjOmRl5m-2jZiGUlIVV3mKMiTO3BRXVnsAjTdlzIKUhFCV76HORulS0oPgS6kg
Frame ID: 638F09CD0A2E35724B1A870F7B9C4AC6
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 58E7457066B28E45C6136BA8A1147384
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 41F569BAD4E364A21C4F39E5319D7AB4
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046725&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294638&bpp=155&bdt=140&idt=351&shv=r20240118&mjsv=m202401170101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C44809531%2C31080505%2C95321958%2C95320869%2C95321626%2C95322163&oid=2&pvsid=2447506523472180&tmod=8997992&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.h682mv4gzvku&fsb=1&dtd=357
Frame ID: 54C0D0402A94E2BCA58ADD0E97810337
Requests: 1 HTTP requests in this frame

Frame: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: F08B67C682A70B5EB0ECC5E366A793C0
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294535&bpp=221&bdt=162&idt=489&shv=r20240118&mjsv=m202401170101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080442%2C44795922%2C31080557%2C95320377%2C95320890%2C95321627%2C95321862%2C95322162%2C31080557&oid=2&pvsid=1046948045195996&tmod=1940145891&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.b564jzrks8l4&fsb=1&dtd=495
Frame ID: E145AAA64E6CD7DF285CC50F2FC9C089
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3073907470465951617/index.html?e=69&leftOffset=0&topOffset=0&c=dkS7Cy6bQQ&t=1&renderingType=2&ev=01_250
Frame ID: C8F33802E71F461C6D016AA027033428
Requests: 13 HTTP requests in this frame

Frame: https://cti.w55c.net/ct/creative_add_on.js?w=300&h=50&zindex=0&ci=Xm5m1vekkx&ei=GOOGLE&ob=0&ai=0DaDXCcU00&epid=R0wxMDA5Ng&fiu=WG1KVFAyNDVlMA&s=https%3A%2F%2Fwww.xgcartoon.com&ciu=XRAYbd1MgU&btid=NzlCMUI2NUJENUQyQTE1OEZDQUVDQTZBMTNDRjA1REZ8R0ZOUjh2UHUxcnwxNzA1OTQ0Mjk0OTYxfDF8WG1KVFAyNDVlMHxYUkFZYmQxTWdVfDM0NjkwODc2M19FWHwyNTcxNHx8fHwuMFB8VVNE&c=DE&dt=2dt0005&sd=xgcartoon.com&cip=1&uidu=CAESEBtxA-D3p6bdgLIhzXDeN3s&spidu=GOOGLE&pidu=10096&hmpvu=be53bdf2-3adc-4150-93f8-ed237510a287&hmtsu=3&odtu=2&mtfu=1&crdmu=300x50&cridu=XRAYbd1MgU&
Frame ID: D4D96047A549577E8F787AE12B4868EB
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jse48w4jcg4dfs1ehbt07883vwzr5b2n0mt0s50mrexkqz963tt5caj4frm5ey8dscknktyve08a8hbxpjwyw8kg2h1bxj2t4szqrf4fwq1rpmay1prsm2296v7y4f50rxqmjptpqxfc0c493ygdjy6rqqe4n61cm4r5pnh6zhmxw6pf3eqeyfw14e9pgjdbhx9kezp2pw07aaqvbm0tsmexrsh18c9ns5vp3bandpqxmbm3ea51ynyytz9g9w538bpd6nkefqg3dmn9r0dq7p159fwdc6m19zd83bkayd03vbstfsz9pfzekb134g5vak83rb2zdbpybspvam84n55yjp07sb5hqfhp3wvnetsxaqnhqrk5ha2n7vwzf7rm3r9hjvp31pyhtvch9vzgqhhdntny60pek9g9yq1tdpcf3mmvwcz9d82h9v2b3t0jtrn2922g4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy3H95qSuZeaHNp7sn88P_vSL-AuQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEzAFP0FfU1Xh-RLhb93SFEgyWuRhk06kvnDHHQ5bHTne0qheFxAwPDwf6ouBhH8rHGG3XJFGelrZD8Vv8or3PbZ0g2Pvob40qa8hAnl9r7f_LIfTfuGPc1zw1u2O4WfI0XSMDqjrU_s8Mxe53yXobj3hDkyagqx-TCApuaG-05sHYS-0T8KoaXQ2b4L_9FXtkH3elcEYBd6syL-0rjbrMRCiDiwlBlo-vQPgBxEgnG9qq22gfQrObPgxt2aTf_TZzsNH38RQrklZI2JfLl4qABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliarMvdwfGDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Yz3mf4LaAWe-ukvWeiU62pyuBGA%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: 4EA0555ACC498F6300CABBD60408BBCA
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 84EDD8CA14D2BBAC5D2CCAD05983C2AD
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Za6k5gANOK0GdhVPAAGxSshV6gLGAewU0puOWA&u=%7CKD4fj3fCKrovanf%2FSaPdi%2FYCOBlyoPOEGGFgIgYW0mo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZejSh2I_Z98Df6ZxgfN0MfsbFbpogtsw4cc9fkRv0l-LqqcsUBwxbAAHWhEQHHWYknVLReovlKoJzN0kHz2v5aOH4o3clkjTaZOH3gfdh-Agc7IPrlhiXB6_-y6CNPYhiaTE-_AxCrv7deyxxyOuscnc3_ddZ-aCUHU1_XGIVLsfYaxhOOj5vlPTqFtK9K9VXVaD_3uagSG3sev49QzUPH2Dnga2PKGtT60At2eZeNTVZnBho8KLprTo4fglaKvqgvWDnA1xDGmNa09AW3tPKjsDTEWD3gM-eNTd-RGgcBDRODbQPjfSI7YRCBGK2RF9gLqs-dUCjERjpmA2LHcAWTf6nKwCmmOtMDfZf0Ftodep-fKUzvPWiW98qughkaMk8dr9Js28aKfhdcBOuc5K9gNEul_6AUd_ZLxbZ2iRaQf6cCV6HGET-vU_JYmdWc01X0Y3S7u9Wagi7gh8g0PdlfLka5hdlMuRYntKsSUR4yduBlmhDxDNsSadJ0Pqi8G4cXLheizD9h8xZvAEx2v0NCRQkNKVG28hCRJ60J061HTIyYkYid1JCa2WfxDirDfhhUtdp74O0rl6kerNDvDiBLOc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDJDO5qSuZa3xNM-q2OMPyuKG8A_JntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpArTNAzOYRbI-qAMByAMCqgTMAU_QIg4ETKDbuAH2kRWbvvtXQuPjwXQify7RtfvmkTIGd703m4NfqYyBZ0stTMLezv8VlCwokf7LTaShsQUxHDc4UXIqdJ0uXfKOplv__6tj_9Ldp3TMVWcGna2WBDtsqqwMVpp5jJRPGd76nS2RYp6HwgB_pb7aObQkpTADbGSHxG7uYyWPkMDa8_ZxOk4j3k19FabeUdmhej_bxO0mf5KEUiZr8h28E7W5uuJ2NXe6xTPLbxMi01vbX11DLL5zO1SWmWndLrTnuFAKL4AG0syh34OO9-_qAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5h8rdwfGDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0pOD_Z74mOBxoAqhUYtHvfzxc2Ew%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: 801C5BAF184B89887EBB55F3D06F271A
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7634077452E8CBF9210A218E2CEC79A2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F78E09D48738C951AB8E526FF4AB0750
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kaqpxqa535va8f9h53e4x0s1zt11fh9c63xx99738mnqt3tt9abjezvjmr2eecbxwks80mqshs0gek6h4pztrqq97vacd6qw0s5812n8y2feacc1q56g0rkfg07svcb61hv9gf4qds5m5k4r2gknfvkgn0a7sas8zewt4d02yd31enet1qwgnn7hqwdxfna71fa9zb0wn2gyrbvbrhc9mp3q6vbrbxtdv0m5t7qnsbnypa79chqnkcwdg65jtdj89jr4n6w9ke1dxvq4cdesdebr2fegajy7t6v15yvheswjpccjpvy3hq5nwbhnhrbd27hq6rak95xsab9avh7y4gtm9vv8kp7saq7kx5rm1hbp3dbtfph3f2zvzc9s71gfykkrj6pw64q0c9p14c3q3n0csf5hjdpza92w4hgz6h7gcdekqkj31xzgby06sezbnqthm7m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC88op56SuZbbiBtqB2OMPraGbqASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEywFP0CLwbcVPhywP0kqjbdckMsufEgxLJUvhALU1EiAauMzhctzW9K2JcdMD9XgxPvQKpxa3rwogLSs1jUPny4TpILPGwzwmhGCqEIe4R29nXz-gd3RkxMgLJRkoNnuLkdb_lN9Eeci9kV6i9MeI7ePfSz55-pJ43AZr-v4m6JKC_PnyMWLH8gFDawgfK04njizOzKe2LDWqOwBtDBZ_BYqzXEnFTEK0dzXQ8I86tdwZYh4aHiXoer9i10zsXoDSYb-er-23rgejLo8NnYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOX82N3B8YMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rU2olbqdwuMKnBEpy3AxoiKz0Ug%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: B879F34DD0AC3BD3FF8DAB2BC4529A9B
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Frame ID: D5B649F4A859FE9B4F1256C2AB705036
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 051F58799CD15FAEA4B01ABFDA3090BD
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 35EF4890326B9FF34CB8070570EB9A85
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gcgv3bbbq96xx9t4t1mbvg56cc3w5sq0whq40m6qh2d3j768c3tm42jsts20gqfct4jgmb21dzq5fdmjk1qabrmgt5a34mnk2qjbwe8mv043cma6mwctsnet50kxrx6negdbv2ca6x3dab5v3k745w0x5yj495d23cgt5g104xnk1bfqzpv73fa568nbzf94wcxdwn1gvc9zqdkwkjghs2qb5j0qypv3mwzwq15rp6xech8ha05dgkqxk5fd5h8q2237t74q38kyph3w623fcvz4fdbjgng3hpfg29egap659w3c01915690eaht4xt2xxrj7z9vf8xkwd8vhgb127dfhbs6qbxa8t1t2fxhf9wn0ny8r307qjj7ctjs48z9677ejvwwb6xx2ehp52fs363bp9rhnxj712mcxemq11yzecd37vdm42f47kyw3qfm8rnff66&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4C--56SuZcTYCIqp2OMP5-yGwA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQI2xPCRH0eyPqgDAcgDAqoEzAFP0K-1bRdqEeypw1Hr8pUUUpf_ZUzytCf8WIlpqUbKM5aMPiK7P5kPSAYjP0LGDMcfHIdg6xFccBHQKVZmxQgGRpJA4Nek6G2cJ74AlkfQK9gBpK50yLiM2licb3E86OAX1Ll6l2yq0P7dQwqE0QfUPad-irkA-HsMWeiKiKIcYph0sgdpXLU6vyjpfPsm1R_b6fdoTi-XiEKiIVi0-W25KfCnM4A9dJPSEbP9S_NHIef5OMGr73AuipaBgmoVucv6W59q7gKrttn6Kh-ABrfQqsvZtM-hTaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlicjdvdwfGDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2C-Nr0Vd5Yz_vszOA0FfYDSnOX4w%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: D3DABF8D21513AFC801B5788B92B2CFD
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js
Frame ID: 33971B8AD3FD394F2DE4BFBB9E7887F3
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 78C6A543B84CCE93080CD6BD7B0BB89C
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046724&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944295163&bpp=150&bdt=98&idt=367&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1589409296&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759876%2C44759927%2C95320376%2C95320869%2C95321627%2C95322163%2C31080557&oid=2&pvsid=3922862885230430&tmod=1233601255&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.qttsmmwwhph4&fsb=1&dtd=373
Frame ID: 39650FD92996E31ADCF4C9ACBAEB8162
Requests: 11 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: D13217409F3D4CF57F2E5E588286EE1C
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 81468F256E05C4D62884122DF92D26D7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 997D61C1760BEC9D5ED3FB55DF74E8D2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 32BA1685734A7DDACF9BF543323D2AB7
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C765%2C537178&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CEjgSDfEfARG7szHAHjt4t4AQTKSVTYr3hBgQ5&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CADYaYfqfbZr3UAHRH4tMCM7duRS4TRrAH3JMm&c=120&d=600&e=&g=13291a614db78136b0d985e7953fed26%2F17624810589492035411&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705944295695&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfy24v0cnz41h3mrrw4xc666b59a35b91ss0fbbxtny7reqzkms7h663qrdhga9jphyw5261ne4e81bfktravk2getcr4w3krj9qcv3da2g7ca1dtn7xesz42jn2ky0fhx2n37tc9vjrqgcqv03zcefh80t14gq7tfc050ct79wrt733azwjc32qschnvxcfyk27aemej67vx98vjp1q10g4ha6f40atnaen36zcxq2k4thae0vxb8g4ndq5an6hqxe89dq1mz2f7s0aa21dnba%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCy3H95qSuZeaHNp7sn88P_vSL-AuQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEzAFP0FfU1Xh-RLhb93SFEgyWuRhk06kvnDHHQ5bHTne0qheFxAwPDwf6ouBhH8rHGG3XJFGelrZD8Vv8or3PbZ0g2Pvob40qa8hAnl9r7f_LIfTfuGPc1zw1u2O4WfI0XSMDqjrU_s8Mxe53yXobj3hDkyagqx-TCApuaG-05sHYS-0T8KoaXQ2b4L_9FXtkH3elcEYBd6syL-0rjbrMRCiDiwlBlo-vQPgBxEgnG9qq22gfQrObPgxt2aTf_TZzsNH38RQrklZI2JfLl4qABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliarMvdwfGDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Yz3mf4LaAWe-ukvWeiU62pyuBGA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: 2504B6B5AB2785335E22811A41B95476
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FAF510D67E54FF3B5B695D507CFB0A5D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5756E892CE9745BA937E6BF41AE61C91
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Frame ID: 1A95425EA4A2A71FB9F475F68C12A51A
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=12798&b=13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7dr&f=wAjudfjfZk3SEHRH2tEC4m9hzSATmrZTKJQ1&c=300&d=50&e=&g=4236919d0fe064802313eda6aa248b3c%2F3756930811364068977&i=20363&j=24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705944295748&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzfsn4hex4gd46jr363bd6pn63dhmwkvj1ttqxnnt8g40h07tmgp1wj1xd77x1wb2qn4x4ptnjvztxwhkm1qg2t820xv5cxj48kh9gndsxevegeze0jdarg2gpqrcs1rea84ynffzd0vdnqe28gm9jpek5xcknxj76s6m8sep9knnksr84f6jk75cfqmw8c241na7ad56wfzhy0141ndt6x11bs2aed20jbtmkagy6vg48hjg4fh0zybdrtczdjbn275ys0e1f756fgy8k095je%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC88op56SuZbbiBtqB2OMPraGbqASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEywFP0CLwbcVPhywP0kqjbdckMsufEgxLJUvhALU1EiAauMzhctzW9K2JcdMD9XgxPvQKpxa3rwogLSs1jUPny4TpILPGwzwmhGCqEIe4R29nXz-gd3RkxMgLJRkoNnuLkdb_lN9Eeci9kV6i9MeI7ePfSz55-pJ43AZr-v4m6JKC_PnyMWLH8gFDawgfK04njizOzKe2LDWqOwBtDBZ_BYqzXEnFTEK0dzXQ8I86tdwZYh4aHiXoer9i10zsXoDSYb-er-23rgejLo8NnYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOX82N3B8YMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2rU2olbqdwuMKnBEpy3AxoiKz0Ug%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: B282373A9393EE16136446F85754BA4C
Requests: 6 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=19769&b=8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=ZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=300&d=50&e=&g=faf03f9df1347a56236bd346e5b43724%2F6460212238187733943&i=21630&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705944295775&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gandr6f7015qkty9h1zwtavr7tx4vrbh225c5m50f5zpnqyechf63cj7t45pg1sxdmxvaad7xg3j40ebe11pbg674a20xm3m6ks9vxh0r1v54r7cdhfy4dq9qh0d4xwqaa9ds2fptm6pmmwx5ahb3zrkrz614j2snjrtvvzegr6hjv6kawyxw3q2d9fr85zz67pm376hedsrtde7hpsqpekfvvmyqk6damv0tj6d1xc0yw7r4a9stww82wvscv2m8cf2fjdc5m50jyznadqw2vr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4C--56SuZcTYCIqp2OMP5-yGwA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQI2xPCRH0eyPqgDAcgDAqoEzAFP0K-1bRdqEeypw1Hr8pUUUpf_ZUzytCf8WIlpqUbKM5aMPiK7P5kPSAYjP0LGDMcfHIdg6xFccBHQKVZmxQgGRpJA4Nek6G2cJ74AlkfQK9gBpK50yLiM2licb3E86OAX1Ll6l2yq0P7dQwqE0QfUPad-irkA-HsMWeiKiKIcYph0sgdpXLU6vyjpfPsm1R_b6fdoTi-XiEKiIVi0-W25KfCnM4A9dJPSEbP9S_NHIef5OMGr73AuipaBgmoVucv6W59q7gKrttn6Kh-ABrfQqsvZtM-hTaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlicjdvdwfGDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2C-Nr0Vd5Yz_vszOA0FfYDSnOX4w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: BE3234ECBC8E29544CA31AA22FE701AD
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9C2BE90A9B133C423BAEAA40D861F0CE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 95B61D9AC020825DE6E8674298CFDD2C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 00AC8EF36FFFEE2659A4EAB4EEF2558D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 91F53AE8DDB115DCC0DB2724481E8241
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E15AE55EBBB606BEABB4F75B4FDB4535
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 881A1826C86777B81CB83CFB9CBB5C0F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 646EDDFBC22759E1D37B78B6CCB2B4B3
Requests: 9 HTTP requests in this frame

Frame: https://www.eprimo.de/postview?hp=8000001991&pvid=65aea4e8141e30d18a34f733&gdpr=0&gdpr_consent=&gdpr_pd=0
Frame ID: 536715072F3F4682DE2B29DB524D13A3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9A4695BF8A1F31840E491FDE9A8D0295
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 94AAAABA69BDA693BB97FE513EF03CF3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🍉西瓜卡通

Page URL History Show full URLs

http://www.xgcartoon.com/ HTTP 301
https://www.xgcartoon.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js
tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Page Statistics

446
Requests

92 %
HTTPS

46 %
IPv6

46
Domains

68
Subdomains

54
IPs

11
Countries

7748 kB
Transfer

16012 kB
Size

41
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://cn.xgcartoon.com/
Title: 简

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.xgcartoon.com/ HTTP 301
https://www.xgcartoon.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 196

https://ads.travelaudience.com/google_pixel?google_gid=CAESEHpNzq7tR1aCQOqJuFgk1oc&google_cver=1&google_push=AXcoOmR9GPoH_wC20af5GgO5sQWhIidQmPhCtb3znpdPn9ou5fIHOCBM5sEgPiDpPQVAJt_9aSBmKn4yih3HQsyoN41MBetae27RGQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5jXluOmoQGYlB3PP_3fP2w&google_push=AXcoOmR9GPoH_wC20af5GgO5sQWhIidQmPhCtb3znpdPn9ou5fIHOCBM5sEgPiDpPQVAJt_9aSBmKn4yih3HQsyoN41MBetae27RGQ

Request Chain 197

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOr2ik-KfuQ3KKPGc6XLn8s&google_cver=1&google_push=AXcoOmQmBjPJJxrVKAZz_FqdgaEJa2FRWaDr2ynT1vjTZyA5ISc2PLX1dR_BlmGkzu_QT7ZCzXCATNehzGC86kddJMdzl7Ja_fnP HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJQNzZRRk8tSy01VTky&google_push=AXcoOmQmBjPJJxrVKAZz_FqdgaEJa2FRWaDr2ynT1vjTZyA5ISc2PLX1dR_BlmGkzu_QT7ZCzXCATNehzGC86kddJMdzl7Ja_fnP

Request Chain 198

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMe6B575U3VPEJOVjcPIfAM&google_cver=1&google_push=AXcoOmQ9EiBS7ewdT7k101IngttVlIFt1qdOQHHYSdRsexI22LngRl-MrelrBzYSQ5P6WlQ0oWTnsKMC6elGT-9vEAl_BDp3iTXEdg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQ9EiBS7ewdT7k101IngttVlIFt1qdOQHHYSdRsexI22LngRl-MrelrBzYSQ5P6WlQ0oWTnsKMC6elGT-9vEAl_BDp3iTXEdg

Request Chain 199

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEDie4GL3WDyBi0zOKwEtRFw&google_cver=1&google_push=AXcoOmSs4r9WtjY7aa3kU_UQ34qxb68AMY9g1vR5WsB69sAOhID_hNd8m3DHLzk_0uTU7O4xr-z7xXpbDE8wLvWuayRb6aodhJXsIu8 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEDie4GL3WDyBi0zOKwEtRFw%26google_cver%3D1%26google_push%3DAXcoOmSs4r9WtjY7aa3kU_UQ34qxb68AMY9g1vR5WsB69sAOhID_hNd8m3DHLzk_0uTU7O4xr-z7xXpbDE8wLvWuayRb6aodhJXsIu8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODM4MDU5ODQ1NzIxOTkzMzI2NA%3D%3D&google_gid=CAESEDie4GL3WDyBi0zOKwEtRFw&google_cver=1&google_push=AXcoOmSs4r9WtjY7aa3kU_UQ34qxb68AMY9g1vR5WsB69sAOhID_hNd8m3DHLzk_0uTU7O4xr-z7xXpbDE8wLvWuayRb6aodhJXsIu8

Request Chain 200

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEFUARBJcL0MWye6eew1R3y4&google_cver=1&google_push=AXcoOmSnn7MkegxLy5qUBrNi6TilKZCdAxHhT5E8KLmWdTK4-n3Y9iOMLWRfCjU3t7MhJucpoBQIH94FC5fVZS_w6CIxCJZgAH-s2ws HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=635d1957-318b-4352-b3b3-651b5a65c707&google_cver=1&google_gid=CAESEFUARBJcL0MWye6eew1R3y4&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSnn7MkegxLy5qUBrNi6TilKZCdAxHhT5E8KLmWdTK4-n3Y9iOMLWRfCjU3t7MhJucpoBQIH94FC5fVZS_w6CIxCJZgAH-s2ws&gdpr=${GDPR}

Request Chain 204

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5i18Ynk8Ktwwgb46b6X-U&google_cver=1

Request Chain 205

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za6k5sWz.7988uYhe8qJJQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5i18Ynk8Ktwwgb46b6X-U&google_cver=1&google_hm=2

Request Chain 206

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAogiu6Z0JZ1-9pM7MdyUZg&google_cver=1

Request Chain 207

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODM4MDU5ODQ1NzIxOTkzMzI2NA%3D%3D

Request Chain 248

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBpLP9V3_pk24LVISAkR7Fc&google_cver=1&google_push=AXcoOmSECoV2tWdrx6op9zmPdad3JGYkczV_RabvEojgP2ydRaLUE-5Od12JXMPZZrv35lJ0qYngYANS6MJm6pKyNTj9FE-_cUOtjOQcxC4YmooCNxyDHsNRcDyDpRZM8UcHMZLqsHx46KQ6LexRXKuTQkmu HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSECoV2tWdrx6op9zmPdad3JGYkczV_RabvEojgP2ydRaLUE-5Od12JXMPZZrv35lJ0qYngYANS6MJm6pKyNTj9FE-_cUOtjOQcxC4YmooCNxyDHsNRcDyDpRZM8UcHMZLqsHx46KQ6LexRXKuTQkmu&google_hm=RWwzj22snwSJ7cz9ntptMw

Request Chain 249

https://ads.travelaudience.com/google_pixel?google_gid=CAESEHpNzq7tR1aCQOqJuFgk1oc&google_cver=1&google_push=AXcoOmSJ7xARPMHFO-2cSqTtiyhxZr8DkPSaoL8TeNCdaswZLe4eN_m010yxZV2TmtayI-pUGdgGqAjrXMIk39BjdS-mldH2aMBTJ7h9l8wldTdRQk1xsZI0Ry0Wh-Zdt9jzxOLe_23VDX_2DNtCfuPRdLk HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5jXluOmoQGYlB3PP_3fP2w&google_push=AXcoOmSJ7xARPMHFO-2cSqTtiyhxZr8DkPSaoL8TeNCdaswZLe4eN_m010yxZV2TmtayI-pUGdgGqAjrXMIk39BjdS-mldH2aMBTJ7h9l8wldTdRQk1xsZI0Ry0Wh-Zdt9jzxOLe_23VDX_2DNtCfuPRdLk

Request Chain 250

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELTVjcqFzuf5vwMqRTT79ro&google_cver=1&google_push=AXcoOmTmbkSen2g8Rd27KpGzc-7pFlgUCNabE-V0m7sn2EtNRCHZYfdKt8-21Who0yBiDk0jx7TVeR4f13QXtvWsZUIZs-N6VP_lDnFstawF0ULRUZF-A4CiKZxQ2-Ci9nfRIsix-qAT1POneYegSYKRq5y3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTmbkSen2g8Rd27KpGzc-7pFlgUCNabE-V0m7sn2EtNRCHZYfdKt8-21Who0yBiDk0jx7TVeR4f13QXtvWsZUIZs-N6VP_lDnFstawF0ULRUZF-A4CiKZxQ2-Ci9nfRIsix-qAT1POneYegSYKRq5y3&google_hm=eS1BMHl1d3dCRTJwRlNBT1JndGRSdFRJZEhuc3NySGZtNX5B

Request Chain 251

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMuKJplgIDAR3svX7Dau6Dk&google_cver=1&google_push=AXcoOmRE_XF97Zkp8dpxt5l0HKItsbkqYz-fK8N8f0NEugrhWXepxYp3MpZvYXW28XnXZmRKHvCzu7VgBw_0lZvRWCb6WbkFoef-yhLS-7XtN-agkRmIOFnFQ-8B2ZwuNVIWsj_duZZyrD5ksrDp__1sx9g HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMuKJplgIDAR3svX7Dau6Dk&google_cver=1&google_push=AXcoOmRE_XF97Zkp8dpxt5l0HKItsbkqYz-fK8N8f0NEugrhWXepxYp3MpZvYXW28XnXZmRKHvCzu7VgBw_0lZvRWCb6WbkFoef-yhLS-7XtN-agkRmIOFnFQ-8B2ZwuNVIWsj_duZZyrD5ksrDp__1sx9g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzAzNDk2OTI4NDE5MzMwNDcwMg&google_push=AXcoOmRE_XF97Zkp8dpxt5l0HKItsbkqYz-fK8N8f0NEugrhWXepxYp3MpZvYXW28XnXZmRKHvCzu7VgBw_0lZvRWCb6WbkFoef-yhLS-7XtN-agkRmIOFnFQ-8B2ZwuNVIWsj_duZZyrD5ksrDp__1sx9g

Request Chain 252

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEA5JFHnZYVDRzs_ckjRLtrE&google_cver=1&google_push=AXcoOmTaFdGf7wSqzI6BaiJbfsy7R_XiGXfkFp6tCAjn6apQla3Z0Vm3ne-k_iWbEY_dvYrQZkI_k913jTyrih5vrIXGfqdv01w4Esw8UctXdQqlORAO9tS5b8kbRdwDG_6eZNZSOyZgsZYb9291t789_mQ HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEA5JFHnZYVDRzs_ckjRLtrE&google_cver=1&google_push=AXcoOmTaFdGf7wSqzI6BaiJbfsy7R_XiGXfkFp6tCAjn6apQla3Z0Vm3ne-k_iWbEY_dvYrQZkI_k913jTyrih5vrIXGfqdv01w4Esw8UctXdQqlORAO9tS5b8kbRdwDG_6eZNZSOyZgsZYb9291t789_mQ&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTaFdGf7wSqzI6BaiJbfsy7R_XiGXfkFp6tCAjn6apQla3Z0Vm3ne-k_iWbEY_dvYrQZkI_k913jTyrih5vrIXGfqdv01w4Esw8UctXdQqlORAO9tS5b8kbRdwDG_6eZNZSOyZgsZYb9291t789_mQ&google_hm=ICPUsGZHfnjSXUhtQc2vAEnm

Request Chain 256

https://um.simpli.fi/gp_match?google_gid=CAESEKQTrt8oT-lvbn_uswhF0BA&google_cver=1&google_push=AXcoOmS6AxDGRhfnM_mpTcNIH7_16ch_gVDJ2rbiRKYWTb1cBMxtm-vZJj4K2SsY-UuRxdHJtzPDvbxBLcBevfDwd28ubv_6yBvpHXVJMMclvoJLpG6Go33u55r-q6lznaHw2qb4PdjJ0iLdkk0T-_rmO_6A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=525F9BAA7F7C47598A032459F522CF59&google_push=AXcoOmS6AxDGRhfnM_mpTcNIH7_16ch_gVDJ2rbiRKYWTb1cBMxtm-vZJj4K2SsY-UuRxdHJtzPDvbxBLcBevfDwd28ubv_6yBvpHXVJMMclvoJLpG6Go33u55r-q6lznaHw2qb4PdjJ0iLdkk0T-_rmO_6A

Request Chain 257

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELTVjcqFzuf5vwMqRTT79ro&google_cver=1&google_push=AXcoOmSYUtB-Ew2c0hd9tQTM7sarOdSQuO39w_Bl0OTqTBDC-F3C9U_LLQJzVQtsRVVL2Hgl8vLkYZ72zYqI_9Y43Sb_nmi9O4-og4ukbDmey5miHyuXDh2yHIbQfL_7FppdiIrGtUXqdEy7WIsa_qJaw5S_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSYUtB-Ew2c0hd9tQTM7sarOdSQuO39w_Bl0OTqTBDC-F3C9U_LLQJzVQtsRVVL2Hgl8vLkYZ72zYqI_9Y43Sb_nmi9O4-og4ukbDmey5miHyuXDh2yHIbQfL_7FppdiIrGtUXqdEy7WIsa_qJaw5S_&google_hm=eS1mMW9Ca2NSRTJwRXRFc2dYWHpRcG05cHA0Y2tBZ1NSMn5B

Request Chain 258

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMuKJplgIDAR3svX7Dau6Dk&google_cver=1&google_push=AXcoOmT93hB06-6KfnY8aKDMvj9A8pBEV2SgHSJNwq8mNnAKV3iuHjMAtqPdFkWiYEF8t-6FaD7c2F0pypHQSYKuVVSN_a9LhZZBrL2Xx22cmtTtuDpm1norWkvhkHsnNRSn2bsjcsblg_vAbXDZZjUhr9jO HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMuKJplgIDAR3svX7Dau6Dk&google_cver=1&google_push=AXcoOmT93hB06-6KfnY8aKDMvj9A8pBEV2SgHSJNwq8mNnAKV3iuHjMAtqPdFkWiYEF8t-6FaD7c2F0pypHQSYKuVVSN_a9LhZZBrL2Xx22cmtTtuDpm1norWkvhkHsnNRSn2bsjcsblg_vAbXDZZjUhr9jO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTcyNzQ4MjczNjk4NjYyMjU4OQ&google_push=AXcoOmT93hB06-6KfnY8aKDMvj9A8pBEV2SgHSJNwq8mNnAKV3iuHjMAtqPdFkWiYEF8t-6FaD7c2F0pypHQSYKuVVSN_a9LhZZBrL2Xx22cmtTtuDpm1norWkvhkHsnNRSn2bsjcsblg_vAbXDZZjUhr9jO

Request Chain 259

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOr2ik-KfuQ3KKPGc6XLn8s&google_cver=1&google_push=AXcoOmTMIW1tUp-PoDfco5uesKPBfITy3x5Hf9nYE0vZmrG2pTn-JmVrd4kmKFL6UJrTr-1e9jFlQk0q814Ti5buZoMM1iB0m_RE7eoQRg1KYm3EHeQGH_Mroo2jSbL3KXKu1O-4yPA-K3B1HnXVXQvjsCc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJQNzZRUFQtMVktSkxMQQ==&google_push=AXcoOmTMIW1tUp-PoDfco5uesKPBfITy3x5Hf9nYE0vZmrG2pTn-JmVrd4kmKFL6UJrTr-1e9jFlQk0q814Ti5buZoMM1iB0m_RE7eoQRg1KYm3EHeQGH_Mroo2jSbL3KXKu1O-4yPA-K3B1HnXVXQvjsCc

Request Chain 260

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEA5JFHnZYVDRzs_ckjRLtrE&google_cver=1&google_push=AXcoOmT5B3tBXdkql8UjUtyQXypTFmBJwlvJ5YtPz1IBxZ731FrsHb5PqieeQe-abKCL4o9Pf9yoMmSFPAo9gjlt2P_IxsIiHY7HTxBPUGukreyy6oz0s-dY8z5CmkbIB8WBe67OycN8ILyZNYqmQt4gxE04 HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEA5JFHnZYVDRzs_ckjRLtrE&google_cver=1&google_push=AXcoOmT5B3tBXdkql8UjUtyQXypTFmBJwlvJ5YtPz1IBxZ731FrsHb5PqieeQe-abKCL4o9Pf9yoMmSFPAo9gjlt2P_IxsIiHY7HTxBPUGukreyy6oz0s-dY8z5CmkbIB8WBe67OycN8ILyZNYqmQt4gxE04&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmT5B3tBXdkql8UjUtyQXypTFmBJwlvJ5YtPz1IBxZ731FrsHb5PqieeQe-abKCL4o9Pf9yoMmSFPAo9gjlt2P_IxsIiHY7HTxBPUGukreyy6oz0s-dY8z5CmkbIB8WBe67OycN8ILyZNYqmQt4gxE04&google_hm=ICPUsGZHfnjSXUhtQc2vAEnm

Request Chain 284

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEH1pL-GeBpjRGnGQ1EQR_yA&google_cver=1&google_push=AXcoOmTvnru0pZehmsNJa1ZfbknS2afaOS9-BVVUUpI7ed2wl25kZgV0vESazv2FK3497QeVoGJl1UPFJ-5aYMS70kYKEZwIFP7d59x89gw3AGO7D_DcqPvKPx7XmYkmrOQ0yyNrWnFdVtuaCl6kNZGGEMce HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzE3MDA0MTM3NjAyMjM0ODY0Ng==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEH1pL-GeBpjRGnGQ1EQR_yA&google_cver=1

Request Chain 285

https://um.simpli.fi/gp_match?google_gid=CAESEKQTrt8oT-lvbn_uswhF0BA&google_cver=1&google_push=AXcoOmRc1Mgijp7ANxT8ijBMvJT2oYcGAzMOXFMPERHGbsXCPAVBqFY_M8_EHNvEM9exBEIvfGo0hk3J9_4YSpzCAAso_54tnmSZj_iT5-tKqjTRq2R_stAujHe69cn4im__iZptSYfWAqhV8mrqN8yLNWE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DAC58519139E48E396CCEA28229A73B9&google_push=AXcoOmRc1Mgijp7ANxT8ijBMvJT2oYcGAzMOXFMPERHGbsXCPAVBqFY_M8_EHNvEM9exBEIvfGo0hk3J9_4YSpzCAAso_54tnmSZj_iT5-tKqjTRq2R_stAujHe69cn4im__iZptSYfWAqhV8mrqN8yLNWE

Request Chain 289

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOr2ik-KfuQ3KKPGc6XLn8s&google_cver=1&google_push=AXcoOmSwzicmYbs5AkUxwuUggf1m0RO-E7O9XjTnH3pxS8lf03DW2hjOYkQ8DlugpFnAYQx0cabG-17kThljAQdsRkqd2XD0YDsi5nVbbWXmUVdmxeh7qebD2gcjoqPP_k_sSNGuWwzd0ShWPo7MFqROZHbc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJQNzZRUzYtVS1aOUY=&google_push=AXcoOmSwzicmYbs5AkUxwuUggf1m0RO-E7O9XjTnH3pxS8lf03DW2hjOYkQ8DlugpFnAYQx0cabG-17kThljAQdsRkqd2XD0YDsi5nVbbWXmUVdmxeh7qebD2gcjoqPP_k_sSNGuWwzd0ShWPo7MFqROZHbc

Request Chain 290

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEDie4GL3WDyBi0zOKwEtRFw&google_cver=1&google_push=AXcoOmSv6FCPMkk4nVwzc4aj3mA-LFk3pew6zr9os1ddb0rVX55Q6-tGxoFCZ442Md-SVAHvVgn1GkSvTtCTpEzP9nNisBayxygiFdjCgvgLQ6ZBg9Nz6qAFBPK7zKErcHYSGLO3b-_5t81nJdDRnnou7RjGvw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODM4MDU5ODQ1NzIxOTkzMzI2NA%3D%3D&google_gid=CAESEDie4GL3WDyBi0zOKwEtRFw&google_cver=1&google_push=AXcoOmSv6FCPMkk4nVwzc4aj3mA-LFk3pew6zr9os1ddb0rVX55Q6-tGxoFCZ442Md-SVAHvVgn1GkSvTtCTpEzP9nNisBayxygiFdjCgvgLQ6ZBg9Nz6qAFBPK7zKErcHYSGLO3b-_5t81nJdDRnnou7RjGvw

Request Chain 318

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEH1pL-GeBpjRGnGQ1EQR_yA&google_cver=1&google_push=AXcoOmQ04zF-sbiTL-HvhmGpaLBwYhpPfpDnA8cCWxT2v2ckqE9hT9ob29HorIlStJUxD-FzbaisQfQS_5hgntW44X1yg03317zSdYKmbp5NE_HQ_uzZb7bQXJ72dHYXoY2mHvuNcJNwY_wf5sGJmLvcAchp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzE3MDA0MTM3NjAyMjM0ODY0Ng==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEH1pL-GeBpjRGnGQ1EQR_yA&google_cver=1

Request Chain 319

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBtxA-D3p6bdgLIhzXDeN3s&google_cver=1&google_push=AXcoOmQRD0VW_bZ1pjp2QP45xaN-NAy7hYcpr7hZRuyF-k7wSvZSOJ8KHBLYSlZgUjySqZODDNkimSHt2J5UE1CpJEq1FYmeyu6OHcmwvcenvGRbHzTANpLj7i3gDR_XlJTWiEiTy1xCXgK7UQRHD6fGLT1- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UFJZekFveWcxUnJZMno1&google_gid=CAESEBtxA-D3p6bdgLIhzXDeN3s&google_cver=1&google_push=AXcoOmQRD0VW_bZ1pjp2QP45xaN-NAy7hYcpr7hZRuyF-k7wSvZSOJ8KHBLYSlZgUjySqZODDNkimSHt2J5UE1CpJEq1FYmeyu6OHcmwvcenvGRbHzTANpLj7i3gDR_XlJTWiEiTy1xCXgK7UQRHD6fGLT1-

Request Chain 320

https://ads.travelaudience.com/google_pixel?google_gid=CAESEHpNzq7tR1aCQOqJuFgk1oc&google_cver=1&google_push=AXcoOmTCM15CXe4i-6zBTt4bTOWfaDGn747uYyA8Rl9rN13L9uaf59L6AxRmaxKZMUWD3UVeZR1uFk9o7NnKLYJFhGFSKc3qzbyrKpnIwZdFroUeTBPsZeAycVcHjqR17Y8bivw4PuirW7zqzHMn74s0TjQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5jXluOmoQGYlB3PP_3fP2w&google_push=AXcoOmTCM15CXe4i-6zBTt4bTOWfaDGn747uYyA8Rl9rN13L9uaf59L6AxRmaxKZMUWD3UVeZR1uFk9o7NnKLYJFhGFSKc3qzbyrKpnIwZdFroUeTBPsZeAycVcHjqR17Y8bivw4PuirW7zqzHMn74s0TjQ

Request Chain 321

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMuKJplgIDAR3svX7Dau6Dk&google_cver=1&google_push=AXcoOmT4apPNaZPMlfUFokCu8nGFmO89NI9-HOe_xA0bhgPRB6KfV22lq7d90phHUDriKg8uiztPaWDm6iDm76GhfIfNwZ3OdPKL9tpIh7S0W-gu13JBh-oZ8dr0DJjYVSNTxAWd-S0WFzJcHbs30oryu-d3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzAzNDk2OTI4NDE5MzMwNDcwMg&google_push=AXcoOmT4apPNaZPMlfUFokCu8nGFmO89NI9-HOe_xA0bhgPRB6KfV22lq7d90phHUDriKg8uiztPaWDm6iDm76GhfIfNwZ3OdPKL9tpIh7S0W-gu13JBh-oZ8dr0DJjYVSNTxAWd-S0WFzJcHbs30oryu-d3

Request Chain 324

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEFUARBJcL0MWye6eew1R3y4&google_cver=1&google_push=AXcoOmSx5xXpIeplE3aDncUh5q9yLl09fH4OfvVJsztRTv_VHPGcUnF_YQq7j2PJPQAyv13oXshZL0GPqeM-5uDAQ3rE-eptYIAO0qeUNnDUSGblksSH2jMkGNFaGF_SFPA2vMG2pGXXA8qLtGIyT52_hVD9mw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=635d1957-318b-4352-b3b3-651b5a65c707&google_cver=1&google_gid=CAESEFUARBJcL0MWye6eew1R3y4&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSx5xXpIeplE3aDncUh5q9yLl09fH4OfvVJsztRTv_VHPGcUnF_YQq7j2PJPQAyv13oXshZL0GPqeM-5uDAQ3rE-eptYIAO0qeUNnDUSGblksSH2jMkGNFaGF_SFPA2vMG2pGXXA8qLtGIyT52_hVD9mw&gdpr=${GDPR}

Request Chain 329

https://a.tribalfusion.com/i.match?p=b6&u=CAESEOYDH9GirIitN1e48wFhuto&google_cver=1&google_push=AXcoOmS6MmshRXQXbwSSpDqxgjjohbKRSyFEgj0ZMcLwazRW7n-J76hxQJapOQNkTDkg1ugNRnJM6QW8Mr9mby9BcPulBatSjkmruOYiUxeNB1fLrIGMU88V_EqYxTf8et-nU-BfpSgyhydhDrrlIzCxwkp2&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS6MmshRXQXbwSSpDqxgjjohbKRSyFEgj0ZMcLwazRW7n-J76hxQJapOQNkTDkg1ugNRnJM6QW8Mr9mby9BcPulBatSjkmruOYiUxeNB1fLrIGMU88V_EqYxTf8et-nU-BfpSgyhydhDrrlIzCxwkp2%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOYDH9GirIitN1e48wFhuto&google_cver=1&google_push=AXcoOmS6MmshRXQXbwSSpDqxgjjohbKRSyFEgj0ZMcLwazRW7n-J76hxQJapOQNkTDkg1ugNRnJM6QW8Mr9mby9BcPulBatSjkmruOYiUxeNB1fLrIGMU88V_EqYxTf8et-nU-BfpSgyhydhDrrlIzCxwkp2&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS6MmshRXQXbwSSpDqxgjjohbKRSyFEgj0ZMcLwazRW7n-J76hxQJapOQNkTDkg1ugNRnJM6QW8Mr9mby9BcPulBatSjkmruOYiUxeNB1fLrIGMU88V_EqYxTf8et-nU-BfpSgyhydhDrrlIzCxwkp2%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 331

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMuKJplgIDAR3svX7Dau6Dk&google_cver=1&google_push=AXcoOmQ2lN266u8bwZvl-h9khG_S4Pye0W4m77619A4R3v_52s7KM7wfP1D6VMAzOLOKck3MDI76o2-HK4WTPegAAF_iP59AfUy0lcIs2XZ9tYC8tRiR6Y4vU-7_EGeZDueKp46ojjsiWeQFA0w3dt_SIMi2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzAzNDk2OTI4NDE5MzMwNDcwMg&google_push=AXcoOmQ2lN266u8bwZvl-h9khG_S4Pye0W4m77619A4R3v_52s7KM7wfP1D6VMAzOLOKck3MDI76o2-HK4WTPegAAF_iP59AfUy0lcIs2XZ9tYC8tRiR6Y4vU-7_EGeZDueKp46ojjsiWeQFA0w3dt_SIMi2

Request Chain 333

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOr2ik-KfuQ3KKPGc6XLn8s&google_cver=1&google_push=AXcoOmTGTDcr6U3KmvJbLJiNlrTRAKoM57VbT1feIxJvsLIS87iHBnjzTMTbZXsEYL7IvPgqF91NHsV4tc39gYWgUCYyGVDFAzDCWVcJQ3WGBAMzMe3hMkqkj4FPNTlo5OyUU1Z_AzNxRdn5XB54D113gE1k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJQNzZRV0UtMU4tTDZDNg==&google_push=AXcoOmTGTDcr6U3KmvJbLJiNlrTRAKoM57VbT1feIxJvsLIS87iHBnjzTMTbZXsEYL7IvPgqF91NHsV4tc39gYWgUCYyGVDFAzDCWVcJQ3WGBAMzMe3hMkqkj4FPNTlo5OyUU1Z_AzNxRdn5XB54D113gE1k

Request Chain 376

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidEjgSDfEfARG7szHAHjt4t4AQTKSVTYr3hBgQ5oneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1705944295_29280b41-b94b-11ee-9c4b-223173d2bc6e&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 419

https://um.simpli.fi/gp_match?google_gid=CAESEKQTrt8oT-lvbn_uswhF0BA&google_cver=1&google_push=AXcoOmRlGelFocHjDxR2slFN9dcIVLNWF0kzwW6eMT8v7xHACyclyFLivCRLDEJhY31fAEPDFkv8fzW3E-Q0lH5pEOKST3LzDLuoNPDn5yxI7aW2RZfCsk3H3cYgOro62AR1tWFaeyxoiNUTa4IwUCrjKP4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DAC58519139E48E396CCEA28229A73B9&google_push=AXcoOmRlGelFocHjDxR2slFN9dcIVLNWF0kzwW6eMT8v7xHACyclyFLivCRLDEJhY31fAEPDFkv8fzW3E-Q0lH5pEOKST3LzDLuoNPDn5yxI7aW2RZfCsk3H3cYgOro62AR1tWFaeyxoiNUTa4IwUCrjKP4

Request Chain 420

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELTVjcqFzuf5vwMqRTT79ro&google_cver=1&google_push=AXcoOmQTa7jGw-uUYbp_0Yrnnz8nRo2_cs1AhY95osSVuSss3i6-nTk4Ds0cV846is0uQe6ovTK01YTrm_IQoTyhtl2sZ75clwvS9aDyyXlIz2BY_cuvSfgkZy42SWFUPVgLBsvEk03ghTE_Ue8QPWcT8RH0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQTa7jGw-uUYbp_0Yrnnz8nRo2_cs1AhY95osSVuSss3i6-nTk4Ds0cV846is0uQe6ovTK01YTrm_IQoTyhtl2sZ75clwvS9aDyyXlIz2BY_cuvSfgkZy42SWFUPVgLBsvEk03ghTE_Ue8QPWcT8RH0&google_hm=eS1mMW9Ca2NSRTJwRXRFc2dYWHpRcG05cHA0Y2tBZ1NSMn5B

Request Chain 422

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDTY1-5GUnoVZDbS3A9dCWE&google_cver=1&google_push=AXcoOmTuF_Yo7HNsjITZ0JZniXMDiqwuc80nTLJTf5HgPFGg3Sebq3GyWKw2IKIo3A7TqJSQKFls0zuZAMQAF-HgiFYy6WHm9cB8uaa2-zlybiZ8i3sKd-WtJ8WTuIPtxm_Uoi_b1bwRfKth_EPRcr3JSa5C HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDTY1-5GUnoVZDbS3A9dCWE&google_hm=Za6k5sWz-7988uYhe8qJJQAAFHsAAAAB&google_nid=index&google_push=AXcoOmTuF_Yo7HNsjITZ0JZniXMDiqwuc80nTLJTf5HgPFGg3Sebq3GyWKw2IKIo3A7TqJSQKFls0zuZAMQAF-HgiFYy6WHm9cB8uaa2-zlybiZ8i3sKd-WtJ8WTuIPtxm_Uoi_b1bwRfKth_EPRcr3JSa5C

Request Chain 424

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENFiA6_gd-RKskG1tI0uIDE&google_cver=1&google_push=AXcoOmQnYmiRieet_UW5g8_JKkwJO6ZJQSRmu70QOlCOelP-9CUP0YkxE4gyxWJPi0nc1cK9msl9rEzKcHzUzodvf980o41tPz1_sBq5VMY72m2AL3ywr2oPTkRP9b3nKgJpauqGuKQz3xgsYU36OMDNtzU HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQnYmiRieet_UW5g8_JKkwJO6ZJQSRmu70QOlCOelP-9CUP0YkxE4gyxWJPi0nc1cK9msl9rEzKcHzUzodvf980o41tPz1_sBq5VMY72m2AL3ywr2oPTkRP9b3nKgJpauqGuKQz3xgsYU36OMDNtzU&google_gid=CAESENFiA6_gd-RKskG1tI0uIDE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5NTE0MjU0NDQ4OTE3MDMzODU1Mw%3D%3D&google_push=AXcoOmQnYmiRieet_UW5g8_JKkwJO6ZJQSRmu70QOlCOelP-9CUP0YkxE4gyxWJPi0nc1cK9msl9rEzKcHzUzodvf980o41tPz1_sBq5VMY72m2AL3ywr2oPTkRP9b3nKgJpauqGuKQz3xgsYU36OMDNtzU

Request Chain 425

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMe6B575U3VPEJOVjcPIfAM&google_cver=1&google_push=AXcoOmRSHvB9i1ElBJWFP0QlyyLNRjvwtzXrKnoGnAMju9Yn9Axx2M-Q5vRS8I_jkJQ2Q4TePKtDUmP1vcvtr06Dy5ZZUDdC2SRllCcFMkfKpri_l35H6A7mI7X5_5-4TDhIVw3ubG8pGbdmKgnoNjXeEEHXoQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRSHvB9i1ElBJWFP0QlyyLNRjvwtzXrKnoGnAMju9Yn9Axx2M-Q5vRS8I_jkJQ2Q4TePKtDUmP1vcvtr06Dy5ZZUDdC2SRllCcFMkfKpri_l35H6A7mI7X5_5-4TDhIVw3ubG8pGbdmKgnoNjXeEEHXoQ HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

446 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.xgcartoon.com/
Redirect Chain

http://www.xgcartoon.com/
https://www.xgcartoon.com/

187 KB
31 KB

883ms
440ms

Document
text/html

169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5cf7e1c0ef1564cefd0cd347ea7eb6a2b676d41ff1235864971a882b8e3aa13f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=180
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 22 Jan 2024 17:24:51 GMT
etag: "2ea08-OBPB/AG4H2eV1XvyFZJ1j7ihwP4"
expires: Mon, 22 Jan 2024 17:27:51 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Mon, 22 Jan 2024 17:24:50 GMT
Location: https://www.xgcartoon.com/
Server: nginx/1.18.0 (Ubuntu)

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 296ms
175ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4d51bd3b5d960b8c193cf3b6f064017afcddf2ac74ffec5f89135c36858ff5f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 22 Jan 2024 17:24:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73064
x-xss-protection: 0
server: sffe
etag: "9058cca2bebd166f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 22 Jan 2024 17:24:51 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/v0/ 82 KB
23 KB 260ms
140ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e19ff24b75696e9906de7e3fb216caa47f4587e16e2be5952d4ed621ddd7203b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 22 Jan 2024 17:24:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23147
x-xss-protection: 0
server: sffe
etag: "e3c28d511ee10871"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 22 Jan 2024 17:24:51 GMT

GET
H2 200 amp-autocomplete-0.1.js Show response
cdn.ampproject.org/v0/ 29 KB
9 KB 189ms
80ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7c729b9db0f487890eaa69d83c307284bb418820a6ffc002e28b730950d3ea0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 22 Jan 2024 17:24:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9441
x-xss-protection: 0
server: sffe
etag: "8a12f3e173b754f3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 22 Jan 2024 17:24:51 GMT

GET
H2 200 amp-base-carousel-0.1.js Show response
cdn.ampproject.org/v0/ 33 KB
10 KB 176ms
68ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-base-carousel-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ace8633766e99eb003513d6aa7849739f840862bdd804de2f70e0ce612320b2b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 22 Jan 2024 17:24:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9158
x-xss-protection: 0
server: sffe
etag: "645e6949433ed802"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 22 Jan 2024 17:24:51 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/v0/ 49 KB
15 KB 204ms
96ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-form-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39fb2af422acee96c73b86f265ecfbfc2d28b2a6190149cf70cf8a4406b1fd0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 22 Jan 2024 17:24:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14975
x-xss-protection: 0
server: sffe
etag: "fa00c49bed9fe9f3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 22 Jan 2024 17:24:51 GMT

GET
H2 200 amp-mustache-0.2.js Show response
cdn.ampproject.org/v0/ 45 KB
15 KB 318ms
210ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-mustache-0.2.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b74d43eceb8c7cea965f066b96affd905a95e2ca7e82eef899391a61fd0461b4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 22 Jan 2024 17:24:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15379
x-xss-protection: 0
server: sffe
etag: "4cfe0684d15e01f1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 22 Jan 2024 17:24:51 GMT

GET
H2 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/v0/ 40 KB
10 KB 177ms
176ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ead499b985ab8cb63e70f1ed19ddeb43666172a9c2bfd3c441e2aa4310fc4bc3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 22 Jan 2024 17:24:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10362
x-xss-protection: 0
server: sffe
etag: "d76b387365e4c80e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 22 Jan 2024 17:24:51 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
32 KB 163ms
163ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a0b8fa938af334bce5a350b66110d0b21be7630c46e6fe32fd0f00d877e1e6f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 22 Jan 2024 17:24:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32198
x-xss-protection: 0
server: sffe
etag: "adb7489d39d466fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 22 Jan 2024 17:24:51 GMT

GET
H2 200 amp-social-share-0.1.js Show response
cdn.ampproject.org/v0/ 14 KB
5 KB 160ms
160ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-social-share-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d956bf3a7670a172321d0146a2a2ef7e726cb1088e88da978c06cc0b0003ad0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 22 Jan 2024 17:24:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4738
x-xss-protection: 0
server: sffe
etag: "eeea5f8009365dad"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 22 Jan 2024 17:24:51 GMT

GET
H2 200 /
c.statcounter.com/12916097/0/c55d9f9f/1/ 49 B
469 B 236ms
173ms Image
image/gif 104.20.95.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.statcounter.com/12916097/0/c55d9f9f/1/
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:51 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
cf-ray: 84997e2fb9a2abcf-CPH
content-length: 49
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 logo.png
www.xgcartoon.com/img/ 13 KB
13 KB 230ms
230ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/logo.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:51 GMT
last-modified: Sun, 28 Aug 2022 14:10:33 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"3473-182e4ca3706"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 13427
expires: Mon, 22 Jan 2024 17:27:51 GMT

GET
H2 200 up.png
www.xgcartoon.com/img/ 232 B
428 B 229ms
229ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/up.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 13e6a7a86b66aec6cc0cf1441a042fa7beaedbab5dc996b0341301518a1f55af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:51 GMT
last-modified: Fri, 02 Dec 2022 17:10:45 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"e8-184d3d1ae08"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 232
expires: Mon, 22 Jan 2024 17:27:51 GMT

GET
H2 200 down.png
www.xgcartoon.com/img/ 266 B
463 B 230ms
230ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/down.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2661dcb6bfa9b71c39c54788bde5ea88003db9f7384c04e66d6f7926fdba8894

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:51 GMT
last-modified: Fri, 02 Dec 2022 17:11:00 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"10a-184d3d1e8a0"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 266
expires: Mon, 22 Jan 2024 17:27:51 GMT

GET
DATA 200
OK truncated
/ 1 KB
1 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa3ecba51fcbe3806a57d12638c9e2760902fef8faa7bfc5b4e0214ed36848b7

Request headers

Referer
Origin: https://www.xgcartoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: font/woff2

GET
H2 200 migongfanshejianshangdedixiachengriyu-jiujingliangzi.jpg
static-a.xgcartoon.com/coverw/ 10 KB
10 KB 830ms
753ms Image
image/jpeg 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/migongfanshejianshangdedixiachengriyu-jiujingliangzi.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf11cee75973dd8ce7ad29c194eece5505a9cbca0ea5efe108af6b0e8cf18098

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:52 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Sat, 06 Jan 2024 14:49:53 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "8DFD482A8A37121084DDFDADB329E664"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=859wFG6NBe51Dhj%2Fsra4R5APcialIdvrhhoMl99EwU5Cka5%2FtasYcQ25eCFglB5IcHFoN%2FaQeJNjj1J17vyJI4qgY%2B0bA%2BJjdfXTPsK1Pn8hLIc0olKDJbFVWFzTp9%2FYbOdgNoFExxe9vPIfFVFcCxO6p2g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e327ea83665-FRA
content-length: 10021
expires: Wed, 24 Jan 2024 15:21:02 GMT

GET
H2 200 yixiuluoriyu-guisu.jpg
static-a.xgcartoon.com/coverw/ 12 KB
12 KB 312ms
236ms Image
image/jpeg 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/yixiuluoriyu-guisu.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 211fd5ed1d29657a3f4100fd99046fc5063a494ade908d45fbf1425f72d20ce7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:52 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Sat, 06 Jan 2024 14:52:15 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "4D72DE9E939538CEC84D825755B8F6BD"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yHWaD2AdxCsCaK%2B8Y9hc1PLM6u%2BI05Y5jt8uygON%2BnFnG3hUSrNB2UheoxsTViR4LAG670dvSdPPRjOD5VEexqL5s9twPAdedXoKxSwyZ7zEYE5WXoTctMwkjx0Ovqto4Dj6MxBSSCfHudhHNe9KchJCz1w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e327ea63665-FRA
content-length: 11896
expires: Wed, 24 Jan 2024 15:21:03 GMT

GET
H2 200 modoujingbingdenuliriyu-zhucunyangping.jpg
static-a.xgcartoon.com/coverw/ 12 KB
12 KB 867ms
790ms Image
image/jpeg 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/modoujingbingdenuliriyu-zhucunyangping.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f222db50f8d69f3822c6a643699427a68a65912d57194d3258fbbf031cb7ac3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:52 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Sat, 06 Jan 2024 14:54:04 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "B82F0C9646DC0787454E3CD15D70DAB7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFo9d%2Fff3%2BCymDsEDiMhRvee3YZ6Y5lXM4ruSpo2sLUJvVH9%2FwZBAyFYKyIba724I35mE04sjCFaHHiuBECo5DVNQZGxiGn5NX5GOTCF2DZCqAnY6Q1KIBwc2ULJLrZizGtdqC2HqMcqXRzTohwLThJO5Pk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32aedb3665-FRA
content-length: 12094
expires: Wed, 24 Jan 2024 15:21:03 GMT

GET
H2 200 miaoshawaiguataiqiangle_yishijiedejiahuomengenbenjiubushiduishouriyu-tengxiaogangzhi.jpg
static-a.xgcartoon.com/coverw/ 11 KB
11 KB 306ms
229ms Image
image/jpeg 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/miaoshawaiguataiqiangle_yishijiedejiahuomengenbenjiubushiduishouriyu-tengxiaogangzhi.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e045322a9f6d9743ca64f11fd7f5675688351c103b4bdd6baf312aa4246e928

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:52 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Sat, 06 Jan 2024 14:58:33 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "70DE31B7BD31DE42EE37D9446A43A0C5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMEezvFjvtajKPrtpFp5BpeA%2FeOtUWQOmg%2FA8KI0izx42agyLI%2F340olwzU529DBc2pmu62On37%2FBP4xKz8UqLLZGEgGqVYhdTbx4UsG3Su6KB7m2pPHAn24ApSSXxRvCELcLG0AtCjg%2B0y2on%2F2r3kzGY4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e327ea93665-FRA
content-length: 11032
expires: Wed, 24 Jan 2024 15:34:04 GMT

GET
H2 200 zhiyumofadecuowushiyongfangfazhiyumofadecuowushiyongfangfa_benfuzhanchangdezhiliaorenyuanriyu-xufanglongxiu.jpg
static-a.xgcartoon.com/coverw/ 12 KB
12 KB 853ms
776ms Image
image/jpeg 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/zhiyumofadecuowushiyongfangfazhiyumofadecuowushiyongfangfa_benfuzhanchangdezhiliaorenyuanriyu-xufanglongxiu.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a201693256ab028b08a1527c4c961d2e2c6bc2bd241261d1c414ca243a7298d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:52 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Sat, 06 Jan 2024 15:01:13 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "81CE4CC94D79471CA9D36926348680C9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cdr51Rn%2F1oH5%2BImHwLuY3FH0LxMfaF3RszBsCGA1OX9YvJPwVFqW5BmvpCFutchHWQyMpyQabRMrRMLIxBCt9bs53I4InJmEgsbUvpgOJkSVMrLV1M9OHXLYsjfPZ5Iszisb3OASSHz3EFY1nyjeLzri44Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e327eac3665-FRA
content-length: 12027
expires: Wed, 24 Jan 2024 15:34:04 GMT

GET
H2 200 feiziyuandebusimaoxianzheshiyuyuanweidebusimaoxianzheriyu-qiuyeyou.jpg
static-a.xgcartoon.com/coverw/ 8 KB
9 KB 1078ms
1001ms Image
image/jpeg 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/feiziyuandebusimaoxianzheshiyuyuanweidebusimaoxianzheriyu-qiuyeyou.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41183135c8cf232f30ce4f7691f27ad90b5b83933071118ca5dcda57f0a2f64a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Sat, 06 Jan 2024 15:03:31 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "4E78FEE10CD47535AD1757712716C406"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BzXXespHEmAX%2FMWlziKbwUGld%2BDWiODSakbRmPoim2Qg4VfMP9%2F%2BIBQLCMqN%2Fo35SwgvkbSCmqOvZroSbqPVVHou1Am0vWTU9XNCnIZ3KWdmYItDlLQF6ealZCLixsBjRtVgV0wgkUniodDHFTzxOnMDP%2FA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32aeda3665-FRA
content-length: 8385
expires: Wed, 24 Jan 2024 15:34:04 GMT

GET
H2 200 zuozuomuyuwenniaoxiaobizuozuomudashuyuxiaobiriyu-couweilai.jpg
static-a.xgcartoon.com/coverw/ 11 KB
11 KB 111ms
38ms Image
image/jpeg 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/zuozuomuyuwenniaoxiaobizuozuomudashuyuxiaobiriyu-couweilai.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f05bfc1c8dfb9faa4041a02327c694fd5134896e214c39217c71eb4039b13e6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9973
content-length: 10839
cf-bgj: h2pri
last-modified: Sat, 06 Jan 2024 15:04:50 GMT
server: cloudflare
etag: "15A92E412C24656798EE58B4332A86C3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofMBB810qKVj7H2jMquKIYTjDbvmUZn%2F%2Fp5IaoW9oQYcfZXuqrCvWNJ5eyhWdx%2FeIIeD%2FRbFxJ1QwoXo33XF%2FjAQ705oZo5MIvQSQ%2FO%2F6HmycpbhZDNXST%2FXJd7jbB1O%2F3x0B4Lz3BhRLmRqNBX%2FPZxMo3w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e327ea53665-FRA
expires: Wed, 24 Jan 2024 15:34:03 GMT

GET
H2 200 baiqianjiadeyaoguaiwangziriyu-xiaoyinling.jpg
static-a.xgcartoon.com/coverw/ 12 KB
13 KB 113ms
40ms Image
image/jpeg 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/baiqianjiadeyaoguaiwangziriyu-xiaoyinling.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d482e30a639dfadfd7666454ba4e274c9dfe3f0346a2e1508df1c73f84e6aa34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9977
content-length: 12567
cf-bgj: h2pri
last-modified: Sat, 06 Jan 2024 15:07:01 GMT
server: cloudflare
etag: "7AF9F0C5037243B7538B1E1FC3A08EB5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HpreWH9G1wfws9sVGtmTB4masBhHF8nIvhXzdLpK1Zzgg3ekd0V0zMndNgYfqlT0dQMXhkLK9FZmRmyyBFKuKZAEWraUr1nnFvGCCMv63rhverd5z9UlMzfGmrtfGIS9tUxjCPob0RAHdybOz3GLPRGcvSA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e327ea43665-FRA
expires: Wed, 24 Jan 2024 15:21:02 GMT

GET
H2 200 conghongyuekaishiguoyu-heishanlaogui.jpg
static-a.xgcartoon.com/coverw/ 81 KB
81 KB 76ms
72ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/conghongyuekaishiguoyu-heishanlaogui.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c967704e74422476af65ce38377f28ec65578934188ace0032afd938a8f62ff2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:52 GMT
cf-cache-status: HIT
last-modified: Thu, 28 Dec 2023 08:41:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 9975
etag: "4838A78236BDDA66216C325D36CEB85C"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qepCHRSL%2BpsZg%2FA7fBijvsI1TP%2B0hObx1RYGpH7dq6usOjZdxu3LxRgtDjBm6YrhZBwFyaBmRjjR9ufzLxmA9AqJMbwYzm4sYR2DA3vDk94o0EaSiQwZHwRteWPuvlATqcermXtFqASpvbTobheR3LOvqZ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32bf063665-FRA
content-length: 82579
expires: Wed, 24 Jan 2024 13:15:06 GMT

GET
H2 200 shenyuanyouxiguoyu-shuiqiancheng.jpg
static-a.xgcartoon.com/coverw/ 72 KB
73 KB 75ms
71ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/shenyuanyouxiguoyu-shuiqiancheng.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed7963210a78a333d92b24b34534814443d69c7cf2ef37f07653f838ec3eef25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:52 GMT
cf-cache-status: HIT
last-modified: Thu, 28 Dec 2023 08:44:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 9973
etag: "51B643F62BCE1AD62AE88A6A7F7316A0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FHueHuzCsL%2BOjZMQc0aGGDCVNG2QA1823%2FQqbpPKn5HRNJFDQ39G2%2FOIh4kz5IA7l%2BcAts4L6u%2FOaPosGHQsgi2nbK28MpNdXkFTGaMKzpveFWTyMQZW6UjYrXbvc7OFF58PkLgk7kg46kAyUhE5RTpixy8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32bf073665-FRA
content-length: 73925
expires: Wed, 24 Jan 2024 13:15:08 GMT

GET
H2 200 mingyunquantaiguoyu-lihaoling.jpg
static-a.xgcartoon.com/coverw/ 78 KB
79 KB 47ms
43ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/mingyunquantaiguoyu-lihaoling.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc3ed4237446f48b7a1712e453c5b6e013a55b68e7fc55d38a86341783055fe6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:52 GMT
cf-cache-status: HIT
last-modified: Fri, 29 Dec 2023 09:08:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 9972
etag: "27AAFCB40C3D9EE9639718043D9FA654"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7SlC4YEY%2BPcGlzT5ri7b65JOsKPmzyFLQ2U4dZvZF9i2MuqjfVadYzcdN8k54Odz6VJFBgcYFM03lL6AQxtLqUr%2B6GV6eFTYXztgMX8y0GBD4l9O3zia6mYhXQL2e750Rnan3D%2FPvLVunXMm0XY6ruDBZV0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32bf083665-FRA
content-length: 80381
expires: Thu, 25 Jan 2024 10:04:42 GMT

GET
H2 200 jinzhanfashiguoyu-hudielan.jpg
static-a.xgcartoon.com/coverw/ 61 KB
61 KB 76ms
72ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/jinzhanfashiguoyu-hudielan.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f33a2f5f25c391fc75150a3034ebd6ac072945f97ecb572df2ba5ace685c023f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:52 GMT
cf-cache-status: HIT
last-modified: Fri, 10 Nov 2023 09:52:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 9972
etag: "B6CF6BA8847A9E051A54B308570DEB2D"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BuMufFCs3entf5S9IJ9pXDnlUgJDd2LyQ2rKOtrk4CeI%2BgcnM8g4Bwkuz2Shan6XEPlVGBWyyVRAdW8f%2BWiQrJSHUg7%2BwfEgQ0TE7KiegSJraPT%2BaSZR6fsbv3iNwJvAna0H31HvB8v94i%2BURT%2FE%2FcSy0Pw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32bf0a3665-FRA
content-length: 61986
expires: Tue, 23 Jan 2024 05:04:13 GMT

GET
H2 200 wushuangshuguoyu-qieyingshi.jpg
static-a.xgcartoon.com/coverw/ 64 KB
65 KB 76ms
72ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/wushuangshuguoyu-qieyingshi.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f41cdc29fad9db0b0ff1c365d9cee36da396346538b001d566a66f261be39df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:52 GMT
cf-cache-status: HIT
last-modified: Fri, 10 Nov 2023 09:50:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 9972
etag: "ED0F7E96FB240E4CC6EBFFD4151AEE35"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=30QE72Z1aBrt3EtU39Un0pYt3OjC7lvUc1dU9wQholYd5u8O%2BMTdLI83NipTGpI7G3RzC5Z1UpWVV1nCINoAOD7ASXUT8TBXQaiH7%2BHxMJE49RAS7jwCVURHkdwOZCbpY6cheUOKQDvxf%2BkQfTgG0EOJrgQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32bf0c3665-FRA
content-length: 65892
expires: Wed, 24 Jan 2024 04:42:23 GMT

GET
H2 200 aoshijiuzhongtianguoyu-fenglingtianxia.jpg
static-a.xgcartoon.com/coverw/ 86 KB
86 KB 76ms
72ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/aoshijiuzhongtianguoyu-fenglingtianxia.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9482ef22ac0ff1fe12c7df21d2142a15aa40b0b58b746887ed7357324f26d9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:52 GMT
cf-cache-status: HIT
last-modified: Tue, 17 Oct 2023 02:45:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 9972
etag: "1BE8883BDD9CBA199D68ABA0421068A8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEelpA1whwTcAC6OX%2FxDYAq48S0R2qWLXZvFY0%2FW97Jbvz%2B3Zw%2FMIRRi1bgaBxAmlTL7VljQqjgLVxvClfTMZFWvJ85%2BbK5sCwUdD8Tdtdlwf5Fra%2F4CPNQ01l43x2wO%2BbvvRDyC9Z9hdduC9u%2BUILB4tbs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32bf0d3665-FRA
content-length: 87840
expires: Thu, 25 Jan 2024 02:45:14 GMT

GET
H2 200 wudongqiankunguoyu-tiancantudou.jpg
static-a.xgcartoon.com/coverw/ 80 KB
80 KB 1084ms
1080ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/wudongqiankunguoyu-tiancantudou.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e51caf5c4f4e84fbdb340685b602bea060d4d87fab53f01f6a6f7ccb80cc489e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 05:58:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "668C6F4FB565F1B929E65BF6F1705C33"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cw%2B0VPAq0PfIQEsjzk6gGrzl7m%2FyhyJSI9GwaDr%2FaY7w%2F8Zg%2F6gVaymEmH6Bis2%2FmILRyfzkU7PHiBGdnpgOunALjlY%2FZig7qU4V2jsNlEv1Z1CyubWxLPXZ2%2FFVJgMjY7CinsQqqH2mJ0Dl6GbGj49%2Fylc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32bf0e3665-FRA
content-length: 81817
expires: Tue, 23 Jan 2024 11:03:19 GMT

GET
H2 200 busibumieguoyu-chendong.jpg
static-a.xgcartoon.com/coverw/ 79 KB
80 KB 440ms
436ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/busibumieguoyu-chendong.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff146c82166afe0cf2e272fad7c1949b5cb6fbecffd3a5837d85a176f1759951

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:52 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 05:55:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "35B0403C3C5AC915F6C73E135A428314"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FQztR%2Fy1%2By3PRCim5c6cPKam2ykO9wmngzdaxmyleAi99GhHwOsHiEacd2ioYI8nr49Os9rnw4DJtTQw0HzVuYUAUi5ZM9lWgUdwJWuNVokGvTK1f%2B0b%2FKOrLSj29%2B8EFn4XTr%2B5YwZ5SIu04u0AfI8x1%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32bf0f3665-FRA
content-length: 80972
expires: Tue, 23 Jan 2024 11:11:55 GMT

GET
H2 200 kaijushigedadidoushiwotudi_dongtaimanhua-cike.jpg
static-a.xgcartoon.com/coverw/ 84 KB
84 KB 953ms
950ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/kaijushigedadidoushiwotudi_dongtaimanhua-cike.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56f94ebd1c28cf9e916724e6292ad420c489fc29ea7fa07cd9cd0d790711d29e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
cf-cache-status: HIT
last-modified: Wed, 03 Jan 2024 09:34:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "EAA31D3829D1B66F8522B09DC028B453"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V7EUWGVh6GmrvtbNmC9Qed14JQLPkOjFUM4jgfRGzC5TR48nthS2FDRXWpqHo%2FWXN%2Bo2UEwId43vELq7v9pHm3LE4NDF6sIa5dUeUEo5fdnYGEQVDuCSczYepH0WwsNtCkxndz3UFYG%2B3kujU7Jw%2F16L9jk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32bf103665-FRA
content-length: 85740
expires: Wed, 24 Jan 2024 10:08:30 GMT

GET
H2 200 bahuangjianzun_dongtaimanhua-woheningmengnai.jpg
static-a.xgcartoon.com/coverw/ 80 KB
81 KB 979ms
975ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/bahuangjianzun_dongtaimanhua-woheningmengnai.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41060dd159c926287487f50a2d8e583c8c72e6121d1f5ffdc626dc6cf6bf4efa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 23:25:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "A7D9B45ECA968201355BB03F8CB2FF18"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mtn44nyo0LXi8Im7nd89KQqAzIhRhBrqPgvB5muZxHAbbC8L1jkxrSa9L6ak3%2FUkE3xvok3GgMk4Z6%2FO%2FlS1%2Foli4Ox6eJpftP0wMx5938p9F6INGp2Ytl0fukibIHRQWTT32AWvPAWHrBC9TKvAdgOEL4g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32bf113665-FRA
content-length: 82157
expires: Wed, 24 Jan 2024 05:22:08 GMT

GET
H2 200 chenshuiwangu_chushihengtuizhutian_dongtaimanhua-taerxisidongman.jpg
static-a.xgcartoon.com/coverw/ 79 KB
80 KB 961ms
957ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/chenshuiwangu_chushihengtuizhutian_dongtaimanhua-taerxisidongman.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad8677457876f632db38d31886a4f65dfeb50037c421ed20a9918fe60293585c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 23:26:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "189EC241E3F4BF6B48B573CFB959DA03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M304Bbi%2Bo1IEriy97f4px1%2F1jBtv5RfWb4QPM17p7tzggac59bY1nR8kf1FRWsNRAYsQlyYOvXmyXudJ6qcRNAr6j4L58zldDEnFoHL%2BobE89%2FKmoiGFZq6Zx3jGTniZrZXWhqT9Gie4nfKVWCgeDJvv1m0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32bf123665-FRA
content-length: 81101
expires: Tue, 23 Jan 2024 05:04:13 GMT

GET
H2 200 kaijuqiangwenliekounv_dongtaimanhua-xiangtianxigua.jpg
static-a.xgcartoon.com/coverw/ 81 KB
82 KB 572ms
568ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/kaijuqiangwenliekounv_dongtaimanhua-xiangtianxigua.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a343a1840f00a5db5891891069d57a2af26f4c1b80be9098252cadcca0b4e6bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:52 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 23:29:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "441C7D9C48ADD92C56645F75112A1835"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y9c%2BOHhlQtZXO343WD4IyXOiL1HAQqE8BoCTclMmGSMfFhZWEciRIivvdQXU95KC1PLdhxr6Uv3sNP%2BxVw%2F43pyIrjeXynORIYoEArdl8DwJAmV7%2BsAO%2FqC5mvzJPiHGAplMofHdX9Ue6UTL84TRel9Tdwk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32bf133665-FRA
content-length: 82987
expires: Tue, 23 Jan 2024 04:13:54 GMT

GET
H2 200 wangulongshen_dongtaimanhua-paipailong.jpg
static-a.xgcartoon.com/coverw/ 81 KB
81 KB 1237ms
1233ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/wangulongshen_dongtaimanhua-paipailong.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89f365a523630bea5ea3533ec5c06b7db2297d14ccf662fe90aeba69d9ac3158

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 23:32:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "39B918AEBD42D0FFC27FD6399F76C99B"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ckf1mKa3K1DAtAT4VtnJgjnympkMiqFdsRWACkQvszoQXTfz%2FK6PL5JY3D57i7MwJ12RZTWGKRE6t9pD4bkxbyqluc4%2FdpHwwhubcEobGSjo4BqnRUyYr7xXh1NIUG8tJNoslppUIwiS5ShRuRK%2F8hw1C9A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32bf143665-FRA
content-length: 82534
expires: Wed, 24 Jan 2024 04:50:15 GMT

GET
H2 200 wozaiyijiedeshishenzhilu_dongtaimanhua-neoman.jpg
static-a.xgcartoon.com/coverw/ 89 KB
89 KB 1241ms
1237ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/wozaiyijiedeshishenzhilu_dongtaimanhua-neoman.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f59a24724025aaa808fdcb5db803d2127feba310c2acf9acb0e5365b9a2b8809

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 23:33:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "68B22A30E6B66C3A18BF426483A1D988"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=REf%2Bq9ZmQGU%2B6W9Uo%2Frarw9SfYVNhXvGFerFPyLj5%2BvhvyAvHXEUs0Myuxs2aILWgn4YF5joFywVuLuD2oDWiF5RqEllSqUjSJUk7kc2k8E1Y6MBLCeC3Axo2Kon9G2vALpbOyCVJyTCs7nEhC%2F2a3SE4e8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32bf153665-FRA
content-length: 90958
expires: Tue, 23 Jan 2024 05:35:24 GMT

GET
H2 200 wosongkuaidiyoushenhaojiangli_dongtaimanhua4k-chuibuqidepaopao.jpg
static-a.xgcartoon.com/coverw/ 66 KB
66 KB 410ms
407ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/wosongkuaidiyoushenhaojiangli_dongtaimanhua4k-chuibuqidepaopao.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5af2b3c44d498d4ca737d2fbc0acdc882fc81ec81afc4c1b7d8548f9b52f64a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:52 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 23:35:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "BAB8ABA6F4F3ABBE8F4305EFABA84344"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FiGRUBx4viBOp8w7cN6WOH%2B13N%2FN4nLawJQmw2ngdqSfj4Yi0hbE6sPg33Sopn%2B6MpUH2qceQ3SZldZRITP%2BhC3tN65lu5OPPdrDLtj44dlwP6mQbtgbSpY0hKtEliNiJSpCGFihr9XtTcejvezinH%2Fsx7g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32bf173665-FRA
content-length: 67545
expires: Thu, 25 Jan 2024 04:42:53 GMT

GET
H2 200 zhanzhufengzhidajie_dongtaimanhua-manshengongchuang.jpg
static-a.xgcartoon.com/coverw/ 76 KB
76 KB 959ms
956ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/zhanzhufengzhidajie_dongtaimanhua-manshengongchuang.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1917b964380fc9d01d1e73a79c4d7cd4c0e9ae2a34ae63ddbcd65cea655e9a06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 23:36:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "7B438FF2C085D78C499DB5A0F124083F"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eo9hzmymuVN1M9w5IXwidbF1KULcQ3BdbY9cRI3VmLDdmps5cdIh%2Fiyus9k1dopGTCtYaIYcsOxHEB1sgFtvsJKRnMpm26atKXEpJ8yjJo8cv2kfPqHFS%2FAjsBAr66oCVkUJE6MSizhYntO8F8j7L5%2FhqGU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32bf183665-FRA
content-length: 77699
expires: Thu, 25 Jan 2024 04:42:53 GMT

GET
H2 200 senlinhaoxiaoziriyu-zuotengzheng.jpg
static-a.xgcartoon.com/cover/ 27 KB
27 KB 807ms
804ms Image
image/jpeg 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/senlinhaoxiaoziriyu-zuotengzheng.jpg?w=330&h=160&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7abe4ef543f967bd6fbc94fc40b81fd8a19428d105ba4d20d6f31783e81f74b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Tue, 18 Oct 2022 02:11:53 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "909670C9E71ED1B7F387FB0F463E740B"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TAbqe%2Bm8dF%2BnBYFsdS%2B6yxFkglJ4RSz6Zlkue3ATrSaEij3GGpE5ElGW6XNTc7UcbmSKAzdIg0hizuGe%2F7jwh38K614CZJ89s4HLjz4oYyxnXd%2FkIWUpjyBU87OB%2F8aQR%2FVGlPPxgDxjBg%2BAVupG0XyBElo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32bf193665-FRA
content-length: 27507
expires: Tue, 23 Jan 2024 05:05:44 GMT

GET
H2 200 yiqidangqian_1-7jiriyu-datianhuangyi.jpg
static-a.xgcartoon.com/cover/ 127 KB
127 KB 964ms
962ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/yiqidangqian_1-7jiriyu-datianhuangyi.jpg?w=330&h=160&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7a1f2d2b3af5842dc4b63539230c2fdfef285afd76c1304d327daa0b51cd575

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
cf-cache-status: HIT
last-modified: Sun, 05 Feb 2023 03:03:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "D12842BD1DAE25B413459A3FCFCC546B"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hpcj28C9P8egPPi7qabSOp6HeLjdZQhK%2B%2Fl020ZpnP0lC7r07xMg3JyHTj%2FRNLK8bpoGfcREc9%2B2twOT6400COqOTrhdgRnsBGDz%2BfUNPz8hM1njONr9xuuc6f650OhjzfKachff9WV4An%2FEmQ0wQYK4AiE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32bf1a3665-FRA
content-length: 129796
expires: Wed, 24 Jan 2024 03:24:30 GMT

GET
H2 200 shanzhangzhuonongdegaomutongxue_di1jiriyu-shanbenchongyilang.jpg
static-a.xgcartoon.com/cover/ 132 KB
132 KB 1046ms
1044ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/shanzhangzhuonongdegaomutongxue_di1jiriyu-shanbenchongyilang.jpg?w=330&h=160&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ed841005c6fd7c9bd183a289bb9e7bc9c7a85e90d370bfb9eb42f440b7ede73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
cf-cache-status: HIT
last-modified: Tue, 30 Aug 2022 07:44:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "17421E25008222EDFE9BCBCEF2ADF721"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1rp8fzzE0LtD94%2FhHANFgh17a%2BpImFpYOTo87mOvaaUBGeyBpZplW1YLtXYDxvT63DsMtdwH2ahdZ4OKQQ4rMZ0lBzuGFy501qxpJqK5rfg9mcPjb11gT%2FUaBOkM2yfBKZU0LSQT7GgXr%2FcqZThYW8a64Ro%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32cf213665-FRA
content-length: 134813
expires: Thu, 25 Jan 2024 02:01:03 GMT

GET
H2 200 maohelaoshutom_and_jerry_yuanbanpeiyin-migaomeidianyinggongsi.jpg
static-a.xgcartoon.com/cover/ 2 KB
2 KB 754ms
752ms Image
image/webp 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/maohelaoshutom_and_jerry_yuanbanpeiyin-migaomeidianyinggongsi.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94b0aa179f9950baa8375f953ee4a03b1606d0945ff3159dafa2c8bdcbb2d59f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
cf-cache-status: HIT
last-modified: Fri, 23 Sep 2022 01:41:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "E5E81A81EBECBC8D433B057AF25B6B0B"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GuQVLGLp6nQHCLPa5hf8dAvhyOp4xNtDVGTJ3gbC1KoGqdAi2s2HuyD0Xcer1zWLDww9Xm4CbaJzMnfEXqcxpYwcJVbbwAEdJrNbbOx8jx3kAlsJncGGWYGYBK%2FNPJ2i%2F16TaMXhSumUIT%2Fpc7MYrr6%2FnUs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32cf223665-FRA
content-length: 1816
expires: Wed, 24 Jan 2024 05:24:24 GMT

GET
H2 200 dawangbugaoxing_di2jiguoyu-shituzi.jpg
static-a.xgcartoon.com/cover/ 14 KB
14 KB 257ms
255ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/dawangbugaoxing_di2jiguoyu-shituzi.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54eda68a8d6e9cf6039971639882c4b78f652fd47545a11a66bffc39df959e40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:52 GMT
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 00:57:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "478FA90B6BC5A45142B686383C3AF18C"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xagAxs69p1Ogpg3h0zRnYxpxBqrdF2c8EyYU3vgHHiA1FR60cQMDBTnipyierndfYJiV%2B8abGDLRXUwmQ2crdtPhf3i78cZbG1Nz8CNYeEUQXoF35BKKWYxHomOWwcKi0TXZ1AXAaCMaOC%2FpgCI8t%2BrMgww%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32cf243665-FRA
content-length: 13997
expires: Wed, 24 Jan 2024 05:24:24 GMT

GET
H2 200 ququbucai_zaixiayeguaiguoyu-yuanqiwadongman.jpg
static-a.xgcartoon.com/cover/ 15 KB
15 KB 845ms
843ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/ququbucai_zaixiayeguaiguoyu-yuanqiwadongman.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a97d3325c01891167615327fef9cd173ac264f69bf526c15af006ad27f99eaf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
cf-cache-status: HIT
last-modified: Sun, 07 May 2023 06:42:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "BEF514ECA2F8681E6F7AF4005C8CCDF2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCk9Nm5qMaBYqLPOt2cb44EULEZuG8ELYxqwISIUHl91adkfrp4d5GnocizSjQHcyezo2z9lRBKgat1XCH785rIxvNWvBYNkBAMQ%2FbQUz%2Fkoum2pEHvo3j0P3AdW1Se4ZZ1%2BS3yCekLw75KrgDw7SJyJIBE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32cf263665-FRA
content-length: 15000
expires: Tue, 23 Jan 2024 05:22:26 GMT

GET
H2 200 yizhichonghun_dongtaimanhua-kuangshengdongman.jpg
static-a.xgcartoon.com/cover/ 11 KB
11 KB 278ms
276ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/yizhichonghun_dongtaimanhua-kuangshengdongman.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbb41d948989c5c65e69966c145618e2db14c247ba6b92a6bb7bc62eb29ad634

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:52 GMT
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 07:07:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "C051EEA0B9C1600DB5216E34275CEF3F"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v11jw8Zq%2FoMiyHKFoIcoiMBRAJ0%2BOef2PryN5WSrukquRfTqaty%2BgMwFtn0r5F7qz0w1yOa0S9DWLA%2F6T7QMTh5PsEuSlE0XEfpMcJFzzIK3vZECKqYtWTBbJEEFHdlAj2YDBGaqe8j7O44pf7D9jh5o6Js%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32cf273665-FRA
content-length: 10954
expires: Thu, 25 Jan 2024 07:09:09 GMT

GET
H2 200 wuxianwangzhexiaodui_dongtaimanhua-youkushipin.jpg
static-a.xgcartoon.com/cover/ 13 KB
14 KB 789ms
787ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/wuxianwangzhexiaodui_dongtaimanhua-youkushipin.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a5e8e47f8c822a6b6949d92a6ae8666a793ba1f1a208f19b9cc696d560852cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
cf-cache-status: HIT
last-modified: Fri, 07 Apr 2023 01:55:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "C8835D7A4279B9037D93823591E23FE4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7HaVY5WYIDsiyG76v2PVFoo0xuBPXBfX21PSrKdcQJmGHnyVnWVp2akWr7ztGzctJCgUStK1ColRpo3%2FZVzgBTFlTBQ2hzKVGVOHDDz5nDpZToXo5OuFzOcDrKSleWKQwJ9t0zSi8rUX5aWWsvmuqIriqzM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32cf293665-FRA
content-length: 13798
expires: Tue, 23 Jan 2024 02:05:51 GMT

GET
H2 200 xiudoumodaoshidiyiburiyu-shenbanyi.jpg
static-a.xgcartoon.com/cover/ 3 KB
3 KB 758ms
756ms Image
image/jpeg 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/xiudoumodaoshidiyiburiyu-shenbanyi.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45aff63862b7a85a48741e816ce3b9fdc7e2ea725e1f5989ceb47f502381a4d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Thu, 20 Oct 2022 04:56:35 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "F9364CF22F7C8152E974F570F4242ED6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wzUmXivQf82UzFuNDzfe%2Bxv9diQlgFvytZk2fjXE4crAjrbfo9JlAxcrD6FmJQC8YTyJd7CvHMpjl6tpu9b6yeq5J1b1xX7KygfINKCJ3%2BOP%2FVMSIRIa1qqOGtW02tO5ul7Cklur1JH9W3%2B%2FmSxqlXgtfKU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32cf2a3665-FRA
content-length: 2697
expires: Thu, 25 Jan 2024 02:29:56 GMT

GET
H2 200 fangyuquankaiguoyu-loujia.jpg
static-a.xgcartoon.com/cover/ 12 KB
12 KB 784ms
782ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/fangyuquankaiguoyu-loujia.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 326db4ba0a99427d55bb9b9c42decc77d1d07a925a3c0bede1ad8e1f511c82f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
cf-cache-status: HIT
last-modified: Sun, 07 May 2023 02:14:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "BF325C19368B0FE3C21FDC47FB7A32DE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZArklTPyZYU1dQvp9iRlAuiwSBMbd35OE%2B%2Bek6w%2F36gzC0h0yOZD88RJNPEH6kvpw9CkDODmNJJzddba8FupuLl92wRQFG%2Bzi7dNJkXLIDGwOFCEWuw6aiW3NUD7JPdhgu5pFKUcDk0d6aTQuuIIKD25j2g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32cf2b3665-FRA
content-length: 12407
expires: Wed, 24 Jan 2024 05:24:24 GMT

GET
H2 200 mofajinshumulu-jinzhibo.jpg
static-a.xgcartoon.com/cover/ 3 KB
3 KB 253ms
251ms Image
image/jpeg 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/mofajinshumulu-jinzhibo.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1550cde0e7d219960e9cb08513b187557f36f8492494b8aa84722533baa675c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:52 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Mon, 15 Aug 2022 18:13:29 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "9190D06529D3D2F33CF12DC938567CCF"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCJm4LDaYqVbKO2rt1OLLoBmqbnl0wuBIunf5ivuJByytJvNOEzdhFLUgIpIEFFAWnGHQg9K01wwt3ecwtUaQ4CBc%2FIrT7jZ8tDw12XCuggdTxC2oGXHZSvfccyPs2wf3Wrmim2T173Hkkt%2BXBuqEbRI%2BoI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32cf2c3665-FRA
content-length: 2883
expires: Tue, 23 Jan 2024 02:05:51 GMT

GET
H2 200 yishijiemigonglidehougongshenghuo_riyu-suwoshechi.jpg
static-a.xgcartoon.com/cover/ 2 KB
2 KB 756ms
754ms Image
image/jpeg 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/yishijiemigonglidehougongshenghuo_riyu-suwoshechi.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe364619ca5af89c1517dc71bb790c4b2fc8ad68e40828b73d35c01a057f2820

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Tue, 20 Sep 2022 06:49:20 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "C4FF63CA5522451C13043B0A23C7D8F4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dPUPRsxqT6onZX5BT3pg8F0lgTwpPRTBKL4YO55%2FCNAvzrXaqTJ02%2BNB6WIzohe12ufy7a2Di1IRHdAkXDYWMG%2FHf%2BXXMUGm4HTTebxEn4wMRoJ49rxb2vBTxrmE3Gm9K%2F%2BPQQYW%2BIs%2FPXS%2BfhpXkkeRGNg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32cf2e3665-FRA
content-length: 1896
expires: Wed, 24 Jan 2024 07:03:26 GMT

GET
H2 200 quanzhifashi_di1jiguoyu-guanzhenyu.jpg
static-a.xgcartoon.com/cover/ 13 KB
14 KB 807ms
806ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/quanzhifashi_di1jiguoyu-guanzhenyu.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4620eb8558321711185c5cf37ba11012a3d67617ab55060ce2ab0c7ebb1a5dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
cf-cache-status: HIT
last-modified: Fri, 05 May 2023 23:14:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "B9344F29FC35FDD5A32F6916143E46B8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O909HC7o%2F7fwjPP1XLIOxKOGq55mhkciMfcGQNrXWUfp3Li0SSELgEVe%2F74HzEtbH2%2BURb0UmY9yQKy1qIZvFNXyF8e6MnusZvIyH3klONLAmXJTjmV9xsPHDsLBuhB40ILoa7uMvl6pLJNSwqlKZQJowl8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32cf303665-FRA
content-length: 13786
expires: Wed, 24 Jan 2024 05:24:35 GMT

GET
H2 200 fufuyishanglianrenweimanriyu-jinwanyouji.jpg
static-a.xgcartoon.com/cover/ 2 KB
3 KB 764ms
762ms Image
image/jpeg 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/fufuyishanglianrenweimanriyu-jinwanyouji.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6e1cc877a10a8eb6972d29ff997fcba4280ce42b896f3909cd932ba02fd5bfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Fri, 11 Nov 2022 00:33:12 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "2C07F9FCE1FF84CA15BF3FAE2284DF91"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vvhZGLjfE6baoKrV1LoSbZYvINv%2BH2TNxH5WJcw4m4jCw4eVYkAG3ln7xkYmSr5tWjljvNMqFr0FGBP4BYyd5OydHzBDOTrweSawgPjuNM%2BZN7FNPZF3l415PNlb9ONCBHt81rFeopdrFRbi8kpNyTb6rw4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32cf313665-FRA
content-length: 2390
expires: Tue, 23 Jan 2024 05:05:44 GMT

GET
H2 200 malajiaoshigtoriyu-tengzeheng.jpg
static-a.xgcartoon.com/cover/ 13 KB
13 KB 795ms
793ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/malajiaoshigtoriyu-tengzeheng.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c59cff9a64bddf2deaea3effeb952babb3a012d05e7b1d3ecde5212f7c17b9a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
cf-cache-status: HIT
last-modified: Thu, 01 Sep 2022 09:54:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "B643EC1285EBF7BEBB2FE21273DCA74D"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zre6eD8ItAF%2FjtRLAyr7dkKou8IkJqavwjUItSSo4JLPJsv0PXKyyJhRpeQjt3aVginxKwK3dfuIyjun9cAp%2BFLJsZ5%2Fhw5aL7405tFPZFdZXW0VfUdVpgJ5JMxQeE4AL2O%2BPDshWZs%2BS9NKrJrzR6I4d1k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32cf323665-FRA
content-length: 13245
expires: Wed, 24 Jan 2024 05:24:24 GMT

GET
H2 200 meishaonvzhanshiriyu-wuneizhizi.jpg
static-a.xgcartoon.com/cover/ 5 KB
5 KB 782ms
780ms Image
image/webp 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/meishaonvzhanshiriyu-wuneizhizi.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d42553a5c5c21454807af7cec2bc459c0dcb08728f1175db01d196b2bdfc8bf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Oct 2022 01:35:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3E3669DCE08F269784F773A3A0BB30C8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9X49oc93lnbGqkPDETXx0VGGrcbaihvstHpWrWah3AlhELctqHI3QgJPztgceZFJ0qxeF677WPT1qJSXDdItoRN9r5yfEfp49SSPqox7Yj99y1WDC%2FOW7IkcCzMIpVZXbJWP0HQeVa791rfVO7A5EADEKW8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32cf333665-FRA
content-length: 4672
expires: Tue, 23 Jan 2024 02:47:01 GMT

GET
H2 200 tianjiachongqi_zongcaifurenxiuxiangtao_dongtaimanhua_di4ji-baicha.jpg
static-a.xgcartoon.com/cover/ 5 KB
5 KB 762ms
760ms Image
image/webp 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/tianjiachongqi_zongcaifurenxiuxiangtao_dongtaimanhua_di4ji-baicha.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3523fe0bfc26b6aea6ba24d933045d533972c56d98371a9ad2f952afa3af4465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Nov 2022 05:42:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "8B570B4703DC81B4249B18FA260FEB03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2FlAze%2BOrl1J4I%2F68sm7cPlXQL5sFQiUR3QsKKYKL3Az0LlMhX85IJdfiS7WNu8tof8DE8u3a01obrGqin%2F6tNqEPmeH7KKy%2Fn3O%2BnLpnEmrkk0UE6vRcInEVOv1Uw7kVfv0aNUjVQWEVB9s%2FDw%2F1UBFzHU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32cf343665-FRA
content-length: 4728
expires: Thu, 25 Jan 2024 08:11:40 GMT

GET
H2 200 zhongshengzhinuanhunqingchongqi_diyierji_dongtaimanhua-akewenhua.jpg
static-a.xgcartoon.com/cover/ 14 KB
14 KB 289ms
288ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/zhongshengzhinuanhunqingchongqi_diyierji_dongtaimanhua-akewenhua.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 847677e364f632a14b284e72e3b92d136e77486f4efccb0e81aa6d62432994cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:52 GMT
cf-cache-status: HIT
last-modified: Sat, 15 Apr 2023 01:15:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1A563ACA7CEF7E855881649900046C24"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3DI%2FcWC%2FrDilm%2BBbuhho72kSE9PeHuKtsr78g1WslRgK%2BHj4zr%2FdHfb4ws6SmDb3mYBQSEFrqAKusZfhCAX6pVLExWCxLWjzSDVE%2FNPJyaTmM6X5YB9901eiG7NNpSJiKXTUG5WZ390IUsSBhHnP%2FoknnE8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32cf373665-FRA
content-length: 13852
expires: Wed, 24 Jan 2024 04:11:09 GMT

GET
H2 200 huoyingrenzhe-anbenqishi.jpg
static-a.xgcartoon.com/cover/ 20 KB
20 KB 784ms
783ms Image
image/jpeg 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/huoyingrenzhe-anbenqishi.jpg?w=330&h=160&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: beb41f5f31d4b2911ad91b5b7b05131f006837a6c2bba64dc0659266107431f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Sat, 17 Sep 2022 12:00:46 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "5BEBF4DF6CEFE84525479C0D9499BF6B"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QlDd3t1KN7DxKUIEQX%2FUYB9odEfP47r98VPLKUWe28lzdoajE2AimfrHi18gXZ0b1APN20M4EzwjwnSeTpB0rd86xDcyvG3F4JmgKYnTwk7pe5TgJ6gczX7%2Bep5iNExpbPfuxKqUAEWGCf%2Fpjk%2BX03Z7XHg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32cf3a3665-FRA
content-length: 20074
expires: Wed, 24 Jan 2024 12:44:29 GMT

GET
H2 200 lingnengbaifenbai_di3jiriyu-lianjinglonghong.jpg
static-a.xgcartoon.com/cover/ 2 KB
3 KB 983ms
981ms Image
image/jpeg 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/lingnengbaifenbai_di3jiriyu-lianjinglonghong.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b497840fdc78d638af40eccc2c9fd9006670503964b7b8d7d84c5f8062ef25d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Tue, 11 Oct 2022 10:49:35 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "79E4E799FC149BCB112B48BE58EA6B10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DDPWu8%2FcQke4%2B%2BqzhD%2F968oFYib%2BSAucUWNYtGS9u48jei6r2W6JEjTu18O%2BxcLvrWZhVerNE%2FvSis3neBDasgHO41QRjSGjyPeL1SGgqLIseV%2F8K5qaZ0Z1qcnW5RrovUnzD31bG4uMV38QkTG%2FUaI%2FJzU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32cf3b3665-FRA
content-length: 2301
expires: Mon, 22 Jan 2024 16:22:25 GMT

GET
H2 200 bulaizeaotemanchaorenblazarchaorenlibawangbuleisaguoyu-yuanguzhushihuishe.jpg
static-a.xgcartoon.com/cover/ 127 KB
127 KB 1068ms
1067ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/bulaizeaotemanchaorenblazarchaorenlibawangbuleisaguoyu-yuanguzhushihuishe.jpg?w=330&h=160&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d7e3dba795cc58a5bedbef6783f9e5151f51447f01b9e85e54bd16fb762cc15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 06:03:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "0446BB7F702C0E60EC9D518B32F179A0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vz4P6DxC%2FL9f1h%2BoaJvDgkWBiJ%2BoKuFBJokh0Nv1kgZJvRRNl7ban3EZmxdbt4lq8uKhPESektd93zlWjjyn3H2%2FZOFW3NScwuyiiaYrz%2B%2F32C%2BrRduBlMcaorEytH67wtcGOvnEAnlLbFaYB7wvYtNRxZg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32cf3d3665-FRA
content-length: 129743
expires: Tue, 23 Jan 2024 04:52:46 GMT

GET
H2 200 telijiaaotemanriyu-yuanguzhushihuishe.jpg
static-a.xgcartoon.com/cover/ 15 KB
16 KB 780ms
779ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/telijiaaotemanriyu-yuanguzhushihuishe.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dc8d4c8057500621917b3d88c33f534d917b03234c4716c04ca483e3dfdd69c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 01:33:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "9484ECFE745A52D1CB3D1419C8357010"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDpPR509VZng6DLfR0rXhDP8X5H4IBxYeCTI9R89ICCZd6MOhgN5IOY1siStmsTeJxBw8lK5cLZTtvWdDioPrNy0pi0k%2FwlAfUjVkL5zAuMb4i2J3kARgCCFHHvfWCd00ybZFOBE3cV6YpR445igU02bcYU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32cf3e3665-FRA
content-length: 15613
expires: Thu, 25 Jan 2024 04:15:24 GMT

GET
H2 200 youyoubaishu-fujianyibo.jpg
static-a.xgcartoon.com/cover/ 17 KB
17 KB 823ms
822ms Image
image/jpeg 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/youyoubaishu-fujianyibo.jpg?w=330&h=160&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 753107f53fa7b6669aea9980a59cbbe59f0d21ded66bd2dabe9ddbc24ddcb2b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Sun, 07 Aug 2022 16:13:54 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "D7C5BA4A4C08A7C3445732535D7FFF06"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AkD%2F%2FVrJP%2F0sWTXAdBcASgPORocF7CQt4feic7Ezwn2a9rCLMUMkgk6sUmwx5K0fhm7PxFgM1kFmnmVlGjapEt%2Bb%2F92rMNjB1rrP%2BAnU%2FFK4YhuqxgRMM1R38GSpNwN0TNb%2BrGvqbGs3QFrvzNs%2FbBo0eD0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32cf3f3665-FRA
content-length: 17505
expires: Tue, 23 Jan 2024 09:56:52 GMT

GET
H2 200 wanyufengshenguoyu-litinghe.jpg
static-a.xgcartoon.com/cover/ 13 KB
14 KB 266ms
264ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/wanyufengshenguoyu-litinghe.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3be69c4d77cd568b0c2d360918d62e86b33abfe1b08a2bb2c6993235a67d264

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:52 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 07:15:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "D3F7A84E6AF7F1EEF2956FB7592AC66C"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2NuWumD%2Bens%2FB780sXKlsH8dfdSo%2FHfdiL45BJrMAI%2By7whPfKKnYEiO2h6r%2BvMfIAIptpXb9fG6RhiJS90e5WLunUwEPONinu2QxTnQOKy%2F543WXcU8BtwOGzOiGvxR1DVlIvgaAOrBawLi6MI9%2BwvUbA0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e32cf403665-FRA
content-length: 13324
expires: Wed, 24 Jan 2024 07:03:25 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012312191621000/v0/ 8 KB
3 KB 198ms
85ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14ab49460c47fdf815c70b7f64b44d3448cc900818109df37d872cf9bff5655d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 18 Jan 2024 17:45:27 GMT
age: 344365
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2974
x-xss-protection: 0
server: sffe
etag: "e52fa5b802575fbf"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 17 Jan 2025 17:45:27 GMT

GET
H3 200 amp-ad-network-doubleclick-impl-0.1.js Show response
cdn.ampproject.org/rtv/012312191621000/v0/ 237 KB
62 KB 153ms
58ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-ad-network-doubleclick-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f148de89d4d03108e6737d5e74eaf6092c6f20a0cb6fe15a712c71870297967f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 18 Jan 2024 17:45:28 GMT
age: 344364
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63691
x-xss-protection: 0
server: sffe
etag: "ca89be154adde560"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 17 Jan 2025 17:45:28 GMT

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012312191621000/v0/ 12 KB
4 KB 173ms
81ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74d4bdf53948592ec60f4d551e63e2a0ded2ef5a357eaf7ea0a213d96cc17c30

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 18 Jan 2024 17:45:27 GMT
age: 344365
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3937
x-xss-protection: 0
server: sffe
etag: "2beb5dd317750b97"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 17 Jan 2025 17:45:27 GMT

GET
H2 200 woduzishengjiriyu-chugong.jpg
static-a.xgcartoon.com/coverw/ 46 KB
46 KB 980ms
965ms Image
image/jpeg 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/woduzishengjiriyu-chugong.jpg?w=780&h=376&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5c59127ba5fc1bee156517a8cfa5034f3b5cc76ff2ee316d14bfd44dd3f3e5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Thu, 18 Jan 2024 06:15:13 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "8130110BA26CED072434F2757CFDB70F"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WmbGhGZ7FJEcaL9aDgacsnmoF%2BABi9h3JP3cN7CdSpYGhadE2qxu6g%2FqXLum8FonWPdCbIKuaTPebKr2xZz8s%2FuPqF7lvsbe8npW%2BrZfqXRUnZPLeYCeGimdOwMf3blo2ur69oyLS%2F7QaZ1tS40mSO%2BUYoE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e327ead3665-FRA
content-length: 46671
expires: Wed, 24 Jan 2024 06:48:13 GMT

GET
H2 200 monvyuyeshouriyu-zuozhuxingdian.jpg
static-a.xgcartoon.com/coverw/ 372 KB
373 KB 1082ms
1067ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/monvyuyeshouriyu-zuozhuxingdian.jpg?w=780&h=376&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebb17bb8f5671a90a39c16213579b003f988e5ca23b5ff2c26a7d064c09ebf4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
cf-cache-status: HIT
last-modified: Thu, 18 Jan 2024 06:23:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "D07C4A3AF204811EA62B491045A17878"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oPiEZabzvNKES8JY8QnNJoUReUDcqNeBq8fZ%2F91r%2F%2BXMZ7tIKkML0B4NSAF8rOzIU3bIr3ZB7Qt45S7tY7P8FvkB2Kwiu9w91ICTwdELFAaTSrgpq7y0AXg04ajRVixNOkUv3Y8O0yhis5KpCr7uLQYYyso%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e327eab3665-FRA
content-length: 380817
expires: Wed, 24 Jan 2024 06:48:12 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 36 KB
14 KB 807ms
672ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_home_header&adk=807729522&sz=728x90%7C728x90&output=html&impl=ifr&ifi=1&msz=1200x-1&psz=1200x-1&fws=4&adf=1363681995&nhd=0&adx=436&ady=80&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312191621000&d_imp=1&c=46003177&ga_cid=amp-tWaiPjBxdcsdN4P6xZQVcA&ga_hid=3177&dt=1705944292435&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=711&dtd=10&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f3c16cafdec670b7dcd7eea069fc0cc826f57bf45342db6192f22be33555437

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14490
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CJDA4tzB8YMDFQDAuwgdI1UNuQ
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Mon, 22 Jan 2024 17:24:53 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
14 KB 916ms
781ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_home_hrec_1&adk=1345413239&sz=320x50%7C728x90%7C468x60%7C336x280%7C320x100%7C320x50%7C300x250%7C300x100%7C300x50&output=html&impl=ifr&ifi=2&fluid=height&msz=0x-1&psz=0x-1&fws=4&adf=842741550&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312191621000&d_imp=1&c=46003177&ga_cid=amp-tWaiPjBxdcsdN4P6xZQVcA&ga_hid=3177&dt=1705944292435&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=711&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

042d45de7ef7ed8f7103277661aa777499ec2f4b5c029e9efecc4f9735735c02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 300x100
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13760
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CKePxtzB8YMDFV_Kuwgdt14I_Q
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138353942502
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Mon, 22 Jan 2024 17:24:53 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
14 KB 468ms
333ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_home_hrec_1&adk=997395249&sz=320x50%7C970x250%7C970x90%7C728x90&output=html&impl=ifr&ifi=3&fluid=height&msz=1200x-1&psz=1200x-1&fws=4&adf=4107419727&nhd=0&adx=800&ady=637&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312191621000&d_imp=1&c=46003177&ga_cid=amp-tWaiPjBxdcsdN4P6xZQVcA&ga_hid=3177&dt=1705944292435&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=711&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99f393936df9445c67079666fdc6d7f20321fb40c6560f58f311a19552878d38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:52 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 970x90
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13761
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CK3zxdzB8YMDFc_HuwgdiCwG0g
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138324663424
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Mon, 22 Jan 2024 17:24:52 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 68 KB
24 KB 702ms
567ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_home_hrec_2&adk=1425218679&sz=320x50%7C970x250%7C970x90%7C728x90&output=html&impl=ifr&ifi=4&fluid=height&msz=1220x-1&psz=1220x-1&fws=4&adf=3343197514&nhd=0&adx=800&ady=2269&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312191621000&d_imp=1&c=46003177&ga_cid=amp-tWaiPjBxdcsdN4P6xZQVcA&ga_hid=3177&dt=1705944292435&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=711&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbc3cb92f5d82e2d4c4f2c84aeb2d53ecd27d56994c7d6c5cef6410afa487498

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 970x250
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24034
x-xss-protection: 0
google-lineitem-id: 6135253164
x-qqid: CKf9xdzB8YMDFZPJuwgd5uYLBw
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138368724316
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Mon, 22 Jan 2024 17:24:53 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 36 KB
14 KB 998ms
864ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_home_hrec_2&adk=665818911&sz=320x50%7C728x90%7C468x60%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=5&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=2267600489&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312191621000&d_imp=1&c=46003177&ga_cid=amp-tWaiPjBxdcsdN4P6xZQVcA&ga_hid=3177&dt=1705944292436&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=712&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d39cab397988a01c2cc2e9576159cc1ebd9745b0e1ad8b2fce90614ea130ff1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 300x600
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14481
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CJjx8NzB8YMDFZui_QcdmIoIsA
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Mon, 22 Jan 2024 17:24:53 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
14 KB 2536ms
2402ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_home_hrec_2&adk=3860582034&sz=320x50%7C970x250%7C970x90%7C728x90&output=html&impl=ifr&ifi=6&fluid=height&msz=1220x-1&psz=1220x-1&fws=4&adf=757795631&nhd=0&adx=800&ady=3232&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312191621000&d_imp=1&c=46003177&ga_cid=amp-tWaiPjBxdcsdN4P6xZQVcA&ga_hid=3177&dt=1705944292436&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=712&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29cddc3fe47e2d29b9a2f822602eceed6bb1d5bc51b6efb0a0c2ba2c1c3912b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 728x90
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13781
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CNiWydzB8YMDFQ7GuwgdtXQCKg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 107027453313
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Mon, 22 Jan 2024 17:24:54 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
14 KB 1815ms
1681ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_home_hrec_3&adk=1395775898&sz=320x50%7C728x90%7C468x60%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=7&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=66028269&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312191621000&d_imp=1&c=46003177&ga_cid=amp-tWaiPjBxdcsdN4P6xZQVcA&ga_hid=3177&dt=1705944292436&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=712&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

336711f9878edd62002f90a5278e419d89a355b81aaa7eed47c9aa2223af87d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 320x100
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13751
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: COXkxtzB8YMDFaXAuwgdotMG8Q
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138324663394
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Mon, 22 Jan 2024 17:24:54 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 36 KB
14 KB 2073ms
1940ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_home_hrec_2&adk=1246061670&sz=320x50%7C970x250%7C970x90%7C728x90&output=html&impl=ifr&ifi=8&fluid=height&msz=1220x-1&psz=1220x-1&fws=4&adf=4291690939&nhd=0&adx=800&ady=4195&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312191621000&d_imp=1&c=46003177&ga_cid=amp-tWaiPjBxdcsdN4P6xZQVcA&ga_hid=3177&dt=1705944292436&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=712&dtd=12&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd4c2ebbe912ff215c66daf2b4d552ae1836e7073ecfafaa005d8dcd1b7fe11b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 970x250
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14493
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: COHrsN3B8YMDFQvGuwgdH2IHoA
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Mon, 22 Jan 2024 17:24:54 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
14 KB 1357ms
1224ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_home_hrec_3&adk=3382497679&sz=320x50%7C728x90%7C468x60%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=9&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=387331864&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312191621000&d_imp=1&c=46003177&ga_cid=amp-tWaiPjBxdcsdN4P6xZQVcA&ga_hid=3177&dt=1705944292436&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=712&dtd=12&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bba374b80c5c038c1bbfda59f9fa82dd130325cebaf31e7bbad17b31cb9c0707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
google-mediationgroup-id: -2
x-creativesize: 120x600
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13742
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CPeJxtzB8YMDFZbJuwgdksACyg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138351399041
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Mon, 22 Jan 2024 17:24:53 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 36 KB
14 KB 2430ms
2298ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_home_hrec_2&adk=3639063491&sz=320x50%7C970x250%7C970x90%7C728x90&output=html&impl=ifr&ifi=10&fluid=height&msz=1220x-1&psz=1220x-1&fws=4&adf=2473948382&nhd=0&adx=800&ady=5158&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312191621000&d_imp=1&c=46003177&ga_cid=amp-tWaiPjBxdcsdN4P6xZQVcA&ga_hid=3177&dt=1705944292436&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=712&dtd=12&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

702495022f43f0f097d93b0e5d85cbd7bdeb9ea8de4c0e9c10ef9c89eed83d1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 970x250
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14501
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CL3Kt93B8YMDFbfBuwgd8K8D2w
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Mon, 22 Jan 2024 17:24:54 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
14 KB 2926ms
2794ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_home_hrec_2&adk=1451229007&sz=320x50%7C970x250%7C970x90%7C728x90&output=html&impl=ifr&ifi=11&fluid=height&msz=1220x-1&psz=1220x-1&fws=4&adf=366815570&nhd=0&adx=800&ady=6121&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312191621000&d_imp=1&c=46003177&ga_cid=amp-tWaiPjBxdcsdN4P6xZQVcA&ga_hid=3177&dt=1705944292436&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=712&dtd=13&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec3fbdf7ea798484a4578356386dcc8f3668cc1ed1e89dc40ca380567f435af5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 970x250
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13791
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CImmydzB8YMDFQKf_Qcdl9UKog
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 107027454753
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Mon, 22 Jan 2024 17:24:55 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 88 KB
31 KB 1722ms
1590ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_home_hrec_2&adk=2355133382&sz=320x50%7C970x250%7C970x90%7C728x90&output=html&impl=ifr&ifi=12&fluid=height&msz=1220x-1&psz=1220x-1&fws=4&adf=1713749083&nhd=0&adx=800&ady=7084&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312191621000&d_imp=1&c=46003177&ga_cid=amp-tWaiPjBxdcsdN4P6xZQVcA&ga_hid=3177&dt=1705944292436&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=712&dtd=13&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44dc02d6b1939e710d7d4988d9db69a9b0db3c988409396d66b83d86bbd7e937

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 970x250
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31090
x-xss-protection: 0
google-lineitem-id: 6135253164
x-qqid: CPWUxtzB8YMDFTjauwgdsuUG7g
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138368741110
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Mon, 22 Jan 2024 17:24:54 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
14 KB 1961ms
1829ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_home_hrec_3&adk=1043970851&sz=320x50%7C728x90%7C468x60%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=13&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=1198440276&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312191621000&d_imp=1&c=46003177&ga_cid=amp-tWaiPjBxdcsdN4P6xZQVcA&ga_hid=3177&dt=1705944292436&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=712&dtd=13&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

edbfe72f204ae3a3b80edac56d32a56fb201f2917e5b721b63a3198ae0892c4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 320x50
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13760
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CL6RydzB8YMDFTrFuwgdYssL5w
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138324260115
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Mon, 22 Jan 2024 17:24:54 GMT

GET
H2 200 container.html
740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ 0
0 221ms
86ms Other
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012312191621000/v0/analytics-vendors/ 2 KB
886 B 57ms
56ms Fetch
application/json 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312191621000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 16 Jan 2024 21:09:02 GMT
age: 504951
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 856
x-xss-protection: 0
server: sffe
etag: "654f61f183b9a349"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 15 Jan 2025 21:09:02 GMT

GET
H2 200 ga4.json Show response
www.xgcartoon.com/js/ 4 KB
2 KB 231ms
231ms Fetch
application/json 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xgcartoon.com/js/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/
AMP-Same-Origin: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 10:49:40 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"11d8-187c255423d"
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
cache-control: max-age=180
accept-ranges: bytes
expires: Mon, 22 Jan 2024 17:27:53 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 114ms
40ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8WE8LSVZQB&ds=AMP&_p=3177&cid=amp-tWaiPjBxdcsdN4P6xZQVcA&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.xgcartoon.com%2F&dr=&dt=%F0%9F%8D%89%E8%A5%BF%E7%93%9C%E5%8D%A1%E9%80%9A&_fv=1&_ss=1&__dbg=1&en=page_view&sid=1705944293&sct=1&seg=1&_et=1000&gcs=
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xgcartoon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.xgcartoon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2A40 6 KB
3 KB 89ms
88ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:53 GMT
expires: Tue, 21 Jan 2025 17:24:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1DC7 6 KB
3 KB 91ms
90ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:53 GMT
expires: Tue, 21 Jan 2025 17:24:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 345D 6 KB
3 KB 91ms
91ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:53 GMT
expires: Tue, 21 Jan 2025 17:24:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CB66 6 KB
3 KB 93ms
93ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:53 GMT
expires: Tue, 21 Jan 2025 17:24:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DC39 6 KB
3 KB 95ms
94ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:53 GMT
expires: Tue, 21 Jan 2025 17:24:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3F10 6 KB
3 KB 81ms
81ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:53 GMT
expires: Tue, 21 Jan 2025 17:24:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 6C17 154 KB
49 KB 153ms
91ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Za6k5QABXNAIu8AAAA1VI7Vy9JSelRrUXJLQ7w&u=%7CE%2FDxOxr7%2FjL0dXJsh9WWUkfDh9K3sIz8ZjyraKmxSZY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeh-9e0_zoWZIcGk1DbR3RxDJZtNkSd2Nl9qAWN4w5HcTTXVVvjvZdWDE5AkQsFM-s04nUS83gDXEIlUeeMjEYgbdjWE8aJ-2xUN8KIF8iOB4sgu5XgdQLrLpseaUAtNUCR5rS_OSqSuhHzFIU1kRicK3JV0ohlRHYQldLUQySEB3ORIOWggrHOL-dc0e9eCqD-u11W-MIPRjPriCHuVDonuMOqPkvQauTLUF32Jzc7zZJD44IWs0cE1yLEQJSndCgc1TSqxOIHuMGtCU3RUvFz_1aBiW5Wd9hBSzYQddCmBxfb7RmvSOATS2erShLKiRc_IwBWHz-8FE2PS8ZzpUBNjH1MNGzQJGOJCm6PxZN5iSkMmwD6dNr07HzO1uPYVYOl0luJnACg2DzoQvIjouZFyr1QqA5FOhnBfw1Y1UOloJiZigvIdUMNZSnlfS4sLtPmZ2cQyxtIAPJD4Mu9bFBsELTzlxBaNvy8eiV642yYW1lQkZv07Com0fK3eGYTRwot0RXboAtuZsQFdA1_ypAbyVZYVCLlvRPk9PSk8-TZIWnjcvH40PoUKOvRynK83HlKmTveRObjeHuESFZnYabUc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8l215aSuZdC5BYCA7_UPo6q1yAvJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAjbE8JEfR7I-4AIAqAMByAMCqgSDAk_Q2SBnNLjh7Y3F9SSpzETTmDkP-Ye618wRD1s5w0G29ubTuYvWeDLmKg2aT3Dl7RY0ut_pwqpi4M_qfBWzZ8uSB-i16vlrCnIKnkXEDEMJw_J5M1FLpB4NvhNg7Pju4zyCPJVBjQX_gT5HfnlQR3VprFzvRBV93hIgd5u306UFl8WdGK1mSWjUoL8bf2ETZwXFDtYWCZeYcfvdpBqOL7fvNegNEBni4l-96LYyzIktWUm05b-uDpr0JQ6zgF1CL92IPx_tVAvgnPsQaTe6mcX0h9kJ1cfNoFhpBCFqXJnM8R3SmM1olPYSlRFGF37ZzRaqbkEGlEGqaiIBOMojyLbMq3bgBAGABtLMod-Djvfv6gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY9dbF3MHxgwP6CwIIAYAMAeINEwi__8XcwfGDAxUAwLsIHSNVDbnQFQGAFwE%26num%3D1%26sig%3DAOD64_3fYfigSDbX8FR-aoDjbO3gr0X8BQ%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

be6a4eab2fb54460aae752e5de72db4c2a4f1d2bf69e94cb4435515c9609d1ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:53 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ljMSTl17BwXBtuHNRm_bx0B9okmKK46D2jn41smRWk-vEPBQcBwQGZcKIjbxVbHoPcu9x6SpyEdStLaYckj8kt3gvxz5LbNbcolzbb21XjOqGoWe0K1TT19bJ_mfjl_EaihLn_PU_Oa8moO7te2a3VBRQmnKpcQXZWJ_F2OGMNaMDOKRQk52PUqtFdu1F_3dCdJfJIbmOXoVo9saUfJ8713tDAlrhmCD06b3isijd8HuazBJRKPXvOSBQ4NqGzHvnVR25g"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 46481645
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 2A40 3 KB
1 KB 256ms
135ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:08:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 10:08:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 2A40 20 KB
9 KB 181ms
60ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82555
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:28:59 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2A40 24 KB
7 KB 176ms
55ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:04:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 490819
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Jan 2025 01:04:35 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2A40 206 KB
65 KB 191ms
71ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 17:24:54 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1DC7 24 KB
6 KB 177ms
70ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:04:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 490819
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Jan 2025 01:04:35 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 1DC7 26 KB
11 KB 210ms
91ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e34e4329732e0b62ea7754983d3d852f8382ea26412f8c91ce19d77a54fe4a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10645
x-xss-protection: 0
server: cafe
etag: 9734747977235374931
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 17:24:54 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1DC7 206 KB
65 KB 278ms
172ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 17:24:54 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 345D 24 KB
6 KB 220ms
119ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:04:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 490819
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Jan 2025 01:04:35 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 345D 26 KB
10 KB 275ms
162ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

304638ab983010fc7ab83670c8d903bda6b473ee4d0381a15d41d41337e065af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10652
x-xss-protection: 0
server: cafe
etag: 9818733161384790530
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 17:24:54 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 345D 206 KB
65 KB 298ms
197ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 17:24:54 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 7EF8 54 KB
21 KB 95ms
60ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Za6k5QAE9VgH_aKbAAiKmCisvmN_1Jk8yx4dFA&u=%7CE%2FDxOxr7%2FjKkXE8rAdtBHEZOZngLHgIIidlObkvIYx8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1M8xd9eNSjINIlOUU4sFEoqWllTu1Raf0MwdlBzgBaOiJgoN2qa-VEEHS00gme5E1J71zEhkLnAvXyROsqP2p5NzW6qa6UGLyANzdoO7cmgonag4wBG5FiObZ5lVKsVtMUjaU-q6JvTQRi2K-D59jSWAe9zCCC9Tp5W07skaMP6VYFB-4adU1leFNx4nqFY442Jyan8VMmbjv4BylwK1b2Q8I4nzU-8L3h8dZxbq0aZ-23SMH9WA-qlxNtTF9zXMvszGlSxpw4QtBAKjveJ0YS9dyiIzSl_d_r4ajbtHQMsieA5EUjjcSJOeD2MFYidlbXIxhamcJXkU5d5V4j1WNRgIKie2_BFEYyFtX__dAliWfmV9FRasg5iaQ7sYJnEmUfp2vYY9X9S0x5KbX4GFnn4-VuGFu3W6WYqPIDGToUONeW8lMlBNcSiW4JP3TSgs3GaLpOFupYX98KhUhZIiBdvwGn2Nn0MUcLvVEjiZOxcXpoTosdH6mF-tWRTO12ZcmGm6xwYp3yeFZzOZY8sLOHyPy1CuS6Q3zISLurIuiszCcaRdRixyS_3wza4Umk3aNP7ZDf4YZEXs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClguT5aSuZdjqE5vF9u8PmJWigAvJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpArTNAzOYRbI-4AIAqAMByAMCqgSDAk_Qqsypi3nyszoQoOg7yhHXvmMyDxQQulwgJR2-7bhb3TtjSqUHB1hLSGO0uuZN0AqV302qjSb4Oe0lqVdBfIo0lX8jegIJ3eYcUwFJA8G9OlY2h065bpRocyOUMPaqdXXzZNSslmIAX6XLtbMnr3pjA1CXyKtPwLPi9MX0RqbWhkj7N0V4iVhtyadZh-UbMcDUhU-r-T_FMA9TidaB8N7RMLbtf6R7U0yg-2OsAKpMKE-lOZQGCUaprkYYdcTnnr7cVPT2AeK8xE4BNnfLE6cwm8yQZApFsvRsLuTsSQaB05-Kg3Bkee4XzN-BJ1ZvgvFRleaVy5F5YHn_CWLhBuIQohngBAGABrCu2_a-3468nQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYxNrF3MHxgwP6CwIIAYAMAeINEwjjhMbcwfGDAxWbov0HHZiKCLDQFQGAFwE%26num%3D1%26sig%3DAOD64_3S4nB2m0kJtNzlEkDHyy0Agk2OVw%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6ceb4554f50a9e5fee4f581667447650f8be0badeb70d4617184e3ff8e0d2e5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:53 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=z8Mv-l17BwXBtuHNgXXDSypxB9m6p6ewXJWajLjzNeryrkBq7Hjfrtlii7wn_CYnoUk4KyfwOdMIKAgZoGimfbTnhIqcfCzj5gSVVu4NvTEP0-Rw9EMqLEgUzV2f2BdJ_lyQgKG8qe-BGxzcnwRHJ4ZiGPiNC6epA4oelTUxcRezzKH9sWYyTwj826lRi5mixybWdoLTjUXNkbLEZgw1X1MnAFZMoTskAPz1uC1EwOgDw1Yd4iq7JaWfhuyHGuMMjOwf3Q"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 2934038
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame CB66 3 KB
1 KB 232ms
138ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:08:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 10:08:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame CB66 20 KB
8 KB 221ms
127ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82555
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:28:59 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame CB66 24 KB
6 KB 206ms
112ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:04:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 490819
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Jan 2025 01:04:35 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame CB66 206 KB
65 KB 323ms
229ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 17:24:54 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame DC39 97 KB
29 KB 134ms
134ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e134abee98bbb1238b04b0e47c69c8d3b29dd33098e0816df2bb8f49bc55ba62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29505
x-xss-protection: 0
server: cafe
etag: 822 / 19744 / m202401160101 / config-hash: 16721368857602662386
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 17:24:54 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame DC39 206 KB
65 KB 376ms
291ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 17:24:54 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame DC39 0
437 B 91ms
90ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssiqtrulltc1QS9SeE4j9buTc9hOeKZpvU7l30sddOKfPs_cjGf7rn0-0LA_Ek_UgeOWfSAGZYvhaUgn6njojzhzwCgZ6c1bx6vrmAlyedNfy47kY50sLt9cm0h8e5dqXZZ3XKOptuFdvVriPSZZ1ExGH1M-gTWpFJ13KHqNDbg-sOHDcPUZKycG5cDMwjxzYVNHV3BJ7ZLpeY7FDMzVI5uXPI3fCaXFtUrDdFXPt174vLzuf_8yMEobkVzLMLC8aTxC9BOnTU05emB_I8_idpPAIpTdebFouhqUAduXCAUtQOgXcuRanD_3hKqsgvZfqUKtn-E-QsIyvtxmWay7WRxCTsQYYgWrZyLIo_8rIS0WYBK4BLbaZ4cy0x_3hsiABjgu9gbU1KPsofFDQNxOeNmhSk&sai=AMfl-YSa09VVqAxArQGVx9U_zU2PqwhLTHFdA49xVrTbCFTVbgLSz1QScH7wG5taQg5gWMhqgfUbH5cIFTfEo8A&sig=Cg0ArKJSzHTmTqb_YsugEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 22 Jan 2024 17:24:53 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 3F10 26 KB
10 KB 214ms
126ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e34e4329732e0b62ea7754983d3d852f8382ea26412f8c91ce19d77a54fe4a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10645
x-xss-protection: 0
server: cafe
etag: 9734747977235374931
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 17:24:54 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3F10 206 KB
65 KB 319ms
243ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 17:24:54 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3F10 0
292 B 90ms
90ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvW3rtxecIZezoBcvlQtz1Wevrh-yohUnutdCMNFXB2gJ3dTWClzUalnSJ11RE5iCmTkMj5wGA9-mS3lQPlLxag20AX1gSKTj4cLgPc6t5-A_rvDlnGBTUKZqXiiC97sIrYCW07TMWoz6n0RcYDzpZGMvys21rGq8hcTVqpERND6xiYA7GKT9cMorh0B2OMiE2Hvy-poUknAeqJDx7rYJEXckUXHxn4V1mhiJP2vCuNFRbQonZ0IVwHuAbuhpl_CubLtfTeEOov_tZ6wnpPdHd2eO3wjwdd_pcPsg3asO1hlxUS9dApXy6U5fCg48Rak4YYFfvSPZ9lc6G0rNDf4lflI5JEW1QIS65YHeNCa-3hW8aLhHR7WN1cDL_68G-T4VX5_YqIpA3gpfpLitk&sai=AMfl-YQEyw557MOy2QIjLhDut1Ym-kZR7kJhYcVtDcloIyDnnpoL1Jrj9S0b28nnBXYCeX6SAu4aSq9mSymDNiw&sig=Cg0ArKJSzPpRkh7rmC1qEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 22 Jan 2024 17:24:53 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 7EF8 2 KB
1 KB 176ms
112ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Za6k5QAE9VgH_aKbAAiKmCisvmN_1Jk8yx4dFA&u=%7CE%2FDxOxr7%2FjKkXE8rAdtBHEZOZngLHgIIidlObkvIYx8%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MrEM3utqanw1M8xd9eNSjINIlOUU4sFEoqWllTu1Raf0MwdlBzgBaOiJgoN2qa-VEEHS00gme5E1J71zEhkLnAvXyROsqP2p5NzW6qa6UGLyANzdoO7cmgonag4wBG5FiObZ5lVKsVtMUjaU-q6JvTQRi2K-D59jSWAe9zCCC9Tp5W07skaMP6VYFB-4adU1leFNx4nqFY442Jyan8VMmbjv4BylwK1b2Q8I4nzU-8L3h8dZxbq0aZ-23SMH9WA-qlxNtTF9zXMvszGlSxpw4QtBAKjveJ0YS9dyiIzSl_d_r4ajbtHQMsieA5EUjjcSJOeD2MFYidlbXIxhamcJXkU5d5V4j1WNRgIKie2_BFEYyFtX__dAliWfmV9FRasg5iaQ7sYJnEmUfp2vYY9X9S0x5KbX4GFnn4-VuGFu3W6WYqPIDGToUONeW8lMlBNcSiW4JP3TSgs3GaLpOFupYX98KhUhZIiBdvwGn2Nn0MUcLvVEjiZOxcXpoTosdH6mF-tWRTO12ZcmGm6xwYp3yeFZzOZY8sLOHyPy1CuS6Q3zISLurIuiszCcaRdRixyS_3wza4Umk3aNP7ZDf4YZEXs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DClguT5aSuZdjqE5vF9u8PmJWigAvJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpArTNAzOYRbI-4AIAqAMByAMCqgSDAk_Qqsypi3nyszoQoOg7yhHXvmMyDxQQulwgJR2-7bhb3TtjSqUHB1hLSGO0uuZN0AqV302qjSb4Oe0lqVdBfIo0lX8jegIJ3eYcUwFJA8G9OlY2h065bpRocyOUMPaqdXXzZNSslmIAX6XLtbMnr3pjA1CXyKtPwLPi9MX0RqbWhkj7N0V4iVhtyadZh-UbMcDUhU-r-T_FMA9TidaB8N7RMLbtf6R7U0yg-2OsAKpMKE-lOZQGCUaprkYYdcTnnr7cVPT2AeK8xE4BNnfLE6cwm8yQZApFsvRsLuTsSQaB05-Kg3Bkee4XzN-BJ1ZvgvFRleaVy5F5YHn_CWLhBuIQohngBAGABrCu2_a-3468nQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYxNrF3MHxgwP6CwIIAYAMAeINEwjjhMbcwfGDAxWbov0HHZiKCLDQFQGAFwE%26num%3D1%26sig%3DAOD64_3S4nB2m0kJtNzlEkDHyy0Agk2OVw%26client%3Dca-pub-5884294479391638%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 16 Jan 2025 17:24:54 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 7EF8 2 KB
1 KB 174ms
110ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 16 Jan 2025 17:24:54 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 7EF8 308 B
636 B 96ms
32ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 16 Jan 2025 17:24:54 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 7EF8 293 B
621 B 95ms
31ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 16 Jan 2025 17:24:54 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 7EF8 43 B
347 B 105ms
37ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=JPI8dHNWh4XU-zdvEemRYHy9dr4fJGDshlHPFTzDRZT6tBKYxdu7r_B6mUYGQy8FHX-2uVp-UfXYuOtVmOvFjU0NvZ2AUtLcMVBQI7MD5r20D3JgNoTk5HIWCaQcBu0rLflKivePS99DFgt9tmk3MKL8tc82BvsZhE7Qd_3ReBHMJGJ6I25U84UXeEMerAHqJBs3jUmFl0VHmfMhvyakNoO8CoKzEPKQ4rSM6yfltfNV_jJMqZgO7uA5O1o4phF4hOgKRpObBBUANwhKHTW1KFiaA43Ak8cMvNN1oKbsrd_JVqJYholTZnu3OrQZunNMmfY1p05mU2bQS-kpypijzbS0UI6CUKkUFfnsBQgZxPKzekk3qefJBjpvl2ymY_NuT_J0phhlmt5o3rbZYbk9CFjlOU_i7aKrIJYBJkdSTPKjiOM-

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1780990
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 e26a7fd7e3404b669deb4efd09fde044_image_ad_300x600.gif
static.criteo.net/design/dt/9292/5237550/ Frame 7EF8 78 KB
79 KB 124ms
60ms Image
image/gif 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/9292/5237550/e26a7fd7e3404b669deb4efd09fde044_image_ad_300x600.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

df607f1f65672bc5e200998e0fed6422cff9bf053a7ee99348f9527906886fa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 17 Jan 2024 16:59:56 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "65a8078c-1396e"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 80238
expires: Thu, 16 Jan 2025 17:24:54 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 7EF8 0
128 B 93ms
30ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=z8Mv-l17BwXBtuHNgXXDSypxB9m6p6ewXJWajLjzNeryrkBq7Hjfrtlii7wn_CYnoUk4KyfwOdMIKAgZoGimfbTnhIqcfCzj5gSVVu4NvTEP0-Rw9EMqLEgUzV2f2BdJ_lyQgKG8qe-BGxzcnwRHJ4ZiGPiNC6epA4oelTUxcRezzKH9sWYyTwj826lRi5mixybWdoLTjUXNkbLEZgw1X1MnAFZMoTskAPz1uC1EwOgDw1Yd4iq7JaWfhuyHGuMMjOwf3Q&sds=2&rev=90272.1&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 22 Jan 2024 17:24:53 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 7EF8 2 KB
1 KB 168ms
111ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 16 Jan 2025 17:24:54 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 7EF8 2 KB
1 KB 82ms
82ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 16 Jan 2025 17:24:54 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 6C17 2 KB
1 KB 141ms
108ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Za6k5QABXNAIu8AAAA1VI7Vy9JSelRrUXJLQ7w&u=%7CE%2FDxOxr7%2FjL0dXJsh9WWUkfDh9K3sIz8ZjyraKmxSZY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeh-9e0_zoWZIcGk1DbR3RxDJZtNkSd2Nl9qAWN4w5HcTTXVVvjvZdWDE5AkQsFM-s04nUS83gDXEIlUeeMjEYgbdjWE8aJ-2xUN8KIF8iOB4sgu5XgdQLrLpseaUAtNUCR5rS_OSqSuhHzFIU1kRicK3JV0ohlRHYQldLUQySEB3ORIOWggrHOL-dc0e9eCqD-u11W-MIPRjPriCHuVDonuMOqPkvQauTLUF32Jzc7zZJD44IWs0cE1yLEQJSndCgc1TSqxOIHuMGtCU3RUvFz_1aBiW5Wd9hBSzYQddCmBxfb7RmvSOATS2erShLKiRc_IwBWHz-8FE2PS8ZzpUBNjH1MNGzQJGOJCm6PxZN5iSkMmwD6dNr07HzO1uPYVYOl0luJnACg2DzoQvIjouZFyr1QqA5FOhnBfw1Y1UOloJiZigvIdUMNZSnlfS4sLtPmZ2cQyxtIAPJD4Mu9bFBsELTzlxBaNvy8eiV642yYW1lQkZv07Com0fK3eGYTRwot0RXboAtuZsQFdA1_ypAbyVZYVCLlvRPk9PSk8-TZIWnjcvH40PoUKOvRynK83HlKmTveRObjeHuESFZnYabUc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8l215aSuZdC5BYCA7_UPo6q1yAvJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAjbE8JEfR7I-4AIAqAMByAMCqgSDAk_Q2SBnNLjh7Y3F9SSpzETTmDkP-Ye618wRD1s5w0G29ubTuYvWeDLmKg2aT3Dl7RY0ut_pwqpi4M_qfBWzZ8uSB-i16vlrCnIKnkXEDEMJw_J5M1FLpB4NvhNg7Pju4zyCPJVBjQX_gT5HfnlQR3VprFzvRBV93hIgd5u306UFl8WdGK1mSWjUoL8bf2ETZwXFDtYWCZeYcfvdpBqOL7fvNegNEBni4l-96LYyzIktWUm05b-uDpr0JQ6zgF1CL92IPx_tVAvgnPsQaTe6mcX0h9kJ1cfNoFhpBCFqXJnM8R3SmM1olPYSlRFGF37ZzRaqbkEGlEGqaiIBOMojyLbMq3bgBAGABtLMod-Djvfv6gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY9dbF3MHxgwP6CwIIAYAMAeINEwi__8XcwfGDAxUAwLsIHSNVDbnQFQGAFwE%26num%3D1%26sig%3DAOD64_3fYfigSDbX8FR-aoDjbO3gr0X8BQ%26client%3Dca-pub-5884294479391638%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 16 Jan 2025 17:24:54 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6C17 2 KB
1 KB 142ms
109ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 16 Jan 2025 17:24:54 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 6C17 308 B
637 B 63ms
30ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 16 Jan 2025 17:24:54 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 6C17 293 B
621 B 105ms
73ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 16 Jan 2025 17:24:54 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 6C17 43 B
348 B 73ms
36ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=jNAYnhjTkcyjF-6T5rdQTp-YgunXIKbesp_03iF3zqt1bVgbIWyRKboQ1lq2FJgbDJILHUKxYZpIjjpJ-Lc-thnUUrv9i2SCiqeRIlVGjW3xYCQamGZMZ-CnSOFyR8J-vhMFNs80pLH1-6Lp4XEoYmuUvLHwpQozQxh6QXMnbAC7g6_fOTDpgZwRYMkojBNWsgkwb0wiMb1MehnU0CwhisD-NLqYmTP1ZBSVBNkI6J4p2bESKLk9wznmM7WW1eD_w7z9HJVrs1O6x3-nkqZe3JNI5OhhnkWwntSp0oTkQuJPuPmsnayjXtKeksS1FE2Cy7Zj5nWeEyHVVOIqdu5N4E8j96HRoHZv2kGsCbIRD-fVF-pDlIYdyh8Se4omGy6_nD4TYYOWtZzj9IYcqZW4KaLap5eoQF21gmNYQTFIZuxHcrsI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1592908
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 6C17 12 KB
6 KB 126ms
113ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 16 Jan 2025 17:24:54 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6C17 7 KB
7 KB 127ms
58ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=176&m=0&partner=100829&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F100829%2F5246204%2Fd41b321e3c2248279187df4498c87552_1985ec09-77ec-4f9a-bfa1-9b5ed79d696f.png&v=3&w=256&rid=4&s=FeIcbhnInfjXdGKHH7Npysop

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

57c6f297f2dc5f2a32d51a397d7faeb827891d8747ab595895560f4dcedb6344

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 6756
expires: Thu, 16 Jan 2025 09:07:07 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6C17 8 KB
8 KB 138ms
70ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100829&q=80&r=0&u=https%3A%2F%2Fwww.geekom.de%2Fwp-content%2Fuploads%2F2023%2F09%2FGEEKOM-A5-2023.10.21.webp&v=3&w=400&rid=4&s=KY3G5Fd1DVekO5bELQKEjDYS&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

675b94eee8eaa34c60168c5a9260bc17f659ed4a889117242b4a2c9b7802a9fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=3600
timing-allow-origin: *
content-length: 8152
expires: Mon, 22 Jan 2024 18:07:09 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6C17 5 KB
5 KB 147ms
78ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100829&q=80&r=0&u=https%3A%2F%2Fwww.geekom.de%2Fwp-content%2Fuploads%2F2023%2F09%2F1.webp&v=3&w=400&rid=4&s=AXw73D4OAubc6pph5F5wgIpi&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c2cad61fe2e4155f3d2f862e29bb1c0a305c4ed49ca98a78bc082debc08a5a52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=3600
timing-allow-origin: *
content-length: 5066
expires: Mon, 22 Jan 2024 17:25:17 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6C17 6 KB
6 KB 142ms
74ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100829&q=80&r=0&u=https%3A%2F%2Fwww.geekom.de%2Fwp-content%2Fuploads%2F2023%2F04%2F10-IN-1-USB-HUB-GEEKOM.webp&v=3&w=400&rid=4&s=iqnk1mlYPbjcg1UkqiwUdzc9&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08b9636b6775125253e8c852c70e1e86af7d3f18472e95ebcbd5213cf5da7a13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=3600
timing-allow-origin: *
content-length: 6114
expires: Mon, 22 Jan 2024 18:18:09 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6C17 7 KB
7 KB 132ms
63ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100829&q=80&r=0&u=https%3A%2F%2Fwww.geekom.de%2Fwp-content%2Fuploads%2F2023%2F10%2FAir12.webp&v=3&w=400&rid=4&s=WhHbChw2G1U_AuNTPFJ2QBCg&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4a920ac8a357b492b991802b1d781790c9923a59d37c335f6b2d19cd39d100b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=3600
timing-allow-origin: *
content-length: 7456
expires: Mon, 22 Jan 2024 17:33:12 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6C17 6 KB
7 KB 101ms
33ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100829&q=80&r=0&u=https%3A%2F%2Fwww.geekom.de%2Fwp-content%2Fuploads%2F2023%2F08%2FGEEKOM-MINI-IT13-MINI-PC-1.webp&v=3&w=400&rid=4&s=a3fvT6G_XOGb8vVM-LqQmo_f&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1f8a9f8ae1b2b2ebb3064529d36814cd4cc7a2dcd7596cbab57c819b53f4e822

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=3600
timing-allow-origin: *
content-length: 6568
expires: Mon, 22 Jan 2024 18:14:23 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6C17 18 KB
18 KB 89ms
88ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100829&q=80&r=0&u=https%3A%2F%2Fwww.geekom.de%2Fwp-content%2Fuploads%2F2023%2F09%2FGEEKOM-FUN11-Mini-PC.webp&v=3&w=400&rid=4&s=034jn-dMxqL3cUr2YlWcuSir&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bb9efc942fa519a05aa56162888dc43a5d7210e338414149ed8967e596afc669

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=3600
timing-allow-origin: *
content-length: 18022
expires: Mon, 22 Jan 2024 18:17:52 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6C17 8 KB
8 KB 80ms
80ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100829&q=80&r=0&u=https%3A%2F%2Fimg.geekom.de%2Fgeekomde%2F2024%2F01%2FGEEKOM-A7-Mini-PC-CPU.webp&v=3&w=400&rid=4&s=tYAa8wlgJLyI3J6OgvmC7Inh&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7784163841e1391b845e917919d600f7ad2512057fa76c890f16cc5848858b96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=3600
timing-allow-origin: *
content-length: 8136
expires: Mon, 22 Jan 2024 18:06:21 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6C17 14 KB
14 KB 99ms
98ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100829&q=80&r=0&u=https%3A%2F%2Fwww.geekom.de%2Fwp-content%2Fuploads%2F2023%2F10%2FGKM-Combo-Tastatur-2.webp&v=3&w=400&rid=4&s=mLdHw90dWdm2X8475IH6axfB&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

867f05b525e309e835db6f09dba939aa9462520f709fd32661e0d46c589b4380

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=3600
timing-allow-origin: *
content-length: 14118
expires: Mon, 22 Jan 2024 17:54:27 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 6C17 13 KB
13 KB 100ms
99ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100829&q=80&r=0&u=https%3A%2F%2Fwww.geekom.de%2Fwp-content%2Fuploads%2F2023%2F05%2FGEEKOM-Mini-FUN9.webp&v=3&w=400&rid=4&s=NRXOoIsgr9c2tEcgEFCocdmX&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b30c7585cffb26187b198ab10d4dced54f117b46767a3991eb7d74dd948fd44a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=3600
timing-allow-origin: *
content-length: 13298
expires: Mon, 22 Jan 2024 18:09:02 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6C17 0
127 B 37ms
31ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=ljMSTl17BwXBtuHNRm_bx0B9okmKK46D2jn41smRWk-vEPBQcBwQGZcKIjbxVbHoPcu9x6SpyEdStLaYckj8kt3gvxz5LbNbcolzbb21XjOqGoWe0K1TT19bJ_mfjl_EaihLn_PU_Oa8moO7te2a3VBRQmnKpcQXZWJ_F2OGMNaMDOKRQk52PUqtFdu1F_3dCdJfJIbmOXoVo9saUfJ8713tDAlrhmCD06b3isijd8HuazBJRKPXvOSBQ4NqGzHvnVR25g&sds=2&rev=90272.1&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 22 Jan 2024 17:24:53 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6C17 2 KB
1 KB 117ms
116ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 16 Jan 2025 17:24:54 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 6C17 2 KB
1 KB 115ms
114ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 16 Jan 2025 17:24:54 GMT

GET
DATA 200
OK truncated
/ Frame 2A40 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd9a89e56a84ff623e8b72c5e8c809bbcd8dfe823a55d113e9d044e72047dc06

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/ Frame DC39 430 KB
135 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d13cfeb68d1dd40526d00e29dfa3eaf1c163ad2ac341fe4dc61a3b01c5b1311

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:00:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1471
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138162
x-xss-protection: 0
server: cafe
etag: 1666572220375911148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 21 Jan 2025 17:00:23 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1DC7 0
26 B 96ms
96ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssT8NUdlsiJ6Lo2idDg7DEX640AxjsSY-eszOD6LRdbqrHbpxx2OcJY7suaFJ3LsmVWq7AlaYbpwHNYYskZsFEgNLpCpHieYdNHQOGab_hvikZqvZob7zEz8MRWyEqYjLFyRGclWHuc5dYfVA27uqWWpADJXc7kOtbXz25jlif9cc-0SJZx6FySyBoks2lAXagzLxIZiquHAm21OnsZrUCLiuOh9vHNe85xfyLX8n78_Yma9Uh0iTzq9HPDCi8v7larQaazqdH9X6zd8ZotprBsHR5d9HLKUYr3N00mg_2ozktwAvXwDQC85vXvuSVK-NA5tUF6s4Cs6stwVQfKEYaxDsQocm7bFlL0_9n8liRb0jbCUqEXwuuLhBt3oV7PmWSlIZQBRT5wzqnic8A&sai=AMfl-YTyYFzMjaeGpbX5qFEeI37-6UUgGbWk8K-m-Yxo8L6RNn5jRLXxdwWLmPNM6IseJg5Kp8UGavDZjEoybSs&sig=Cg0ArKJSzOdkRUmIAHRQEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1DC7 146 KB
50 KB 123ms
122ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01f787222e330c96bfbc61c7eaacb6b2a17a87a1050a20832203f612e074bc3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51099
x-xss-protection: 0
server: cafe
etag: 11876197866093226816
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 22 Jan 2024 17:24:54 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 345D 0
26 B 97ms
97ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstblwFdsQyOMGkrbv9fxbHJsYKlprucId-VgG4gdUDltWNKs9fFgbKLb6ob7ejGSkhJXezyjBCY8NRkimY1hPPeHGPafnNsqVRSKicnLjKWUMGn5VhIEc7ItbIj1dELbU9P07MsD6Admgi2dGLQM-apfSftCeA2BR96E_CuaPqzwghzRdz73t7OnWLZFdXVafh79yW_AskuoVgh8bytHgDwtxv10jxKVsSwkrtiVxyTUHqfTVSlKlLIy8dnzjLzoRbMkkeh7IE6nxLfyzEr4mXzBm9SnKyBR1YeBrSrpbeN1J8kEkmNEkITScluNYAKVUiq-LtV0wkmx7aPhVa9PFPJE6ZRqKZlwQlJJZME-6UVNk8tRNjZeoQFU38ypeguH8acmQsYWIBZ1ywYuie4&sai=AMfl-YQ50Oe_Mj8TYG9vyKnLb-nnhuQp33RyEu2vRACI6PxN_31PIfueumaQHHoVbc3J5H_1Yg09BVo0jXfkq_4&sig=Cg0ArKJSzJkRV8abuO69EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3F10 146 KB
50 KB 151ms
151ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a32a8e07e40821b1d8159dde25629da90adc8678205f8a07d023c73943199d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51100
x-xss-protection: 0
server: cafe
etag: 2660586995343506965
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 22 Jan 2024 17:24:54 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 345D 146 KB
50 KB 117ms
116ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7efccc5b661a27c53a44650c315c3f3c73727c632afdcd874fd293bc5b5f022e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51098
x-xss-protection: 0
server: cafe
etag: 6698351761448648571
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 22 Jan 2024 17:24:54 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2A40 0
0 95ms
94ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBgJ45aSuZdC5BYCA7_UPo6q1yAvJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAjbE8JEfR7I-4AIAqAMByAMCqgSAAk_Q2SBnNLjh7Y3F9SSpzETTmDkP-Ye618wRD1s5w0G29ubTuYvWeDLmKg2aT3Dl7RY0ut_pwqpi4M_qfBWzZ8uSB-i16vlrCnIKnkXEDEMJw_J5M1FLpB4NvhNg7Pju4zyCPJVBjQX_gT5HfnlQR3VprFzvRBV93hIgd5u306UFl8WdGK1mSWjUoL8bf2ETZwXFDtYWCZeYcfvdpBqOL7fvNegNEBni4l-96LYyzIktWUm05b-uDpr0JQ6zgF1CL92IPx_tVAvgnPsQaTe6mcX0h9kJ1cfNoFhpRiNLzhlfISB0SOqyGNb7MR9hHcjT4w4o2ok7MrMVdA4ZoAC36F_gBAGABtLMod-Djvfv6gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY9dbF3MHxgwOACgP6CwIIAYAMAeINEwi__8XcwfGDAxUAwLsIHSNVDbnQFQGAFwGyFxwKGhIUcHViLTU4ODQyOTQ0NzkzOTE2MzgYmdIh&sigh=BGO_edYjLcg&uach_m=%5BUACH%5D&cid=CAQSGwAvHhf_xzUW1j8zO5S_3bs-zDahUkiQuoeRxxgB&cbvp=2&vis=1
Requested by: Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 2A40 0
126 B 123ms
31ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k6zOGcg12AVanYNiAgIAAAADNhDNspDdxr_52f6F8G-REOSkrmWmkG_6sLGSSfcZAAASAAAKCkFRVUJBUUVCQVE&wp=Za6k5QABXNAIu8AAAA1VI7Vy9JSelRrUXJLQ7w&cbvp=2

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:53 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 172052
server: Kestrel
content-length: 0

GET
H3 200 container.html Show response
740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F56A 6 KB
3 KB 56ms
55ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:53 GMT
expires: Tue, 21 Jan 2025 17:24:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame DC39 128 KB
47 KB 388ms
388ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1982201838539988&correlator=2045705652395154&eid=31080493%2C31080526%2C31080584&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fifs&tfcd=0&iu_parts=71161633%2CXGTON_xgcartoon%2Camp_desk_home_hrec_2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C970x250%7C970x90&fluid=height&ifi=1&sfv=1-0-40&eri=4&sc=1&cdm=740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com&abxe=1&dt=1705944294311&adxs=0&adys=0&biw=970&bih=500&isw=970&ish=250&scr_x=0&scr_y=0&ucis=z4q3c3r2pz0r&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.xgcartoon.com%2F&loc=https%3A%2F%2F740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D0&top=www.xgcartoon.com&vis=1&psz=0x0&msz=970x0&fws=256&ohw=0&dlt=1705944293911&idt=387&prev_scp=in2w_key9001%3D1%26in2w_key%3D95%26in2w_key2%3Dnope%26in2w_key4%3D--38gz%26in2w_key5%3Doptimization%26in2w_key6%3D--3qgz%26in2w_key7%3D1580%26in2w_key8%3D95%26in2w_key9%3Doptimization_request%26in2w_key15%3Do0%26in2w_key16%3D1&adks=4098674348&frm=24

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c016b3802aad222e73982d7c869e45f447c51e5475b91fc181d6c0cd81bb103e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48292
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CBF8 6 KB
3 KB 118ms
88ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:54 GMT
expires: Tue, 21 Jan 2025 17:24:54 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/ Frame 1DC7 402 KB
136 KB 129ms
129ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com&bust=31080504

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9992624ddf4cb4ac773852fa5f19f10a876c437974a3748acd4499a738ec8dec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139627
x-xss-protection: 0
server: cafe
etag: 13356199326621192660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 17:24:54 GMT

GET
H2 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/ Frame 9D29 9 KB
4 KB 174ms
55ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_inhead_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acad1a12850c7f0b5f1874f385a84f10539ad98a380784ef08df5eacb7d4b0c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 60972
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4168
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 00:28:42 GMT
etag: 3009746639812436877
expires: Mon, 05 Feb 2024 00:28:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CB66 0
0 94ms
94ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CiskV5aSuZdjqE5vF9u8PmJWigAvJntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpArTNAzOYRbI-4AIAqAMByAMCqgSAAk_Qqsypi3nyszoQoOg7yhHXvmMyDxQQulwgJR2-7bhb3TtjSqUHB1hLSGO0uuZN0AqV302qjSb4Oe0lqVdBfIo0lX8jegIJ3eYcUwFJA8G9OlY2h065bpRocyOUMPaqdXXzZNSslmIAX6XLtbMnr3pjA1CXyKtPwLPi9MX0RqbWhkj7N0V4iVhtyadZh-UbMcDUhU-r-T_FMA9TidaB8N7RMLbtf6R7U0yg-2OsAKpMKE-lOZQGCUaprkYYdcTnnr7cVPT2AeK8xE4BNnfLE6cwm8yQZApFsvRsbObN24YSA6IsU1e-9c7-aNGmLeBlrOnTIS6obWPGflXnkah1JgvgBAGABrCu2_a-3468nQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYxNrF3MHxgwOACgP6CwIIAYAMAeINEwjjhMbcwfGDAxWbov0HHZiKCLDQFQGAFwGyFxwKGhIUcHViLTU4ODQyOTQ0NzkzOTE2MzgYmdIh&sigh=aNY8bXDyU9A&uach_m=%5BUACH%5D&cid=CAQSGwAvHhf_nqopgJuZtMhSnW85AmM_vhAoDwUtRRgB&cbvp=2&vis=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame CB66 0
125 B 31ms
31ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k6zKGY-lBKwC2ASdg2ICAgAAAAM2EM2ykN3Gv_nZ_oXwb5EQ5aSuZSx0rNH_hZ_1sJwAABIAAAoKQVFVREFRRUJBUQ&wp=Za6k5QAE9VgH_aKbAAiKmCisvmN_1Jk8yx4dFA&cbvp=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 128149
server: Kestrel
content-length: 0

GET
DATA 200
OK truncated
/ Frame 345D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7af0204489e6c7cff04f3ed405a6e34e7f9e80e68e13f123fe2d8fb7497ab7c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F56A 24 KB
6 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:04:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 490819
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Jan 2025 01:04:35 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame F56A 26 KB
10 KB 122ms
122ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a124afe4b0d4ae663159812c98122288ba53adaa600b58447886d2ff2f09245f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10656
x-xss-protection: 0
server: cafe
etag: 3479149431278392635
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 17:24:54 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F56A 206 KB
65 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 17:24:54 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/ Frame 3F10 402 KB
136 KB 161ms
161ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae5be78838b959fc4609bb19ebbce1e3b7b024382d4bf70076fc579e4e80bc2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139623
x-xss-protection: 0
server: cafe
etag: 9563882127622604045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 17:24:54 GMT

GET
DATA 200
OK truncated
/ Frame DC39 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9919c8af4aeabfd58bf35790f51b3a60ce6166a92fe7e39f552507c8049c6ec3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3F06 6 KB
3 KB 57ms
56ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:53 GMT
expires: Tue, 21 Jan 2025 17:24:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DC39 16 KB
12 KB 213ms
100ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401160101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a381f999cc9e93014e711f4958dcecfc6d5c2531e706d332a6469875ca7e68a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12235
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DC39 0
0 204ms
91ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEkBRyg5n_IrU02giw1FJIpQjDEQO5efk2Cfroll1Hwc4hW4muItN40HEwXC2cCAPzR4sUelHa0mli10CgXgr6VUi7KZwvI690IJUmiV2iI4M_08vZDymVbN1WOmrRXJGIMvdzUP5BAcYlFJNl3KvNPrNKyCSnuk8RDHNTcudhZioDvsmHd8u55tUCnLJSWrPz7gr6tpMecsnCetqitb1HsWCLEBFKQ1MKFa_puzxXHBkN6bTsw7NqQKn95Cz-PilJWRdMRUp33rncWWZV2ArhToTrXMDfqumqcTxBKCmSS0ICms_VzRvD91xtcFq-HN5IA7DdPWmhAULoyzEWdeQElRMowwbrGjkq7BJJQOLy4tCfkP5iSBpNpJmidCxMS_INbU6TRICCawaPvCwY3rS1q8qTjA&sai=AMfl-YSjqXwtxqFihEol9fCymNC4Izg9Fa1ZydgXYNj-zrcyyeC8v8XKNRiyRjYqMNjdxWebG3u44A7WsftVk9c&sig=Cg0ArKJSzGtecgSnOQngEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 22 Jan 2024 17:24:54 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/ Frame 345D 402 KB
136 KB 138ms
138ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08ac32867dffd87cbe05daf8ebfa38078ffb6dac040eedb5acc0f8ff2194d601

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139623
x-xss-protection: 0
server: cafe
etag: 8731933187563444317
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 17:24:54 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F56A 0
26 B 91ms
91ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1BEwcbY3r11gltrSHGFrYBqS7midIpCE8fXdcWWbQqsMb2hY4Bkb8xJfCcZYKJuF5nI0LJUsKJQi0FyG32xYlYSK8dlnLF2p8MPFOH5xuPVXs8q7Kew-Bcs5jIRRxdVefnUgjzJYZGcn7bmtXmZsk2-noyTJRQKhpGAXe_QFK-Sy3_VVShSrbBFG2FMp4CeajW9JdTn6ZFv1V6pFddbiYJb_kX80NjePh5vgCPjZQmGXNfUYwjcKBgXTtB9nFxsaaFNt6bvHvdrjGyVgCnhU4Rf19XNfUEA0kAsuf-dZCSoJ4BA_tvQ2X3mFSh7Z3JQQQF60baW7yPkWKTTaYUxuM_0tCaWDSFpRGZy3oznXkAxclB08zkyBY0QlbVi2L7NYu7uVtGKTvNwlcjvQ&sai=AMfl-YQ6uQRGG2nv7qPHRXzLUKJ9gFoeScrxySaW2iVvjmcALWlPFwHb_vFmK63q9yk6jgaHvSlw4ggpFhsYmPM&sig=Cg0ArKJSzCTy4qnZxAXNEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3F06 24 KB
6 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:04:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 490819
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Jan 2025 01:04:35 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 3F06 26 KB
10 KB 130ms
130ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3bdb3d3ab34757c5e15e9d6c89c9ce38aeaea8d49e4861ab613d8ec81cb774e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10639
x-xss-protection: 0
server: cafe
etag: 2695328623434078626
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 17:24:54 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3F06 206 KB
65 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 17:24:54 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F56A 146 KB
50 KB 177ms
177ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

807272e94eb1b184076d7d80da0dab8b5736885bcb3974f7c11045fe7f4cea59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51091
x-xss-protection: 0
server: cafe
etag: 4602737250500393472
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 22 Jan 2024 17:24:54 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3F06 0
26 B 91ms
91ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstVR0byeJaFqqFGQAGQiTDJIVL0Oq_3CWquOW-PyFjjrh8S1Xg0pVfQn4F94IDljBGj1_YlUjXlfeL_eQu9Wvt6N78spteXounWjFVT1qVvWRMhUW4RXCbiSe_38YDGcO7EQSDUZIlKGdYuxHkXQzailcIARfJcwWP3CYLn-qko9EG6A0TA7PZn7IqZ_SsMhYde8QTW805xQ2WYbkr6hwTWNlOPf5hAEIui-Pwr0d6tZ5kEdHzvQYBHqaCcnRLri4Rv5fcwq4b0JNwP-53QcmxRUYoVyHUHadysYgtSF5lDIppvcWZgXr4ijhZLRrHYvJvC2MuA3-dGNU-cx4kAIbkCJIiymRyBrRG904e6vYOCKo8SSmP4io4WYHfyIUMtpddwTyRQDcF75zOpltQ&sai=AMfl-YT4jbFIyRQFjRJLf1eGlgoUH8_HmK5-NDaCTXYYjjURVES-MBPoz1GDKDgHJLSbAEnwCpw-fT0x2MgbkOo&sig=Cg0ArKJSzKLcLnPp38Y4EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3F06 146 KB
50 KB 135ms
135ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9865a9052076efe13713c5c89072e117cab907d9be12fa324534c658d17d813c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51091
x-xss-protection: 0
server: cafe
etag: 11454176007889396779
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 22 Jan 2024 17:24:54 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DC39 17 KB
6 KB 93ms
93ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 17:24:54 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 56E1 50 KB
18 KB 490ms
489ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294143&bpp=250&bdt=235&idt=573&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C31080334%2C44809004%2C31080504%2C95320890%2C95321626%2C95321966%2C95322166%2C95322319%2C95322326%2C21065725&oid=2&pvsid=2422972194057826&tmod=1061803649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.dok9qfjvd2b5&fsb=1&dtd=579

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com&bust=31080504

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

284ec65524e8704271d498a5f3f8f55934e047e6027f3b35458658c0d8bdc684

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 18103
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:55 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E329 6 KB
3 KB 57ms
56ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:54 GMT
expires: Tue, 21 Jan 2025 17:24:54 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C9C8 39 KB
16 KB 508ms
508ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=228266070&adf=3173046730&pi=t.ma~as.3654094576&w=970&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294278&bpp=188&bdt=370&idt=465&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=0&ifk=45754261&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080533%2C44809530%2C95322182%2C95320889%2C95321627%2C95322164%2C31080557&oid=2&pvsid=3736950477463667&tmod=1824658010&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.65fr1dddswvm&fsb=1&dtd=471

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceb8986819f631d3f8c553100e2946ba5b035379afb17d00113673ca128ef801

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 16656
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:55 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/ Frame F56A 402 KB
136 KB 121ms
121ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com&bust=31080557

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c207450f3bc541b0c0bc2a7f4801fcdf104f94552c26dc0d17e0608c63bdb5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139603
x-xss-protection: 0
server: cafe
etag: 4052720873829440643
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 17:24:54 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2C5C 39 KB
16 KB 461ms
461ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046727&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294179&bpp=253&bdt=263&idt=586&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080443%2C31080591%2C44809004%2C31080504%2C95321963%2C95320890%2C95321627%2C95322165%2C95322325&oid=2&pvsid=798554487245127&tmod=1786190092&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.84ackw6m3jqq&fsb=1&dtd=591

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5ce0e16dc07e66387e8f20c1a890f31a0e244d8d9021fcec20bfd084418f1fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 16557
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:55 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A665 13 KB
5 KB 56ms
56ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 26107
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 10:09:47 GMT
expires: Tue, 21 Jan 2025 10:09:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C757 829 B
1 KB 184ms
65ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2a9b3476f22286b7071932864798907739208b9ecbf4719182e313a75c45135a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3WNbO4sJSQ2t-Y6aR6RzhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-3WNbO4sJSQ2t-Y6aR6RzhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:54 GMT
expires: Mon, 22 Jan 2024 17:24:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/ Frame 3F06 402 KB
136 KB 116ms
116ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9be90927457a9b46975fe71fab4c6fbaed179c3b41895001ee998c602a5266a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139610
x-xss-protection: 0
server: cafe
etag: 18210268661715561807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 17:24:54 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 638F 624 B
400 B 94ms
94ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQt9LfAhif7sOAAjAB&v=APEucNU5r6-mj9E3QqEXtdDvzv4_fcPaHOgdCu-qJCqDHZnMTGCq8gRvpor6gLS4jz3iLh3YgbHo6zwu5jcu0CACk3U0syy5bKuzgj7gCMAZATol1derIvLjccjOmRl5m-2jZiGUlIVV3mKMiTO3BRXVnsAjTdlzIKUhFCV76HORulS0oPgS6kg

Requested by

Host: 31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com
URL: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:54 GMT
expires: Mon, 22 Jan 2024 17:24:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame E329 172 KB
61 KB 177ms
56ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/
Origin: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 23:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63350
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 Jan 2024 23:49:04 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame E329 8 KB
3 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:56:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80890
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:56:44 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame E329 23 KB
9 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 11:25:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21588
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 11:25:06 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame E329 41 KB
14 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 02:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 485801
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 02:28:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame E329 3 KB
1 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: 31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com
URL: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:08:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 10:08:32 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 58E7 1 KB
643 B 56ms
56ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com
URL: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Tue, 23 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame E329 20 KB
8 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com
URL: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82555
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:28:59 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E329 42 B
65 B 202ms
202ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D3M4An2lWS0Ib0GppQALAzrHYt8enJ5xk2pb3vCF7t5-8GiJvlL30tPV3zak7xf5yBc6-p9ZVpYGXsdYi1Vh7doFTZxtN7PQLBsZqrxuuy19dWerc

Requested by

Host: 31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com
URL: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E329 0
0 155ms
64ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRsixC9swm15g0GfXnX7wZTlWrv9N5FnjeKG-dNB4V-0BiiXgH68ohzv3IwynuqzEMzF1qyHkuKt8XchF3gfT2sbwZL3w
Requested by: Host: 31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com
URL: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E329 206 KB
65 KB 112ms
112ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com
URL: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 17:24:54 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame A665 39 KB
15 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 09:54:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Jan 2025 09:54:39 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 58E7 35 B
463 B 98ms
31ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBpLP9V3_pk24LVISAkR7Fc&google_cver=1&google_push=AXcoOmSuMiU5mXDBmYLHNL-g7mGkKQadfjNTSx93wZGw-mxgL09obesdz16_uUBCy_yOLky451QTXvzKRp1XiPS-j3ba63tnuXxC

Requested by

Host: 31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com
URL: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 58E7 0
104 B 181ms
104ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGOZ0YjI074qqLFXSh5PUCQ&google_cver=1&google_push=AXcoOmSDiuvUI5x_gUp5bN4Y0lD1WlpKuGmfQgKXqfNwPNAIYKd2XFTnThH6aMXpetGslTXyJ3JXf-7NGJStglqC4hkTYQvtIj5fTQ
Requested by: Host: 31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com
URL: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:54 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 58E7
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEHpNzq7tR1aCQOqJuFgk1oc&google_cver=1&google_push=AXcoOmR9GPoH_wC20af5GgO5sQWhIidQmPhCtb3znpdPn9ou5fIHOCBM5sEgPiDpPQVAJt_9aSBmKn4yih3HQsyo...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5jXluOmoQGYlB3PP_3fP2w&google_push=AXcoOmR9GPoH_wC20af5GgO5sQWhIidQmPhCtb3znpdPn9ou5fIHOCBM5sEgPiDpPQVAJt_9aSBmKn4yih3HQsyoN41MBetae27RGQ

170 B
243 B

57ms
57ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5jXluOmoQGYlB3PP_3fP2w&google_push=AXcoOmR9GPoH_wC20af5GgO5sQWhIidQmPhCtb3znpdPn9ou5fIHOCBM5sEgPiDpPQVAJt_9aSBmKn4yih3HQsyoN41MBetae27RGQ

Requested by

Host: 31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com
URL: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Jan 2024 17:24:54 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5jXluOmoQGYlB3PP_3fP2w&google_push=AXcoOmR9GPoH_wC20af5GgO5sQWhIidQmPhCtb3znpdPn9ou5fIHOCBM5sEgPiDpPQVAJt_9aSBmKn4yih3HQsyoN41MBetae27RGQ
x-host: tde-deliveryengine-production-5db7bf8975-k484n
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 58E7
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOr2ik-KfuQ3KKPGc6XLn8s&google_cver=1&google_push=AXcoOmQmBjPJJxrVKAZz_FqdgaEJa2FRWaDr2ynT1vjTZyA5ISc2PLX1dR_BlmGkzu_QT7ZCzXC...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJQNzZRRk8tSy01VTky&google_push=AXcoOmQmBjPJJxrVKAZz_FqdgaEJa2FRWaDr2ynT1vjTZyA5ISc2PLX1dR_BlmGkzu_QT7ZCzXCATNehzGC86kddJMdzl7Ja_fnP

170 B
232 B

56ms
56ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJQNzZRRk8tSy01VTky&google_push=AXcoOmQmBjPJJxrVKAZz_FqdgaEJa2FRWaDr2ynT1vjTZyA5ISc2PLX1dR_BlmGkzu_QT7ZCzXCATNehzGC86kddJMdzl7Ja_fnP

Requested by

Host: 31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com
URL: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJQNzZRRk8tSy01VTky&google_push=AXcoOmQmBjPJJxrVKAZz_FqdgaEJa2FRWaDr2ynT1vjTZyA5ISc2PLX1dR_BlmGkzu_QT7ZCzXCATNehzGC86kddJMdzl7Ja_fnP
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ef823186f233724f4775c0c4b9549d14
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 58E7
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMe6B575U3VPEJOVjcPIfAM&google_cver=1&google_push=AXcoOmQ9EiBS7ewdT7k101IngttVlIFt1qdOQHHYSdRsexI22LngRl-MrelrBzYSQ5P6WlQ0oWTnsKMC6elG...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQ9EiBS7ewdT7k101IngttVlIFt1qdOQHHYSdRsexI22LngRl-MrelrBzYSQ5P6WlQ0oWTnsKMC6elGT-9vEAl_BDp3iTXEdg

170 B
232 B

56ms
55ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQ9EiBS7ewdT7k101IngttVlIFt1qdOQHHYSdRsexI22LngRl-MrelrBzYSQ5P6WlQ0oWTnsKMC6elGT-9vEAl_BDp3iTXEdg

Requested by

Host: 31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com
URL: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQ9EiBS7ewdT7k101IngttVlIFt1qdOQHHYSdRsexI22LngRl-MrelrBzYSQ5P6WlQ0oWTnsKMC6elGT-9vEAl_BDp3iTXEdg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 58E7
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEDie4GL3WDyBi0zOKwEtRFw&google_cver=1&google_push=AXcoOmSs4r9WtjY7a...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEDie4GL3WDyBi0zOKwEtRFw%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODM4MDU5ODQ1NzIxOTkzMzI2NA%3D%3D&google_gid=CAESEDie4GL3WDyBi0zOKwEtRFw&google_cver=1&google_push=AXcoOmSs4r9WtjY7aa3kU_UQ34qxb68AMY...

170 B
232 B

57ms
57ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODM4MDU5ODQ1NzIxOTkzMzI2NA%3D%3D&google_gid=CAESEDie4GL3WDyBi0zOKwEtRFw&google_cver=1&google_push=AXcoOmSs4r9WtjY7aa3kU_UQ34qxb68AMY9g1vR5WsB69sAOhID_hNd8m3DHLzk_0uTU7O4xr-z7xXpbDE8wLvWuayRb6aodhJXsIu8

Requested by

Host: 31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com
URL: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:54 GMT
an-x-request-uuid: 9da04420-e293-4efc-b02e-52d271785cda
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODM4MDU5ODQ1NzIxOTkzMzI2NA%3D%3D&google_gid=CAESEDie4GL3WDyBi0zOKwEtRFw&google_cver=1&google_push=AXcoOmSs4r9WtjY7aa3kU_UQ34qxb68AMY9g1vR5WsB69sAOhID_hNd8m3DHLzk_0uTU7O4xr-z7xXpbDE8wLvWuayRb6aodhJXsIu8
x-proxy-origin: 193.32.248.225; 193.32.248.225; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 58E7
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=635d1957-318b-4352-b3b3-651b5a65c707&google_cver=1&google_gid=CAESEFUARBJcL0MWye6eew1R3y4&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
232 B

57ms
57ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=635d1957-318b-4352-b3b3-651b5a65c707&google_cver=1&google_gid=CAESEFUARBJcL0MWye6eew1R3y4&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSnn7MkegxLy5qUBrNi6TilKZCdAxHhT5E8KLmWdTK4-n3Y9iOMLWRfCjU3t7MhJucpoBQIH94FC5fVZS_w6CIxCJZgAH-s2ws&gdpr=${GDPR}

Requested by

Host: 31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com
URL: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=635d1957-318b-4352-b3b3-651b5a65c707&google_cver=1&google_gid=CAESEFUARBJcL0MWye6eew1R3y4&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSnn7MkegxLy5qUBrNi6TilKZCdAxHhT5E8KLmWdTK4-n3Y9iOMLWRfCjU3t7MhJucpoBQIH94FC5fVZS_w6CIxCJZgAH-s2ws&gdpr=${GDPR}
date: Mon, 22 Jan 2024 17:24:54 GMT
server: _
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 58E7 0
130 B 161ms
55ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K9ab8ZEy8w8f2M_0vVaPf_7ttqRPUjdArOREXj51KQW-cfgBZPENCFlSOKwynIMMEQExxXkNs

Requested by

Host: 31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com
URL: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 41F5 38 KB
13 KB 56ms
56ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 505846
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 20:54:08 GMT
expires: Wed, 15 Jan 2025 20:54:08 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E329 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1047f11a0a014218c64605637be39455d55f3fe0c66850eefbfed3bd9aaacd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 638F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5i18Ynk8Ktwwgb46b6X-U&google_cver=1

43 B
350 B

49ms
49ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5i18Ynk8Ktwwgb46b6X-U&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQt9LfAhif7sOAAjAB&v=APEucNU5r6-mj9E3QqEXtdDvzv4_fcPaHOgdCu-qJCqDHZnMTGCq8gRvpor6gLS4jz3iLh3YgbHo6zwu5jcu0CACk3U0syy5bKuzgj7gCMAZATol1derIvLjccjOmRl5m-2jZiGUlIVV3mKMiTO3BRXVnsAjTdlzIKUhFCV76HORulS0oPgS6kg
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHPyQZJLuQ724KxboBJKeAG%2BhJgJKNCQjjnU0qsW%2FRvllKr1nvvLSfuFk2zga5WSpCZpG1Z%2FE5NN8yz%2FbN%2Bpu%2F%2BDmP%2F1AyL7kcnCH0oq%2Fs2m89UhmaSJmnWjp%2B73yVfxmx7Y%2BdLzpBgTtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84997e441d7f4480-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5i18Ynk8Ktwwgb46b6X-U&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 638F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za6k5sWz.7988uYhe8qJJQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5i18Ynk8Ktwwgb46b6X-U&google_cver=1&google_hm=2

43 B
859 B

58ms
58ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5i18Ynk8Ktwwgb46b6X-U&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQt9LfAhif7sOAAjAB&v=APEucNU5r6-mj9E3QqEXtdDvzv4_fcPaHOgdCu-qJCqDHZnMTGCq8gRvpor6gLS4jz3iLh3YgbHo6zwu5jcu0CACk3U0syy5bKuzgj7gCMAZATol1derIvLjccjOmRl5m-2jZiGUlIVV3mKMiTO3BRXVnsAjTdlzIKUhFCV76HORulS0oPgS6kg
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUku9FRrcgVMOkCxe7zvjxMuIpgKxDqBOobdzync07gk55FBktD4NvfxoTRKXtaGpxUBXwn9kjv5RTeF9xz4mdYYv9lNVUWp6iqY%2FYAVFT46IhqiWTFQQul4UVI8KPWmVPRBAyq8GHtbww%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84997e44caacaca9-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5i18Ynk8Ktwwgb46b6X-U&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 638F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAogiu6Z0JZ1-9pM7MdyUZg&google_cver=1

43 B
1011 B

34ms
33ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAogiu6Z0JZ1-9pM7MdyUZg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQt9LfAhif7sOAAjAB&v=APEucNU5r6-mj9E3QqEXtdDvzv4_fcPaHOgdCu-qJCqDHZnMTGCq8gRvpor6gLS4jz3iLh3YgbHo6zwu5jcu0CACk3U0syy5bKuzgj7gCMAZATol1derIvLjccjOmRl5m-2jZiGUlIVV3mKMiTO3BRXVnsAjTdlzIKUhFCV76HORulS0oPgS6kg

Protocol

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
an-x-request-uuid: 499e01e0-0d90-4900-bcec-f74174744356
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 193.32.248.225; 193.32.248.225; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAogiu6Z0JZ1-9pM7MdyUZg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 638F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODM4MDU5ODQ1NzIxOTkzMzI2NA%3D%3D

170 B
232 B

58ms
58ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODM4MDU5ODQ1NzIxOTkzMzI2NA%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
an-x-request-uuid: 1b6b7068-fd78-45bd-91d7-a3eeae164c14
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODM4MDU5ODQ1NzIxOTkzMzI2NA%3D%3D
x-proxy-origin: 193.32.248.225; 193.32.248.225; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A665 0
10 B 56ms
56ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?4S9ErA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js Show response
pagead2.googlesyndication.com/bg/ Frame 41F5 50 KB
19 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 16:48:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 520556
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19642
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 16:48:58 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C757 0
0 202ms
202ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401160101&jk=1982201838539988&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 54C0 48 KB
17 KB 468ms
468ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046725&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294638&bpp=155&bdt=140&idt=351&shv=r20240118&mjsv=m202401170101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C44809531%2C31080505%2C95321958%2C95320869%2C95321626%2C95322163&oid=2&pvsid=2447506523472180&tmod=8997992&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.h682mv4gzvku&fsb=1&dtd=357

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com&bust=31080505

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

542067235850b4a820b4cde2e12986f55883ab054bc26eb99326891864a71ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 17813
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:55 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F08B 6 KB
3 KB 56ms
55ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:53 GMT
expires: Tue, 21 Jan 2025 17:24:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E145 48 KB
17 KB 450ms
450ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294535&bpp=221&bdt=162&idt=489&shv=r20240118&mjsv=m202401170101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080442%2C44795922%2C31080557%2C95320377%2C95320890%2C95321627%2C95321862%2C95322162%2C31080557&oid=2&pvsid=1046948045195996&tmod=1940145891&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.b564jzrks8l4&fsb=1&dtd=495

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c60ff586079ec640274f556fd715614b817b71e62289deaf53fd531bd691c18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 17722
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:55 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F08B 24 KB
6 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:04:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 490820
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Jan 2025 01:04:35 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame F08B 26 KB
10 KB 93ms
93ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13ab32b7ff4384d8b701b6fb8a8ea31cac46248995ef4baaa73d999ad980c9d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10652
x-xss-protection: 0
server: cafe
etag: 383803451723112845
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 17:24:55 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F08B 206 KB
65 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 17:24:55 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3073907470465951617/ Frame C8F3 1 KB
769 B 202ms
89ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3073907470465951617/index.html?e=69&leftOffset=0&topOffset=0&c=dkS7Cy6bQQ&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

813f45a3c07acc01cde57cc78e3366e42b84c2cce443db4f9bdcdbf1990a9e3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 740
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:55 GMT
expires: Tue, 21 Jan 2025 17:24:55 GMT
last-modified: Fri, 02 Dec 2022 15:12:11 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame E329 0
0 194ms
89ms Fetch
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsss1QJyo4xg08kLz-7IF9kaUq4_C1Eiq6ynfesbj53drcmclD1bqruAab1uQmpPdbJPnPoOFkIVmBK19oKrodjrK9l72tlK2L0BQDTxZzcHhjQaDbtwTw6g-XTv4dmaWeqcRNNq3EgGkUvBQWpg39uANwMhp9E9napJko665iUzXVCoQlm8dZdq10EHPuL6weBxBnvg_yrdBd6fvvUZlp0lLnjgm2hXgCEOwozG8_GdbOb9paXq1PW677t3wyIPNoH_1A0HpN8ePEBtl0PY_ut_m3wgxPsA3gqNX2JErtMdhCB4iyNgnCTY6yTSm4xzrtWiPVad0apMyChAhjLjODXeLlhNTo-kIQkZOt0stBQo9E2jbF36azZs8g0pZQMdn8wCSOTDX3it5xFz--_xn7J-Cs2grlUNbixfLvTddsIFoFSfQ_p3C3RJ-xJQVZ2OTjiVFB4Fazzq_c8a5B6sO3-i4XJbly9-KjJQcpATd4KE3-IVOZPZH2KARLcBcN6mYMTC2UghtM07AmI4o5-Y3j5jXULBPRDW1djeKhPoixoqF0I2L6hOGhFJxd7tpiqJaTkDVSePgJ5UqEJkcLVdBJr4u9kik1zftqfLNBkl60geOK3uJB7LEllpCoZ0lfhKQ9qq96FnVr5XNS02bnhkrNqDC6UltzBNVRugZZ8u_DUzg6LPxavqLIUAA6Su6ms7zNeYs7Onrr5auh51c5if3OqUzuvL24ptuYWS3w-8_zy4u5qf4pyVNVt0sgMs3lCYR-_XZ3GfVOKAzAw5dQMzMfzT226j-VbZm0n4MLSLBVT67sQVrBIwyTenKb1F9YsB0NjVjmMJhxd22lDiwutl-17MJZOx0dxNFB-dkQV0tfTJvDiP-DPZe8Ob9rEqbqjWgPvetDIhuYSMWKIqtMOkWd46GBFP9GVhJo5fNoXM0KnMlrWRNu2BiPerE6pyOSZq-orhr0bH97FvZNPxQE3L24KaKd8iT8D8aIsVLmXZDxIe_KWW0MFb7UQHtRPUQjB0I3cLnjmrmMxS6YNb06ScbPQggms9M_uJVIf0Vjn8qRU0aKpAjeNaeszpbZgg-O64ncxtrGEpvXCR7RdL3Uil7wAcZisfBjUCJucpQvaZj3p8jCvVi6MHmksNuVrbR_oiqTyuRwME__n0f-1tRbZsqXAT15CY9tNjZ5X1h5J91fSkSYQ63FNTCqi-SsL9xT0siXK4wlZCOpfjyYnRfSmXQ_kePFvZ1WnYdLy_ixZxw-JS_fxzu2Y2jmHX-eCa9zutqp4Bpw14C-QJdFvjOcvifuJUPdh7t9fuhvJr5QCDTbtWVRwL1AhLDi1WUPmoLSW8C9gsgjGkNY_BmtmAjx0-QlzO8fhYatO8eU1YETlKNpv3AKVXRdrxYbdzNa2DUnHaSI4lEHhVGVW_Dw&sai=AMfl-YTdCfhrf9tM1JFlp2Fy5oKHrEzFkgqQnDhodDIQYn0Zg8KoBTBRxjYpxLrxrh-bD1yAruDxE_aBuV7MQRbe-ErBun_T63ZIlcS-hHR10xnXwqJBcvBu3eOjFBM4FWZRTq8WDGpFB9hGwxLMHilAuy-3wUHxgXNESIPxEPIDwdE_ypwEmvb5JbKHoEgNQn9AzsiNIaoOz-VDr9KZxhAc9s392ryhXQw1WevxWE07jjRaMMJ12qk-8-wQ5-_gPkqEt7cmccRsFu3ufktm8JZBBNrceRC6_Bl0wdSK8Fo-SKQNY7_bAf0mYlJVgPIhePPanQAdq0avyyDl&sig=Cg0ArKJSzMwbrKL7_n29EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zd2lzcy5jb20saHR0cHM6Ly9leGFjdGFnLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=286&cbvp=1&cstd=282&cisv=r20240118.41871&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 22 Jan 2024 17:24:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame E329 60 B
60 B 165ms
35ms Image
image/gif 213.202.235.9
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=63&extPu=lx-mindshare&extProvApi=lx_de&extLi=31026931&extCr=183195740&extPm=382927003&gdpr_consent=&gdpr=

Requested by

Host: 31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com
URL: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.9 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 17:24:54 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Mo, 22 Jan 2024 05:24:55 GMT
X-ET-Code: 0
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 1894
Expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6C17 0
127 B 31ms
30ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 22 Jan 2024 17:24:54 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 41F5 0
22 B 209ms
209ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bdt365qSuZZniFoCj9u8P5a-z2AwAAAAAOAHgBAI&bg=!hIelh8jNAAZVxkGXdcY7ADQBe5WfODxQJR_xdf06CTOD4ufDXzlZCIEpIjzDdh92owJvBJMcrkLDC9Ijt6acSkWMnAb2AgAAADBSAAAAAWgBB5kDVj3aP-n8_sEgXsZZ8pzRYpv-N4kO06ixfzn6hEq4X2NTz-zU0GsxB6K5kr6UEukfmppkFHjJUbyLoyx16vdaFs9L07krd3YieIdAMmTYPc2tOM4GxrhQ5OxM-mKt3x6pILqvl2wmfxVAndC1HUNWV1Oic5FkgW2OQPvZ8FWjSEuMgWybXfUIT2bXJ_af9h32Xts3pyajaB31FUWNZbHbEYSJ8a-XQ2_ZaDrm3i946dWl6RAPNxGT_tAdGc2M4oknRI08XudL0VWAX-nFhmUM4ZhQYGxn8am_fznewbWPIHluLnSgvAyf2rOAc1Iem3EQizA0JqNdp6gqzuRqzu-2GydkzTX4Kue_O5gtC74bRoUoSW2cMxEdf04LvjmlAAu5poHTrf_yq2QKEkbu5HjngkIMRG_DuNfnKAg-yScTDwufr_CWErJBVH4vg992XxAa2xgtbsSxHViRarITbxE0o2LjiJ0dR-mXJ_yuduZfqnN64P3FA3giZkg3EMJ9tWqQ1B7vtLP4k1NRC1qIPM3Ujd1G9y3ua487WqKxmIYk9Om6fLkzjPbiwTwN5T6H_3NrWbwues2JW48Obh0iJ3evwzlZqmSg6nKG9OPg77r1luLH9HvRr8Ij2qmz3RkB3q30Nlf8xctidZ9-Vap_CmTlfFI6mgxvRIHNWDz9tXgQwAJFFky9GECYWiK1NrUyYSZvy7HlxvvFnkEEjS6v366sZer8xDkKZxLqsGw15aHhcm7r3yCVCwcHBmDdIYOTcQ3qnC7kahSJMAKEvqaVjdNs_XaXjNKTkf6HjUrsSkIF7PIPr8XAMEHVdGvRwiIkjyYbscdFVjtPp6HXuu51EO7qj2Wnqi6YwHDTKcbe5waV_VCmoe2OAfEb0V0qvov-D1h6khNeFK1gHH0_OTrAAWtHAnS-q6DRc5eXy2sHApBi88WFdl0fky2A0AiwdGLbvav6qkVH2K1CpuzrMnYFKV4SMYQRbJ9jUKhid5tQ7QA_OYr_Y2YVzUJtc38bGLnb4Siy95K95D-aCPfOQKCkyN0scvJj-vwceOSKnQW2otPe3C0KKDncjHhbOWqNFJBV_FYMTT8GOF7BOF3wYuKV6InsCJS501g78uZvZFQCr75b0polfGQv_phI

Requested by

Host: 31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com
URL: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F08B 0
26 B 90ms
90ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzKWDwD3qSZTIl2A_td43nOZQwbKs7R3X6NFBTQWzs-sdFE8kovwlVxH-kHtp2ymERYnLo2sBlKBgbxxih_uMhhp7Mg_ygcR6PVBrF-QqrdHu9pKpdh__jksQf9UBDRHlVGNAD4673ioLScgPfwO6Vv6s6MlZQbW0GbVqa0xNsVCbuJjZjiV273pGxqmiRqeFPghQ0K0dT8cuuxGfHgRrH2o7sTKl8RCPChNaki0XGkKg1DUbVF-BRp1a6TIaE2VS-nCSJVOrjiOUR-sYPJB7LHs7FkyoC5D8w6mKcJKmX90Pjh7UxH4BLo_IX7twJva5dXx-5R86POWwpIk_SPLSEeY-mpgHgUYDF_r1SUPnAu9KW9A08EcwY3H7_YZouyPpCPXS-4PAPl_HE8NlQ&sai=AMfl-YQdFoRAztVKMVGSOemvggAyHUacAGkzWh8xhh_t_L0lrjJy3xZ594TesZ3RGW1N6TAGtLnEw0XxRmMQeZo&sig=Cg0ArKJSzJlT5tAytM11EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F08B 146 KB
50 KB 133ms
132ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3af23be82800e61856bc90632b5e54eddda4d159d289aa69cade2508e426215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51094
x-xss-protection: 0
server: cafe
etag: 17556043820531962380
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 22 Jan 2024 17:24:55 GMT

GET
DATA 200
OK truncated
/ Frame F08B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2886e27083578211913540635bb548c491e3c95ed5bd66f0559fb01f540abe58

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 creative_add_on.js Show response
cti.w55c.net/ct/ Frame D4D9 5 KB
2 KB 129ms
34ms Script
application/javascript 2600:9000:25a2:a800:3:4706:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cti.w55c.net/ct/creative_add_on.js?w=300&h=50&zindex=0&ci=Xm5m1vekkx&ei=GOOGLE&ob=0&ai=0DaDXCcU00&epid=R0wxMDA5Ng&fiu=WG1KVFAyNDVlMA&s=https%3A%2F%2Fwww.xgcartoon.com&ciu=XRAYbd1MgU&btid=NzlCMUI2NUJENUQyQTE1OEZDQUVDQTZBMTNDRjA1REZ8R0ZOUjh2UHUxcnwxNzA1OTQ0Mjk0OTYxfDF8WG1KVFAyNDVlMHxYUkFZYmQxTWdVfDM0NjkwODc2M19FWHwyNTcxNHx8fHwuMFB8VVNE&c=DE&dt=2dt0005&sd=xgcartoon.com&cip=1&uidu=CAESEBtxA-D3p6bdgLIhzXDeN3s&spidu=GOOGLE&pidu=10096&hmpvu=be53bdf2-3adc-4150-93f8-ed237510a287&hmtsu=3&odtu=2&mtfu=1&crdmu=300x50&cridu=XRAYbd1MgU&

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294143&bpp=250&bdt=235&idt=573&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C31080334%2C44809004%2C31080504%2C95320890%2C95321626%2C95321966%2C95322166%2C95322319%2C95322326%2C21065725&oid=2&pvsid=2422972194057826&tmod=1061803649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.dok9qfjvd2b5&fsb=1&dtd=579

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25a2:a800:3:4706:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 0IYa12QvFdrNK.CC2JhaeEJAYjkhUjCe
content-encoding: br
via: 1.1 179ba4c3ce59451c080c2ed7517bcb96.cloudfront.net (CloudFront)
date: Thu, 18 Jan 2024 07:01:55 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-amz-cf-pop: ZRH55-P1
age: 382981
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 17 Sep 2021 21:17:39 GMT
server: AmazonS3
etag: W/"a6c8a5bdec77729759b220b95bf503f9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: must-revalidate
x-amz-cf-id: LM1l7YI5PBs71v4bQZ6Kf1gdOFXhwCRZCbcz3885gfSnqD6m9yTRGQ==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame D4D9 3 KB
1 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:08:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 10:08:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame D4D9 20 KB
8 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:28:59 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D4D9 0
0 64ms
64ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRj-0Me4x4Knh4eIxsciP6UMSM7XNtqvWfR1n_qk88_xjj7nKvv-ios851xokH96f0dBnKhjhEILyUgYAMGpMQjpx38Cg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294143&bpp=250&bdt=235&idt=573&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C31080334%2C44809004%2C31080504%2C95320890%2C95321626%2C95321966%2C95322166%2C95322319%2C95322326%2C21065725&oid=2&pvsid=2422972194057826&tmod=1061803649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.dok9qfjvd2b5&fsb=1&dtd=579
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D4D9 206 KB
65 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 17:24:55 GMT

GET
H2 200 XassetZ0Fj4zTx.png
ads.w55c.net/t/d/ Frame D4D9 22 KB
22 KB 114ms
32ms Image
image/png 2600:9000:2491:4e00:1b:f040:3600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.w55c.net/t/d/XassetZ0Fj4zTx.png?at=0&rtbhost=conf01-europe-west1.rtb.roku.com&btid=NzlCMUI2NUJENUQyQTE1OEZDQUVDQTZBMTNDRjA1REZ8R0ZOUjh2UHUxcnwxNzA1OTQ0Mjk0OTYxfDF8WG1KVFAyNDVlMHxYUkFZYmQxTWdVfDM0NjkwODc2M19FWHwyNTcxNHx8fHwuMFB8VVNE&ei=GOOGLE&ac=WFMwUE56aXZTMTpYU1pHTkNKTWpzfDB8MHxFVVI7&js=0&ob=0&ccw=SUFCMSMwLjQxMzUyMjg0fElBQjE5IzAuMTYyOTAzNTV8SUFCMTktMTcjMC4xNjI5MDM1NXxJQUI5LTI4IzAuMTYyOTAzNTV8SUFCMS01IzAuMTYyOTAzNTV8SUFCOSMwLjE2MjkwMzU1&ci=Xm5m1vekkx&psid=NTkzOTA4MTEyNTc&s=https%3A%2F%2Fwww.xgcartoon.com&ts=1705944294964&c=DE&r=G-BE&epid=R0wxMDA5Ng&mi=d2Vi&wp_exchange=NWP
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294143&bpp=250&bdt=235&idt=573&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C31080334%2C44809004%2C31080504%2C95320890%2C95321626%2C95321966%2C95322166%2C95322319%2C95322326%2C21065725&oid=2&pvsid=2422972194057826&tmod=1061803649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.dok9qfjvd2b5&fsb=1&dtd=579
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:4e00:1b:f040:3600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24708f1809ac941959262a8d3bd627d92cc232d3aea08fad908275f4f58c82c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: RHjBx.9.KVQ1v8UkncFyzM1bG5nSstDs
date: Mon, 22 Jan 2024 03:14:49 GMT
via: 1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 51017
x-amz-server-side-encryption: AES256
x-amz-meta-width: 300
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-meta-filesize: 22325
x-amz-meta-height: 50
content-length: 22325
last-modified: Mon, 08 Jan 2024 17:27:00 GMT
server: AmazonS3
etag: "836903d1bfb8bb471259d1fb3d88c2ab"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: oIE2RChxGYPLFELzbjcpvIaMW92JVYOtgbvt-t0uwK624djqbumEiA==

GET
H/1.1 200
OK pixel.php
t.hspvst.com/ Frame D4D9 95 B
930 B 273ms
61ms Image
image/png 154.58.197.185
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.hspvst.com/pixel.php?id=2677&t=P&cb=1553481679790224
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294143&bpp=250&bdt=235&idt=573&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C31080334%2C44809004%2C31080504%2C95320890%2C95321626%2C95321966%2C95322166%2C95322319%2C95322326%2C21065725&oid=2&pvsid=2422972194057826&tmod=1061803649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.dok9qfjvd2b5&fsb=1&dtd=579
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.58.197.185 , Spain, ASN174 (COGENT-174, US),
Reverse DNS: staticip-hv4m185.hispavista.com
Software: Apache / PHP/5.4.45-1~dotdeb+7.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 17:24:55 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-1~dotdeb+7.1
Transfer-Encoding: chunked
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type: image/png
Cache-Control: max-age=315360000
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Keep-Alive: timeout=3, max=1000
Expires: Thu, 19 Jan 2034 17:24:55 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 4EA0 2 KB
3 KB 132ms
57ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jse48w4jcg4dfs1ehbt07883vwzr5b2n0mt0s50mrexkqz963tt5caj4frm5ey8dscknktyve08a8hbxpjwyw8kg2h1bxj2t4szqrf4fwq1rpmay1prsm2296v7y4f50rxqmjptpqxfc0c493ygdjy6rqqe4n61cm4r5pnh6zhmxw6pf3eqeyfw14e9pgjdbhx9kezp2pw07aaqvbm0tsmexrsh18c9ns5vp3bandpqxmbm3ea51ynyytz9g9w538bpd6nkefqg3dmn9r0dq7p159fwdc6m19zd83bkayd03vbstfsz9pfzekb134g5vak83rb2zdbpybspvam84n55yjp07sb5hqfhp3wvnetsxaqnhqrk5ha2n7vwzf7rm3r9hjvp31pyhtvch9vzgqhhdntny60pek9g9yq1tdpcf3mmvwcz9d82h9v2b3t0jtrn2922g4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy3H95qSuZeaHNp7sn88P_vSL-AuQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEzAFP0FfU1Xh-RLhb93SFEgyWuRhk06kvnDHHQ5bHTne0qheFxAwPDwf6ouBhH8rHGG3XJFGelrZD8Vv8or3PbZ0g2Pvob40qa8hAnl9r7f_LIfTfuGPc1zw1u2O4WfI0XSMDqjrU_s8Mxe53yXobj3hDkyagqx-TCApuaG-05sHYS-0T8KoaXQ2b4L_9FXtkH3elcEYBd6syL-0rjbrMRCiDiwlBlo-vQPgBxEgnG9qq22gfQrObPgxt2aTf_TZzsNH38RQrklZI2JfLl4qABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliarMvdwfGDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Yz3mf4LaAWe-ukvWeiU62pyuBGA%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046727&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294179&bpp=253&bdt=263&idt=586&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080443%2C31080591%2C44809004%2C31080504%2C95321963%2C95320890%2C95321627%2C95322165%2C95322325&oid=2&pvsid=798554487245127&tmod=1786190092&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.84ackw6m3jqq&fsb=1&dtd=591

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9769820d10612f85cee19a81be43be3b11f1513f9b9bfecda37a6bcb47a5cf73

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84997e45dbef3aa3-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:55 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 2C5C 3 KB
1 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:08:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 10:08:32 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 84ED 1 KB
647 B 56ms
56ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29485
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Tue, 23 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 2C5C 20 KB
8 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:28:59 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2C5C 0
0 64ms
63ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSy_KdIgeid7AELbkaAdpj27h3k-MBHw3JxF8FaiEK0gPsQajrBkjR7v7T10g9eWLrWgji9gh8TbWxjaFvOa1BNBTbIIw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046727&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294179&bpp=253&bdt=263&idt=586&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080443%2C31080591%2C44809004%2C31080504%2C95321963%2C95320890%2C95321627%2C95322165%2C95322325&oid=2&pvsid=798554487245127&tmod=1786190092&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.84ackw6m3jqq&fsb=1&dtd=591
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2C5C 206 KB
65 KB 115ms
115ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 17:24:55 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2A40 42 B
64 B 209ms
209ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvSYUw44FyMpFCxdv_igtrQfwsaoB5qZdNBeoECimb_l0oUS5WrgiqW1obRgQ1cQ8fJGuM2ZK-TwXzs5XwtmfWwn6y5eE3L5fyDUSmPO2xYHbNoR6tl&sig=Cg0ArKJSzNEt9WNNuWY7EAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=807729522&rs=1&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705944293796&rpt=423&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 801C 147 KB
49 KB 77ms
77ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Za6k5gANOK0GdhVPAAGxSshV6gLGAewU0puOWA&u=%7CKD4fj3fCKrovanf%2FSaPdi%2FYCOBlyoPOEGGFgIgYW0mo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZejSh2I_Z98Df6ZxgfN0MfsbFbpogtsw4cc9fkRv0l-LqqcsUBwxbAAHWhEQHHWYknVLReovlKoJzN0kHz2v5aOH4o3clkjTaZOH3gfdh-Agc7IPrlhiXB6_-y6CNPYhiaTE-_AxCrv7deyxxyOuscnc3_ddZ-aCUHU1_XGIVLsfYaxhOOj5vlPTqFtK9K9VXVaD_3uagSG3sev49QzUPH2Dnga2PKGtT60At2eZeNTVZnBho8KLprTo4fglaKvqgvWDnA1xDGmNa09AW3tPKjsDTEWD3gM-eNTd-RGgcBDRODbQPjfSI7YRCBGK2RF9gLqs-dUCjERjpmA2LHcAWTf6nKwCmmOtMDfZf0Ftodep-fKUzvPWiW98qughkaMk8dr9Js28aKfhdcBOuc5K9gNEul_6AUd_ZLxbZ2iRaQf6cCV6HGET-vU_JYmdWc01X0Y3S7u9Wagi7gh8g0PdlfLka5hdlMuRYntKsSUR4yduBlmhDxDNsSadJ0Pqi8G4cXLheizD9h8xZvAEx2v0NCRQkNKVG28hCRJ60J061HTIyYkYid1JCa2WfxDirDfhhUtdp74O0rl6kerNDvDiBLOc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDJDO5qSuZa3xNM-q2OMPyuKG8A_JntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpArTNAzOYRbI-qAMByAMCqgTMAU_QIg4ETKDbuAH2kRWbvvtXQuPjwXQify7RtfvmkTIGd703m4NfqYyBZ0stTMLezv8VlCwokf7LTaShsQUxHDc4UXIqdJ0uXfKOplv__6tj_9Ldp3TMVWcGna2WBDtsqqwMVpp5jJRPGd76nS2RYp6HwgB_pb7aObQkpTADbGSHxG7uYyWPkMDa8_ZxOk4j3k19FabeUdmhej_bxO0mf5KEUiZr8h28E7W5uuJ2NXe6xTPLbxMi01vbX11DLL5zO1SWmWndLrTnuFAKL4AG0syh34OO9-_qAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5h8rdwfGDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0pOD_Z74mOBxoAqhUYtHvfzxc2Ew%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=228266070&adf=3173046730&pi=t.ma~as.3654094576&w=970&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294278&bpp=188&bdt=370&idt=465&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=0&ifk=45754261&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080533%2C44809530%2C95322182%2C95320889%2C95321627%2C95322164%2C31080557&oid=2&pvsid=3736950477463667&tmod=1824658010&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.65fr1dddswvm&fsb=1&dtd=471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

089858cb4c96d7fb7819671373a26aa8a92cc7acfaba7d90630c89f668ee1760

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:54 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=JsWOkl17BwXBtuHN2yC38OsubZ_d6_Z0zn4Vv-6-SrAb3i9QxRvUs06QAcF6PTo0hG4WbO3C0cN05CG9hSCzC3y9i4EXni8NFhWct1ejiC5NH_vxq6TxZy-etS6BZ12M7lDlzB23DsXgQ83OMuABhDjBbpPHplUxmJoFOshgD4w544U1t-lbgdbHDHtcBeTT3M3dxqaGibESexRVFLW3L1x_K__Cqc-CAYxRhEDHpoVxRqWLbBpp4TGZv14"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 42485143
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame C9C8 3 KB
1 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:08:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 10:08:32 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7634 1 KB
647 B 57ms
57ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29485
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Tue, 23 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame C9C8 20 KB
8 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:28:59 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C9C8 0
0 64ms
64ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT_mNteWOB-XsXBwAb4289TssHEDefa3U7ehDO_or9iIXBv1s-G9QUNVYhyprGXOAtiLKS0RLT11TSbM23umBTIN-MM3Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=228266070&adf=3173046730&pi=t.ma~as.3654094576&w=970&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294278&bpp=188&bdt=370&idt=465&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=0&ifk=45754261&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080533%2C44809530%2C95322182%2C95320889%2C95321627%2C95322164%2C31080557&oid=2&pvsid=3736950477463667&tmod=1824658010&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.65fr1dddswvm&fsb=1&dtd=471
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C9C8 206 KB
65 KB 91ms
90ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 17:24:55 GMT

GET
H3 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame C8F3 113 KB
38 KB 111ms
111ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3073907470465951617/index.html?e=69&leftOffset=0&topOffset=0&c=dkS7Cy6bQQ&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3073907470465951617/index.html?e=69&leftOffset=0&topOffset=0&c=dkS7Cy6bQQ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 Jan 2024 17:24:55 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame C8F3 118 KB
40 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3073907470465951617/index.html?e=69&leftOffset=0&topOffset=0&c=dkS7Cy6bQQ&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3073907470465951617/index.html?e=69&leftOffset=0&topOffset=0&c=dkS7Cy6bQQ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 04:12:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47542
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Jan 2024 04:12:33 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/ Frame F08B 402 KB
136 KB 125ms
125ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae5be78838b959fc4609bb19ebbce1e3b7b024382d4bf70076fc579e4e80bc2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139623
x-xss-protection: 0
server: cafe
etag: 9563882127622604045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 17:24:55 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 84ED
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBpLP9V3_pk24LVISAkR7Fc&google_cver=1&google_push=AXcoOmSECoV2tWdrx6op9zmPdad3JGYkczV_RabvEojgP2ydRaLUE-5Od1...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSECoV2tWdrx6op9zmPdad3JGYkczV_RabvEojgP2ydRaLUE-5Od12JXMPZZrv35lJ0qYngYANS6MJm6pKyNTj9FE-_cUOtjOQcxC4YmooCNxyDHsNRcDy...

170 B
188 B

59ms
59ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSECoV2tWdrx6op9zmPdad3JGYkczV_RabvEojgP2ydRaLUE-5Od12JXMPZZrv35lJ0qYngYANS6MJm6pKyNTj9FE-_cUOtjOQcxC4YmooCNxyDHsNRcDyDpRZM8UcHMZLqsHx46KQ6LexRXKuTQkmu&google_hm=RWwzj22snwSJ7cz9ntptMw

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmSECoV2tWdrx6op9zmPdad3JGYkczV_RabvEojgP2ydRaLUE-5Od12JXMPZZrv35lJ0qYngYANS6MJm6pKyNTj9FE-_cUOtjOQcxC4YmooCNxyDHsNRcDyDpRZM8UcHMZLqsHx46KQ6LexRXKuTQkmu&google_hm=RWwzj22snwSJ7cz9ntptMw
pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 84ED
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEHpNzq7tR1aCQOqJuFgk1oc&google_cver=1&google_push=AXcoOmSJ7xARPMHFO-2cSqTtiyhxZr8DkPSaoL8TeNCdaswZLe4eN_m010yxZV2TmtayI-pUGdgGqAjrXMIk39Bj...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5jXluOmoQGYlB3PP_3fP2w&google_push=AXcoOmSJ7xARPMHFO-2cSqTtiyhxZr8DkPSaoL8TeNCdaswZLe4eN_m010yxZV2TmtayI-pUGdgGqAjrXMIk39BjdS-mldH2aMBTJ7h...

170 B
188 B

56ms
56ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5jXluOmoQGYlB3PP_3fP2w&google_push=AXcoOmSJ7xARPMHFO-2cSqTtiyhxZr8DkPSaoL8TeNCdaswZLe4eN_m010yxZV2TmtayI-pUGdgGqAjrXMIk39BjdS-mldH2aMBTJ7h9l8wldTdRQk1xsZI0Ry0Wh-Zdt9jzxOLe_23VDX_2DNtCfuPRdLk

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Jan 2024 17:24:55 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5jXluOmoQGYlB3PP_3fP2w&google_push=AXcoOmSJ7xARPMHFO-2cSqTtiyhxZr8DkPSaoL8TeNCdaswZLe4eN_m010yxZV2TmtayI-pUGdgGqAjrXMIk39BjdS-mldH2aMBTJ7h9l8wldTdRQk1xsZI0Ry0Wh-Zdt9jzxOLe_23VDX_2DNtCfuPRdLk
x-host: tde-deliveryengine-production-5db7bf8975-67hg6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 84ED
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELTVjcqFzuf5vwMqRTT79ro&google_cver=1&google_push=AXcoOmTmbkSen2g8Rd27KpGzc-7pFlgUCNabE-V0m7sn2EtNRCHZYfdKt8-21Who0yBiDk0jx7TVeR4f13QXtvWsZUIZs-N...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTmbkSen2g8Rd27KpGzc-7pFlgUCNabE-V0m7sn2EtNRCHZYfdKt8-21Who0yBiDk0jx7TVeR4f13QXtvWsZUIZs-N6VP_lDnFstawF0ULRUZF-A4CiKZxQ2-Ci9nfRI...

170 B
188 B

62ms
61ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTmbkSen2g8Rd27KpGzc-7pFlgUCNabE-V0m7sn2EtNRCHZYfdKt8-21Who0yBiDk0jx7TVeR4f13QXtvWsZUIZs-N6VP_lDnFstawF0ULRUZF-A4CiKZxQ2-Ci9nfRIsix-qAT1POneYegSYKRq5y3&google_hm=eS1BMHl1d3dCRTJwRlNBT1JndGRSdFRJZEhuc3NySGZtNX5B

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Jan 2024 17:24:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTmbkSen2g8Rd27KpGzc-7pFlgUCNabE-V0m7sn2EtNRCHZYfdKt8-21Who0yBiDk0jx7TVeR4f13QXtvWsZUIZs-N6VP_lDnFstawF0ULRUZF-A4CiKZxQ2-Ci9nfRIsix-qAT1POneYegSYKRq5y3&google_hm=eS1BMHl1d3dCRTJwRlNBT1JndGRSdFRJZEhuc3NySGZtNX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 84ED
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMuKJplgIDAR3svX7Dau6Dk&google_cver=1&google_push=AXcoOmRE_XF97Zkp8dpxt5l0HKItsbkqYz-fK8N8f0NEugrhWXepxYp3MpZvYXW28XnXZmRKHvCzu7Vg...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMuKJplgIDAR3svX7Dau6Dk&google_cver=1&google_push=AXcoOmRE_XF97Zkp8dpxt5l0HKItsbkqYz-fK8N8f0NEugrhWXepxYp3MpZvYXW28XnXZmRKHvC...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzAzNDk2OTI4NDE5MzMwNDcwMg&google_push=AXcoOmRE_XF97Zkp8dpxt5l0HKItsbkqYz-fK8N8f0NEugrhWXepxYp3MpZvYXW28XnXZmRKHvCzu7...

170 B
188 B

56ms
56ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzAzNDk2OTI4NDE5MzMwNDcwMg&google_push=AXcoOmRE_XF97Zkp8dpxt5l0HKItsbkqYz-fK8N8f0NEugrhWXepxYp3MpZvYXW28XnXZmRKHvCzu7VgBw_0lZvRWCb6WbkFoef-yhLS-7XtN-agkRmIOFnFQ-8B2ZwuNVIWsj_duZZyrD5ksrDp__1sx9g

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzAzNDk2OTI4NDE5MzMwNDcwMg&google_push=AXcoOmRE_XF97Zkp8dpxt5l0HKItsbkqYz-fK8N8f0NEugrhWXepxYp3MpZvYXW28XnXZmRKHvCzu7VgBw_0lZvRWCb6WbkFoef-yhLS-7XtN-agkRmIOFnFQ-8B2ZwuNVIWsj_duZZyrD5ksrDp__1sx9g
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 84ED
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEA5JFHnZYVDRzs_ckjRLtrE&google_cver=1&google_push=AXcoOmTaFdGf7wSqzI6BaiJbfsy7R_XiGXfkFp6tCAjn6apQla3Z0Vm3ne-k_iWbEY_dvYrQZkI_k913jTyrih5vr...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEA5JFHnZYVDRzs_ckjRLtrE&google_cver=1&google_push=AXcoOmTaFdGf7wSqzI6BaiJbfsy7R_XiGXfkFp6tCAjn6apQla3Z0Vm3ne-k_iWbEY_dvYrQZkI_k913jTyrih5vr...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTaFdGf7wSqzI6BaiJbfsy7R_XiGXfkFp6tCAjn6apQla3Z0Vm3ne-k_iWbEY_dvYrQZkI_k913jTyrih5vrIXGfqdv01w4Esw8UctXdQqlORAO9tS5b8kbRdwDG_6eZ...

170 B
188 B

58ms
58ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTaFdGf7wSqzI6BaiJbfsy7R_XiGXfkFp6tCAjn6apQla3Z0Vm3ne-k_iWbEY_dvYrQZkI_k913jTyrih5vrIXGfqdv01w4Esw8UctXdQqlORAO9tS5b8kbRdwDG_6eZNZSOyZgsZYb9291t789_mQ&google_hm=ICPUsGZHfnjSXUhtQc2vAEnm

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 22 Jan 2024 17:24:55 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTaFdGf7wSqzI6BaiJbfsy7R_XiGXfkFp6tCAjn6apQla3Z0Vm3ne-k_iWbEY_dvYrQZkI_k913jTyrih5vrIXGfqdv01w4Esw8UctXdQqlORAO9tS5b8kbRdwDG_6eZNZSOyZgsZYb9291t789_mQ&google_hm=ICPUsGZHfnjSXUhtQc2vAEnm
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame 84ED 0
235 B 145ms
59ms Image
text/plain 2600:9000:2190:b800:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEL4t98437sMsdDUmj0VrZpU&google_cver=1&google_push=AXcoOmRu1fCGR4_M3b5M88qLje7v0LgzvFhbJQK3ozop1QdFdtE4AvvVP74BZkm9yXTZGBgWl-iDX5GZbpzGLFRs6k_Y_L27QFfFUQMHJzk9THBrTk1ycrpmwF4nLClSsSxkaoqY2h11OVvA6Rbnk8InsE49
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046727&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294179&bpp=253&bdt=263&idt=586&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080443%2C31080591%2C44809004%2C31080504%2C95321963%2C95320890%2C95321627%2C95322165%2C95322325&oid=2&pvsid=798554487245127&tmod=1786190092&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.84ackw6m3jqq&fsb=1&dtd=591
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:b800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
cache-control: no-cache, must-revalidate
via: 1.1 449f2b51e83bf8ba5fa5e65ce60bc276.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 0jbX8VDJ0TDLW7wcdgU-M5Y53V4T9L_eaimWbTilLYzr4bfcy3GtaQ==
x-cache: Miss from cloudfront

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 84ED 0
45 B 215ms
40ms Image
text/plain 178.32.210.231
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFJw6WK52--GMQOXhD88m0M&google_cver=1&google_push=AXcoOmRyAQSjsChQosR_6HeZjHGoef8UdEIjGWPQ7XOE39Pn6gsu-0QW_zJZwhBJA2_XjZfEdkM9-K8QJUty6GDDiIMoXbhm9iGecfeNwO5i3jfZUs_2Z_9k5Y-oESDtHwXjZqXVbnvGpfmqeBarl-qoud3j
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046727&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294179&bpp=253&bdt=263&idt=586&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080443%2C31080591%2C44809004%2C31080504%2C95321963%2C95320890%2C95321627%2C95322165%2C95322325&oid=2&pvsid=798554487245127&tmod=1786190092&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.84ackw6m3jqq&fsb=1&dtd=591
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.32.210.231 , France, ASN16276 (OVH, FR),
Reverse DNS: ip231.ip-178-32-210.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 84ED 0
12 B 64ms
64ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KWobvidY2cLI4dOGig4zVykvh7YMcx_LUxd5uF3JEcu-2gJi6z8lUTErlr5p0a0kfT3FRF

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7634
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEKQTrt8oT-lvbn_uswhF0BA&google_cver=1&google_push=AXcoOmS6AxDGRhfnM_mpTcNIH7_16ch_gVDJ2rbiRKYWTb1cBMxtm-vZJj4K2SsY-UuRxdHJtzPDvbxBLcBevfDwd28ubv_6yBvpHX...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=525F9BAA7F7C47598A032459F522CF59&google_push=AXcoOmS6AxDGRhfnM_mpTcNIH7_16ch_gVDJ2rbiRKYWTb1cBMxtm-vZJj4K2SsY-UuRxdHJtzPDvbxBLcBevfD...

170 B
188 B

56ms
56ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=525F9BAA7F7C47598A032459F522CF59&google_push=AXcoOmS6AxDGRhfnM_mpTcNIH7_16ch_gVDJ2rbiRKYWTb1cBMxtm-vZJj4K2SsY-UuRxdHJtzPDvbxBLcBevfDwd28ubv_6yBvpHXVJMMclvoJLpG6Go33u55r-q6lznaHw2qb4PdjJ0iLdkk0T-_rmO_6A

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Jan 2024 17:24:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=525F9BAA7F7C47598A032459F522CF59&google_push=AXcoOmS6AxDGRhfnM_mpTcNIH7_16ch_gVDJ2rbiRKYWTb1cBMxtm-vZJj4K2SsY-UuRxdHJtzPDvbxBLcBevfDwd28ubv_6yBvpHXVJMMclvoJLpG6Go33u55r-q6lznaHw2qb4PdjJ0iLdkk0T-_rmO_6A
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 21 Jan 2024 17:24:55 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7634
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELTVjcqFzuf5vwMqRTT79ro&google_cver=1&google_push=AXcoOmSYUtB-Ew2c0hd9tQTM7sarOdSQuO39w_Bl0OTqTBDC-F3C9U_LLQJzVQtsRVVL2Hgl8vLkYZ72zYqI_9Y43Sb_nmi...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSYUtB-Ew2c0hd9tQTM7sarOdSQuO39w_Bl0OTqTBDC-F3C9U_LLQJzVQtsRVVL2Hgl8vLkYZ72zYqI_9Y43Sb_nmi9O4-og4ukbDmey5miHyuXDh2yHIbQfL_7Fppdi...

170 B
188 B

61ms
61ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSYUtB-Ew2c0hd9tQTM7sarOdSQuO39w_Bl0OTqTBDC-F3C9U_LLQJzVQtsRVVL2Hgl8vLkYZ72zYqI_9Y43Sb_nmi9O4-og4ukbDmey5miHyuXDh2yHIbQfL_7FppdiIrGtUXqdEy7WIsa_qJaw5S_&google_hm=eS1mMW9Ca2NSRTJwRXRFc2dYWHpRcG05cHA0Y2tBZ1NSMn5B

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Jan 2024 17:24:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSYUtB-Ew2c0hd9tQTM7sarOdSQuO39w_Bl0OTqTBDC-F3C9U_LLQJzVQtsRVVL2Hgl8vLkYZ72zYqI_9Y43Sb_nmi9O4-og4ukbDmey5miHyuXDh2yHIbQfL_7FppdiIrGtUXqdEy7WIsa_qJaw5S_&google_hm=eS1mMW9Ca2NSRTJwRXRFc2dYWHpRcG05cHA0Y2tBZ1NSMn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7634
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMuKJplgIDAR3svX7Dau6Dk&google_cver=1&google_push=AXcoOmT93hB06-6KfnY8aKDMvj9A8pBEV2SgHSJNwq8mNnAKV3iuHjMAtqPdFkWiYEF8t-6FaD7c2F0p...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMuKJplgIDAR3svX7Dau6Dk&google_cver=1&google_push=AXcoOmT93hB06-6KfnY8aKDMvj9A8pBEV2SgHSJNwq8mNnAKV3iuHjMAtqPdFkWiYEF8t-6FaD7...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTcyNzQ4MjczNjk4NjYyMjU4OQ&google_push=AXcoOmT93hB06-6KfnY8aKDMvj9A8pBEV2SgHSJNwq8mNnAKV3iuHjMAtqPdFkWiYEF8t-6FaD7c2F...

170 B
188 B

58ms
57ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTcyNzQ4MjczNjk4NjYyMjU4OQ&google_push=AXcoOmT93hB06-6KfnY8aKDMvj9A8pBEV2SgHSJNwq8mNnAKV3iuHjMAtqPdFkWiYEF8t-6FaD7c2F0pypHQSYKuVVSN_a9LhZZBrL2Xx22cmtTtuDpm1norWkvhkHsnNRSn2bsjcsblg_vAbXDZZjUhr9jO

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTcyNzQ4MjczNjk4NjYyMjU4OQ&google_push=AXcoOmT93hB06-6KfnY8aKDMvj9A8pBEV2SgHSJNwq8mNnAKV3iuHjMAtqPdFkWiYEF8t-6FaD7c2F0pypHQSYKuVVSN_a9LhZZBrL2Xx22cmtTtuDpm1norWkvhkHsnNRSn2bsjcsblg_vAbXDZZjUhr9jO
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7634
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOr2ik-KfuQ3KKPGc6XLn8s&google_cver=1&google_push=AXcoOmTMIW1tUp-PoDfco5uesKPBfITy3x5Hf9nYE0vZmrG2pTn-JmVrd4kmKFL6UJrTr-1e9jF...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJQNzZRUFQtMVktSkxMQQ==&google_push=AXcoOmTMIW1tUp-PoDfco5uesKPBfITy3x5Hf9nYE0vZmrG2pTn-JmVrd4kmKFL6UJrTr-1e9jFlQk0q814Ti5buZoMM1iB0m_RE7...

170 B
188 B

63ms
63ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJQNzZRUFQtMVktSkxMQQ==&google_push=AXcoOmTMIW1tUp-PoDfco5uesKPBfITy3x5Hf9nYE0vZmrG2pTn-JmVrd4kmKFL6UJrTr-1e9jFlQk0q814Ti5buZoMM1iB0m_RE7eoQRg1KYm3EHeQGH_Mroo2jSbL3KXKu1O-4yPA-K3B1HnXVXQvjsCc

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJQNzZRUFQtMVktSkxMQQ==&google_push=AXcoOmTMIW1tUp-PoDfco5uesKPBfITy3x5Hf9nYE0vZmrG2pTn-JmVrd4kmKFL6UJrTr-1e9jFlQk0q814Ti5buZoMM1iB0m_RE7eoQRg1KYm3EHeQGH_Mroo2jSbL3KXKu1O-4yPA-K3B1HnXVXQvjsCc
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ef823186f233724f4775c0c4b9549d14
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7634
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEA5JFHnZYVDRzs_ckjRLtrE&google_cver=1&google_push=AXcoOmT5B3tBXdkql8UjUtyQXypTFmBJwlvJ5YtPz1IBxZ731FrsHb5PqieeQe-abKCL4o9Pf9yoMmSFPAo9gjlt2...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEA5JFHnZYVDRzs_ckjRLtrE&google_cver=1&google_push=AXcoOmT5B3tBXdkql8UjUtyQXypTFmBJwlvJ5YtPz1IBxZ731FrsHb5PqieeQe-abKCL4o9Pf9yoMmSFPAo9gjlt2...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmT5B3tBXdkql8UjUtyQXypTFmBJwlvJ5YtPz1IBxZ731FrsHb5PqieeQe-abKCL4o9Pf9yoMmSFPAo9gjlt2P_IxsIiHY7HTxBPUGukreyy6oz0s-dY8z5CmkbIB8WBe...

170 B
188 B

56ms
56ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmT5B3tBXdkql8UjUtyQXypTFmBJwlvJ5YtPz1IBxZ731FrsHb5PqieeQe-abKCL4o9Pf9yoMmSFPAo9gjlt2P_IxsIiHY7HTxBPUGukreyy6oz0s-dY8z5CmkbIB8WBe67OycN8ILyZNYqmQt4gxE04&google_hm=ICPUsGZHfnjSXUhtQc2vAEnm

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 22 Jan 2024 17:24:55 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmT5B3tBXdkql8UjUtyQXypTFmBJwlvJ5YtPz1IBxZ731FrsHb5PqieeQe-abKCL4o9Pf9yoMmSFPAo9gjlt2P_IxsIiHY7HTxBPUGukreyy6oz0s-dY8z5CmkbIB8WBe67OycN8ILyZNYqmQt4gxE04&google_hm=ICPUsGZHfnjSXUhtQc2vAEnm
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame 7634 0
238 B 125ms
52ms Image
text/plain 2600:9000:2190:b800:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEL4t98437sMsdDUmj0VrZpU&google_cver=1&google_push=AXcoOmSCnhWfVw5QolVw3r-JAVRfi1h_MgGB53ulpvCXxrlrGK_iumuky-GJJ3_6b-R0qqnEQEmBQFUd27FBebLMlO3nUQTjHPAbSIDFPfQESc3b_BdpsSRzcb1pLrhX5IvhCRtzc4rliZrEfTBmlObvEaOJ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=228266070&adf=3173046730&pi=t.ma~as.3654094576&w=970&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294278&bpp=188&bdt=370&idt=465&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=0&ifk=45754261&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080533%2C44809530%2C95322182%2C95320889%2C95321627%2C95322164%2C31080557&oid=2&pvsid=3736950477463667&tmod=1824658010&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.65fr1dddswvm&fsb=1&dtd=471
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:b800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
cache-control: no-cache, must-revalidate
via: 1.1 449f2b51e83bf8ba5fa5e65ce60bc276.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: TgUV0cSLodPNWSypZ20jI3Zm_bqUVa3SzN-GLevlNOrAAPm1PKpQVQ==
x-cache: Miss from cloudfront

GET
H2 200 ebda
match.360yield.com/match/ Frame 7634 43 B
199 B 174ms
48ms Image
image/gif 34.255.141.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESELXEEgIZAHBXZGI_60YOiT0&google_cver=1&google_push=AXcoOmSdXtY3-oX5Cu1NvOeTH6hLwNCIVK5KvS14B6x9x7ZS6Li2ZURbIH7fqOGGbGQU9PUENI7jCpoKlwNqmBPNemNR0X2eL2z6muu3vqr28MeFqSIIpDRUKOGCdmkkuyF8cu3NNTBqGNs3d1CvtySgxz_E
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=228266070&adf=3173046730&pi=t.ma~as.3654094576&w=970&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294278&bpp=188&bdt=370&idt=465&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=0&ifk=45754261&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080533%2C44809530%2C95322182%2C95320889%2C95321627%2C95322164%2C31080557&oid=2&pvsid=3736950477463667&tmod=1824658010&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.65fr1dddswvm&fsb=1&dtd=471
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.255.141.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-141-62.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 22 Jan 2024 17:24:55 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7634 0
12 B 53ms
53ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lodzf1J74agp8PQaw_i3eQXeQErLGh0RDYOLfjN7FPxcWvpUE_esQm9fInH46KQRdlqjRW

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame C9C8 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56f7c2192cfe88054e45b9e96a3a2a7e223cb152dd860c927a1da9a587c516b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 801C 2 KB
1 KB 31ms
30ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Za6k5gANOK0GdhVPAAGxSshV6gLGAewU0puOWA&u=%7CKD4fj3fCKrovanf%2FSaPdi%2FYCOBlyoPOEGGFgIgYW0mo%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZejSh2I_Z98Df6ZxgfN0MfsbFbpogtsw4cc9fkRv0l-LqqcsUBwxbAAHWhEQHHWYknVLReovlKoJzN0kHz2v5aOH4o3clkjTaZOH3gfdh-Agc7IPrlhiXB6_-y6CNPYhiaTE-_AxCrv7deyxxyOuscnc3_ddZ-aCUHU1_XGIVLsfYaxhOOj5vlPTqFtK9K9VXVaD_3uagSG3sev49QzUPH2Dnga2PKGtT60At2eZeNTVZnBho8KLprTo4fglaKvqgvWDnA1xDGmNa09AW3tPKjsDTEWD3gM-eNTd-RGgcBDRODbQPjfSI7YRCBGK2RF9gLqs-dUCjERjpmA2LHcAWTf6nKwCmmOtMDfZf0Ftodep-fKUzvPWiW98qughkaMk8dr9Js28aKfhdcBOuc5K9gNEul_6AUd_ZLxbZ2iRaQf6cCV6HGET-vU_JYmdWc01X0Y3S7u9Wagi7gh8g0PdlfLka5hdlMuRYntKsSUR4yduBlmhDxDNsSadJ0Pqi8G4cXLheizD9h8xZvAEx2v0NCRQkNKVG28hCRJ60J061HTIyYkYid1JCa2WfxDirDfhhUtdp74O0rl6kerNDvDiBLOc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDJDO5qSuZa3xNM-q2OMPyuKG8A_JntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpArTNAzOYRbI-qAMByAMCqgTMAU_QIg4ETKDbuAH2kRWbvvtXQuPjwXQify7RtfvmkTIGd703m4NfqYyBZ0stTMLezv8VlCwokf7LTaShsQUxHDc4UXIqdJ0uXfKOplv__6tj_9Ldp3TMVWcGna2WBDtsqqwMVpp5jJRPGd76nS2RYp6HwgB_pb7aObQkpTADbGSHxG7uYyWPkMDa8_ZxOk4j3k19FabeUdmhej_bxO0mf5KEUiZr8h28E7W5uuJ2NXe6xTPLbxMi01vbX11DLL5zO1SWmWndLrTnuFAKL4AG0syh34OO9-_qAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5h8rdwfGDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0pOD_Z74mOBxoAqhUYtHvfzxc2Ew%26client%3Dca-pub-5884294479391638%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 16 Jan 2025 17:24:55 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 801C 2 KB
1 KB 34ms
33ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 16 Jan 2025 17:24:55 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 801C 308 B
636 B 32ms
31ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 16 Jan 2025 17:24:55 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 801C 293 B
621 B 33ms
32ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 16 Jan 2025 17:24:55 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 801C 43 B
347 B 35ms
34ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=zKhfdTF4dLDEmu9qR04sQQdWv78Lja9kYb5YtV3gOJ_lLstBthoCxmNQgqb7ZzFWTmr0abZtdVgrdYhOKHjQLxHIInU3t6QXJel3Z5RKGX2iwgD1baGddN7lKD9trawec3cSzwC-sPCox2lm7x3U630MbXZaJahmC_q-s45wQNYPbQlkBhHKFmoT0ZHTehs6RqtSO0aer86Vl1tdqCIPLLh8qAEZ70UwhtYP41Nu2hXEIqsL3wt2sWHm_Y1bYYWY4iDxb8bNDFam6ML6aPELKa9Ca84juPiuMgntsv7bwd5-EE9euotso6ox71eOrDAmo5xmVsZKJk6KzyQYQN-WoyxGgKMZ7DbCW1BlGsuFQhyQ-GPg8l7Kn1NW35_m4tBza6p-t1fbuy9c6JWVQpBQLDanVvxRx9gJFSTVwkuLk29UT2hI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1701655
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F78E 1 KB
647 B 56ms
55ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29485
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Tue, 23 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D4D9 0
19 B 95ms
95ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CAZHt5qSuZaafM_Khn88PgLy3iAm6iLSPXJzX7u6pCMCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqAMByAMCqgTJAU_QHq2n1Zlbwsf11JWjd9i3AwB7Ff7BdU6abQu4usVYJRYGaHBEsrYjQtM-Pzei2kXfp00ST1B82t9FgA7zbLhOZRRKhW0_HbqQ-iVSo0OI35DM6s5d8HU5rS3XPF-MVN5iGPpbBDCsc6Gt-ArXYLRZ2cXC3YIOpsG41ybnnAmsN0tVKTUXUpnLQg3WwggsJKvFlzmAplR3IF1-ECBNsnH9B9gkDWXAFHM0McY5gHBktk7rUQlQr7gwPhWy5yJXge2C177JFRsS3oAG2Ym-_byHk6sFoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WKizyN3B8YMDgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU4ODQyOTQ0NzkzOTE2MzgYmdIh&sigh=cdpgo4JbilI&uach_m=%5BUACH%5D&cid=CAQSKQAvHhf_A43Gxa2q3gQYM5ZsxyPij_nRgQY1ee_FZGeitpcNCQoqcpunGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294143&bpp=250&bdt=235&idt=573&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C31080334%2C44809004%2C31080504%2C95320890%2C95321626%2C95321966%2C95322166%2C95322319%2C95322326%2C21065725&oid=2&pvsid=2422972194057826&tmod=1061803649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.dok9qfjvd2b5&fsb=1&dtd=579
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 22 Jan 2024 17:24:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200 a.gif
i.w55c.net/ Frame D4D9 42 B
582 B 134ms
28ms Image
image/gif 3.76.149.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.w55c.net/a.gif?t=0&rtbhost=conf01-europe-west1.rtb.roku.com&rts=1&btid=NzlCMUI2NUJENUQyQTE1OEZDQUVDQTZBMTNDRjA1REZ8R0ZOUjh2UHUxcnwxNzA1OTQ0Mjk0OTYxfDF8WG1KVFAyNDVlMHxYUkFZYmQxTWdVfDM0NjkwODc2M19FWHwyNTcxNHx8fHwuMFB8VVNE&ei=GOOGLE&wp_exchange=Za6k5gAMz6YD59DyAA3eADtg2Q4prWFr13KELg&ac=WFMwUE56aXZTMTpYU1pHTkNKTWpzfDB8MHxFVVI7&psid=NTkzOTA4MTEyNTc&js=0&ob=0&ccw=SUFCMSMwLjQxMzUyMjg0fElBQjE5IzAuMTYyOTAzNTV8SUFCMTktMTcjMC4xNjI5MDM1NXxJQUI5LTI4IzAuMTYyOTAzNTV8SUFCMS01IzAuMTYyOTAzNTV8SUFCOSMwLjE2MjkwMzU1&ci=Xm5m1vekkx&fiu=WG1KVFAyNDVlMA&fid=XmJTP245e0&sd=xgcartoon.com&s=https%3A%2F%2Fwww.xgcartoon.com&ts=1705944294964&dvdp=i.w55c.net/dv.jpg&ai=0DaDXCcU00&c=DE&r=G-BE&rnd=1553481679790224&epid=R0wxMDA5Ng&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=NzI4NWEyMmNjZmE2NGM1Y2JmMzBmYzExNmQzNGFhNGU&dm=MU0xd3l4WkxMdg&l=emh8fA&ri=2rxtlU&cip=1&alg=TGcwMDA4&v=2&euid=Q0FFU0VCdHhBLUQzcDZiZGdMSWh6WERlTjNz&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=RXVyb3BlL0Jlcmxpbg&sg=pztsIfsELbc7qwIRKzNqkw&buid=Xdb4DXiaK1Q&dv=MUxWSXJn&dip=0.0.0.0&az=europe-west1-c&hmdp=i.w55c.net/h.gif&hmtiu=9484611643830741015000&uidu=CAESEBtxA-D3p6bdgLIhzXDeN3s&spidu=GOOGLE&pidu=10096&hmpvu=be53bdf2-3adc-4150-93f8-ed237510a287&hmtsu=3&odtu=2&mtfu=1&crdmu=300x50&cridu=XRAYbd1MgU&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif&cbvp=2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.76.149.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-76-149-124.eu-central-1.compute.amazonaws.com

Software

PixelTracking/v2.0.30-799-g9c6cd74#rel-ec2-master i-05a941aeab12055fa@eu-central-1b@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Jan 2024 17:24:54 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PixelTracking/v2.0.30-799-g9c6cd74#rel-ec2-master i-05a941aeab12055fa@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 801C 12 KB
6 KB 33ms
32ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 16 Jan 2025 17:24:55 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 801C 7 KB
7 KB 38ms
31ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

57c6f297f2dc5f2a32d51a397d7faeb827891d8747ab595895560f4dcedb6344

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 6756
expires: Thu, 16 Jan 2025 09:07:07 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 801C 5 KB
5 KB 43ms
36ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100829&q=80&r=0&u=https%3A%2F%2Fwww.geekom.de%2Fwp-content%2Fuploads%2F2023%2F09%2F1.webp&v=3&w=400&rid=4&s=AXw73D4OAubc6pph5F5wgIpi&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c2cad61fe2e4155f3d2f862e29bb1c0a305c4ed49ca98a78bc082debc08a5a52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=3600
timing-allow-origin: *
content-length: 5066
expires: Mon, 22 Jan 2024 17:25:17 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 801C 6 KB
6 KB 39ms
33ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08b9636b6775125253e8c852c70e1e86af7d3f18472e95ebcbd5213cf5da7a13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=3600
timing-allow-origin: *
content-length: 6114
expires: Mon, 22 Jan 2024 18:18:09 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 801C 8 KB
8 KB 41ms
34ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7784163841e1391b845e917919d600f7ad2512057fa76c890f16cc5848858b96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=3600
timing-allow-origin: *
content-length: 8136
expires: Mon, 22 Jan 2024 18:06:21 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 801C 8 KB
8 KB 44ms
37ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

675b94eee8eaa34c60168c5a9260bc17f659ed4a889117242b4a2c9b7802a9fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=3600
timing-allow-origin: *
content-length: 8152
expires: Mon, 22 Jan 2024 18:07:09 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 801C 0
127 B 33ms
30ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=JsWOkl17BwXBtuHN2yC38OsubZ_d6_Z0zn4Vv-6-SrAb3i9QxRvUs06QAcF6PTo0hG4WbO3C0cN05CG9hSCzC3y9i4EXni8NFhWct1ejiC5NH_vxq6TxZy-etS6BZ12M7lDlzB23DsXgQ83OMuABhDjBbpPHplUxmJoFOshgD4w544U1t-lbgdbHDHtcBeTT3M3dxqaGibESexRVFLW3L1x_K__Cqc-CAYxRhEDHpoVxRqWLbBpp4TGZv14&sds=2&rev=90272.1&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 22 Jan 2024 17:24:54 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 801C 2 KB
1 KB 34ms
31ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 16 Jan 2025 17:24:55 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 801C 2 KB
1 KB 34ms
32ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 16 Jan 2025 17:24:55 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 4EA0 115 KB
14 KB 45ms
44ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jse48w4jcg4dfs1ehbt07883vwzr5b2n0mt0s50mrexkqz963tt5caj4frm5ey8dscknktyve08a8hbxpjwyw8kg2h1bxj2t4szqrf4fwq1rpmay1prsm2296v7y4f50rxqmjptpqxfc0c493ygdjy6rqqe4n61cm4r5pnh6zhmxw6pf3eqeyfw14e9pgjdbhx9kezp2pw07aaqvbm0tsmexrsh18c9ns5vp3bandpqxmbm3ea51ynyytz9g9w538bpd6nkefqg3dmn9r0dq7p159fwdc6m19zd83bkayd03vbstfsz9pfzekb134g5vak83rb2zdbpybspvam84n55yjp07sb5hqfhp3wvnetsxaqnhqrk5ha2n7vwzf7rm3r9hjvp31pyhtvch9vzgqhhdntny60pek9g9yq1tdpcf3mmvwcz9d82h9v2b3t0jtrn2922g4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy3H95qSuZeaHNp7sn88P_vSL-AuQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEzAFP0FfU1Xh-RLhb93SFEgyWuRhk06kvnDHHQ5bHTne0qheFxAwPDwf6ouBhH8rHGG3XJFGelrZD8Vv8or3PbZ0g2Pvob40qa8hAnl9r7f_LIfTfuGPc1zw1u2O4WfI0XSMDqjrU_s8Mxe53yXobj3hDkyagqx-TCApuaG-05sHYS-0T8KoaXQ2b4L_9FXtkH3elcEYBd6syL-0rjbrMRCiDiwlBlo-vQPgBxEgnG9qq22gfQrObPgxt2aTf_TZzsNH38RQrklZI2JfLl4qABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliarMvdwfGDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Yz3mf4LaAWe-ukvWeiU62pyuBGA%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1jse48w4jcg4dfs1ehbt07883vwzr5b2n0mt0s50mrexkqz963tt5caj4frm5ey8dscknktyve08a8hbxpjwyw8kg2h1bxj2t4szqrf4fwq1rpmay1prsm2296v7y4f50rxqmjptpqxfc0c493ygdjy6rqqe4n61cm4r5pnh6zhmxw6pf3eqeyfw14e9pgjdbhx9kezp2pw07aaqvbm0tsmexrsh18c9ns5vp3bandpqxmbm3ea51ynyytz9g9w538bpd6nkefqg3dmn9r0dq7p159fwdc6m19zd83bkayd03vbstfsz9pfzekb134g5vak83rb2zdbpybspvam84n55yjp07sb5hqfhp3wvnetsxaqnhqrk5ha2n7vwzf7rm3r9hjvp31pyhtvch9vzgqhhdntny60pek9g9yq1tdpcf3mmvwcz9d82h9v2b3t0jtrn2922g4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy3H95qSuZeaHNp7sn88P_vSL-AuQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEzAFP0FfU1Xh-RLhb93SFEgyWuRhk06kvnDHHQ5bHTne0qheFxAwPDwf6ouBhH8rHGG3XJFGelrZD8Vv8or3PbZ0g2Pvob40qa8hAnl9r7f_LIfTfuGPc1zw1u2O4WfI0XSMDqjrU_s8Mxe53yXobj3hDkyagqx-TCApuaG-05sHYS-0T8KoaXQ2b4L_9FXtkH3elcEYBd6syL-0rjbrMRCiDiwlBlo-vQPgBxEgnG9qq22gfQrObPgxt2aTf_TZzsNH38RQrklZI2JfLl4qABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliarMvdwfGDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Yz3mf4LaAWe-ukvWeiU62pyuBGA%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 728610
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pQIPbM8arh8TD%2B%2Fwz6m%2FxK7F1f4TbGs2YE0YmMKvy3qNvKHRC0a8mzvXOOAwpHg79Kic4sUROyBPsQo8WWmjol6BHCcOUSX9Dq4AKra8B5SSkSHJrZrPRpJJxoKr7V5EqhwFmWPBzY4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 84997e465c853aa3-FRA
expires: Tue, 23 Jan 2024 17:24:55 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 4EA0 24 KB
10 KB 51ms
42ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jse48w4jcg4dfs1ehbt07883vwzr5b2n0mt0s50mrexkqz963tt5caj4frm5ey8dscknktyve08a8hbxpjwyw8kg2h1bxj2t4szqrf4fwq1rpmay1prsm2296v7y4f50rxqmjptpqxfc0c493ygdjy6rqqe4n61cm4r5pnh6zhmxw6pf3eqeyfw14e9pgjdbhx9kezp2pw07aaqvbm0tsmexrsh18c9ns5vp3bandpqxmbm3ea51ynyytz9g9w538bpd6nkefqg3dmn9r0dq7p159fwdc6m19zd83bkayd03vbstfsz9pfzekb134g5vak83rb2zdbpybspvam84n55yjp07sb5hqfhp3wvnetsxaqnhqrk5ha2n7vwzf7rm3r9hjvp31pyhtvch9vzgqhhdntny60pek9g9yq1tdpcf3mmvwcz9d82h9v2b3t0jtrn2922g4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy3H95qSuZeaHNp7sn88P_vSL-AuQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEzAFP0FfU1Xh-RLhb93SFEgyWuRhk06kvnDHHQ5bHTne0qheFxAwPDwf6ouBhH8rHGG3XJFGelrZD8Vv8or3PbZ0g2Pvob40qa8hAnl9r7f_LIfTfuGPc1zw1u2O4WfI0XSMDqjrU_s8Mxe53yXobj3hDkyagqx-TCApuaG-05sHYS-0T8KoaXQ2b4L_9FXtkH3elcEYBd6syL-0rjbrMRCiDiwlBlo-vQPgBxEgnG9qq22gfQrObPgxt2aTf_TZzsNH38RQrklZI2JfLl4qABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliarMvdwfGDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Yz3mf4LaAWe-ukvWeiU62pyuBGA%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 06:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 558238
etag: W/"ea6b8b5621410c697cbfca30307bc4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z5kSRL4vBMnAa0f0Qh1wACiw5mfDiLy5zf8G2Tu%2B6MvYwGrvJJKqAA5heeZHpN04ClSglEBJUdmZH3q5gvvp3Lr%2BDVD5dGwh96esa3r7jWKlpXQYFLDk4ZvQc64AVVDXHF9tH%2Bc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 84997e466c933aa3-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 16 Jan 2024 06:20:57 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame F78E
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEH1pL-GeBpjRGnGQ1EQR_yA&google_cver=1&google_push=AXcoOmTvnru0pZehmsNJa1ZfbknS2afaOS9-BVVUUpI7ed2wl25kZgV0vESazv2FK3497QeVoGJl1UPFJ-5aYMS70kYKEZwIFP7d5...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzE3MDA0MTM3NjAyMjM0ODY0Ng==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEH1pL-GeBpjRGnGQ1EQR_yA&google_cver=1

43 B
398 B

82ms
33ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEH1pL-GeBpjRGnGQ1EQR_yA&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 22 Jan 2024 17:24:54 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEH1pL-GeBpjRGnGQ1EQR_yA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F78E
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEKQTrt8oT-lvbn_uswhF0BA&google_cver=1&google_push=AXcoOmRc1Mgijp7ANxT8ijBMvJT2oYcGAzMOXFMPERHGbsXCPAVBqFY_M8_EHNvEM9exBEIvfGo0hk3J9_4YSpzCAAso_54tnmSZj_...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DAC58519139E48E396CCEA28229A73B9&google_push=AXcoOmRc1Mgijp7ANxT8ijBMvJT2oYcGAzMOXFMPERHGbsXCPAVBqFY_M8_EHNvEM9exBEIvfGo0hk3J9_4YSpz...

170 B
188 B

55ms
55ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DAC58519139E48E396CCEA28229A73B9&google_push=AXcoOmRc1Mgijp7ANxT8ijBMvJT2oYcGAzMOXFMPERHGbsXCPAVBqFY_M8_EHNvEM9exBEIvfGo0hk3J9_4YSpzCAAso_54tnmSZj_iT5-tKqjTRq2R_stAujHe69cn4im__iZptSYfWAqhV8mrqN8yLNWE

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Jan 2024 17:24:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DAC58519139E48E396CCEA28229A73B9&google_push=AXcoOmRc1Mgijp7ANxT8ijBMvJT2oYcGAzMOXFMPERHGbsXCPAVBqFY_M8_EHNvEM9exBEIvfGo0hk3J9_4YSpzCAAso_54tnmSZj_iT5-tKqjTRq2R_stAujHe69cn4im__iZptSYfWAqhV8mrqN8yLNWE
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 21 Jan 2024 17:24:55 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame F78E 70 B
149 B 144ms
46ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDvLJCw127d9IhI5mIxnzVk&google_cver=1&google_push=AXcoOmTv7ziKj3UhTajXIbuiLYOLOkC9q2iTp0JVnnmQjlxc1Nkq0IuLeN6AfbFl8IsNsDOXIoP1ZCSKGIdcQNA4gczESPPF0c3VK1VhjkUuaOCHNIBEgzRSsoGxc_I-8EYQPVrOZ6UxISEB48Sz9ZLKLVK8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294143&bpp=250&bdt=235&idt=573&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C31080334%2C44809004%2C31080504%2C95320890%2C95321626%2C95321966%2C95322166%2C95322319%2C95322326%2C21065725&oid=2&pvsid=2422972194057826&tmod=1061803649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.dok9qfjvd2b5&fsb=1&dtd=579
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame F78E 43 B
235 B 131ms
33ms Image
image/gif 35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDGh4oL2NpiTrh7Uv75OvPk&google_cver=1&google_push=AXcoOmQbiuh7MvTMhMEtJn9MJuy-1JDeEpJ2AOPkBs5PASdRV4HoLW-18YesWSBvjIyfbUOYN2SL_FYImXp9b0MT08lUmD5kaqVDmq0IywZZdaPozdWWWLjXyq4QksZHck41k9SQ2_8e06A9Rp0MIoNmy2rZ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294143&bpp=250&bdt=235&idt=573&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C31080334%2C44809004%2C31080504%2C95320890%2C95321626%2C95321966%2C95322166%2C95322319%2C95322326%2C21065725&oid=2&pvsid=2422972194057826&tmod=1061803649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.dok9qfjvd2b5&fsb=1&dtd=579
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 17:24:55 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 dds
rtb.openx.net/sync/ Frame F78E 43 B
236 B 122ms
37ms Image
image/gif 35.227.252.103
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEH4BgUogcviNaxiIAzXPAvE&google_cver=1&google_push=AXcoOmTmuMIwoUN2DctpdiUabA20LZ6KmLWo6Eui7b1PE32ePnjYfPoEtadYcqwklULezDNWLMwOJ2S3zbZO7J-sxBYI5z34Jt9S7HolN_UVyhdGDIOZMWlyfhvZRHBPbC7PppHY6LeNLi8uRJQRrMkWlFW8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=3704560264&adf=3173046731&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294143&bpp=250&bdt=235&idt=573&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C31080334%2C44809004%2C31080504%2C95320890%2C95321626%2C95321966%2C95322166%2C95322319%2C95322326%2C21065725&oid=2&pvsid=2422972194057826&tmod=1061803649&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.dok9qfjvd2b5&fsb=1&dtd=579
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F78E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOr2ik-KfuQ3KKPGc6XLn8s&google_cver=1&google_push=AXcoOmSwzicmYbs5AkUxwuUggf1m0RO-E7O9XjTnH3pxS8lf03DW2hjOYkQ8DlugpFnAYQx0cab...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJQNzZRUzYtVS1aOUY=&google_push=AXcoOmSwzicmYbs5AkUxwuUggf1m0RO-E7O9XjTnH3pxS8lf03DW2hjOYkQ8DlugpFnAYQx0cabG-17kThljAQdsRkqd2XD0YDsi5nVbb...

170 B
188 B

55ms
55ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJQNzZRUzYtVS1aOUY=&google_push=AXcoOmSwzicmYbs5AkUxwuUggf1m0RO-E7O9XjTnH3pxS8lf03DW2hjOYkQ8DlugpFnAYQx0cabG-17kThljAQdsRkqd2XD0YDsi5nVbbWXmUVdmxeh7qebD2gcjoqPP_k_sSNGuWwzd0ShWPo7MFqROZHbc

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJQNzZRUzYtVS1aOUY=&google_push=AXcoOmSwzicmYbs5AkUxwuUggf1m0RO-E7O9XjTnH3pxS8lf03DW2hjOYkQ8DlugpFnAYQx0cabG-17kThljAQdsRkqd2XD0YDsi5nVbbWXmUVdmxeh7qebD2gcjoqPP_k_sSNGuWwzd0ShWPo7MFqROZHbc
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ef823186f233724f4775c0c4b9549d14
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F78E
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEDie4GL3WDyBi0zOKwEtRFw&google_cver=1&google_push=AXcoOmSv6FCPMkk4n...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODM4MDU5ODQ1NzIxOTkzMzI2NA%3D%3D&google_gid=CAESEDie4GL3WDyBi0zOKwEtRFw&google_cver=1&google_push=AXcoOmSv6FCPMkk4nVwzc4aj3mA-LFk3pe...

170 B
188 B

56ms
56ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODM4MDU5ODQ1NzIxOTkzMzI2NA%3D%3D&google_gid=CAESEDie4GL3WDyBi0zOKwEtRFw&google_cver=1&google_push=AXcoOmSv6FCPMkk4nVwzc4aj3mA-LFk3pew6zr9os1ddb0rVX55Q6-tGxoFCZ442Md-SVAHvVgn1GkSvTtCTpEzP9nNisBayxygiFdjCgvgLQ6ZBg9Nz6qAFBPK7zKErcHYSGLO3b-_5t81nJdDRnnou7RjGvw

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
an-x-request-uuid: 3848899f-e67d-4fb3-b4c0-95481e0c74b9
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODM4MDU5ODQ1NzIxOTkzMzI2NA%3D%3D&google_gid=CAESEDie4GL3WDyBi0zOKwEtRFw&google_cver=1&google_push=AXcoOmSv6FCPMkk4nVwzc4aj3mA-LFk3pew6zr9os1ddb0rVX55Q6-tGxoFCZ442Md-SVAHvVgn1GkSvTtCTpEzP9nNisBayxygiFdjCgvgLQ6ZBg9Nz6qAFBPK7zKErcHYSGLO3b-_5t81nJdDRnnou7RjGvw
x-proxy-origin: 193.32.248.225; 193.32.248.225; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F78E 0
12 B 57ms
53ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LjSkXFwdLY0Rn4XdsKh45F8s-_D7irioLjBnLZtkbdlLXUugWwrZuOg-6OZQVGYoReKxUsbg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C9C8 0
19 B 96ms
95ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CLbZA5qSuZa3xNM-q2OMPyuKG8A_JntKxXNWdkfdwwI23ARABIABglfrwgYwHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpArTNAzOYRbI-qAMByAMCqgTJAU_QIg4ETKDbuAH2kRWbvvtXQuPjwXQify7RtfvmkTIGd703m4NfqYyBZ0stTMLezv8VlCwokf7LTaShsQUxHDc4UXIqdJ0uXfKOplv__6tj_9Ldp3TMVWcGna2WBDtsqqwMVpp5jJRPGd76nS2RYp6HwgB_pb7aObQkpTADbGSHxG7uYyWPkMDa8_ZxOk4j3k19FabeUdmhej_bxO0mf5KEUiYp8DwukyZph0SmEq025dpvYTQoZVH1R9_35IPVyeuItXFF5CDHUYAG0syh34OO9-_qAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlj5h8rdwfGDA4AKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01ODg0Mjk0NDc5MzkxNjM4GJnSIQ&sigh=uswL781BK6w&uach_m=%5BUACH%5D&cid=CAQSKQAvHhf_8sathnwf6tYKCioNwzAss8ju7Wp-CbaezS0RWTji5fMnbZz_GAE&cbvp=2&vis=1

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=228266070&adf=3173046730&pi=t.ma~as.3654094576&w=970&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294278&bpp=188&bdt=370&idt=465&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=0&ifk=45754261&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080533%2C44809530%2C95322182%2C95320889%2C95321627%2C95322164%2C31080557&oid=2&pvsid=3736950477463667&tmod=1824658010&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.65fr1dddswvm&fsb=1&dtd=471
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 22 Jan 2024 17:24:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame C9C8 0
125 B 31ms
31ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k6zOGejMCcoHWp2DYgICAAAAh5qJ_JdXDuiAX6nxCK_LhhDmpK5luydyF8nd7yL_wAAAEgAACgpBUVVEQVFFQkFR&wp=Za6k5gANOK0GdhVPAAGxSshV6gLGAewU0puOWA&cbvp=2

Requested by

Host: 740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 180114
server: Kestrel
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 345D 0
0 92ms
92ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuX26fBTiyUmfD1DP2jXDEvom0ZeUjFWZbSG-POH4HDLuCOcKcWOIb9M3YiMzyyYtLizG7PlUAAXBrc6z6DVrGISm2I8nvCf7Gn6pDyo2gEqIXJNPwh8x5jkpj68ZyEf3lsZIJ4sXImyocm2VX_l5hkuqeT1FE2mmw5-cuuKf1V8-zf5iCkMnO-ExUtByAJkEdij-KF9E3MsXCy9dw513z4WKKPYT1k2C3JwDvSGEZcGpSI7GahbWnOTzyppJhSoDLwsCK_KofmPCJnfrRGpcMPGtVwKgT0ISAvVgvlskBQ4m-QUBpeuCJhv2Ogs41MtS3WgzPv0zhu_NCxXeGnrJQc3gsR8wuCoKxesOMGL-wd0niL3yj2XLLfXcueGiQJEWkRB-7CzgoV46CiG9VqD_Y&sai=AMfl-YRPwMc1_mT514AUO6HiheQPIvB6ccWwfbjBQ_9OeBQmpbzUQhxARprTtrqGKc46r9OJwnzGsPMc3MqJZp8&sig=Cg0ArKJSzFF08x8EWZVDEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 22 Jan 2024 17:24:55 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 345D 16 KB
12 KB 102ms
102ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240118&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2fef036a7a117cc6c136b3c78f82478ac0bb8142fc12ca09144eaf1af495357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12267
x-xss-protection: 0

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame B879 2 KB
2 KB 57ms
56ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1kaqpxqa535va8f9h53e4x0s1zt11fh9c63xx99738mnqt3tt9abjezvjmr2eecbxwks80mqshs0gek6h4pztrqq97vacd6qw0s5812n8y2feacc1q56g0rkfg07svcb61hv9gf4qds5m5k4r2gknfvkgn0a7sas8zewt4d02yd31enet1qwgnn7hqwdxfna71fa9zb0wn2gyrbvbrhc9mp3q6vbrbxtdv0m5t7qnsbnypa79chqnkcwdg65jtdj89jr4n6w9ke1dxvq4cdesdebr2fegajy7t6v15yvheswjpccjpvy3hq5nwbhnhrbd27hq6rak95xsab9avh7y4gtm9vv8kp7saq7kx5rm1hbp3dbtfph3f2zvzc9s71gfykkrj6pw64q0c9p14c3q3n0csf5hjdpza92w4hgz6h7gcdekqkj31xzgby06sezbnqthm7m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC88op56SuZbbiBtqB2OMPraGbqASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEywFP0CLwbcVPhywP0kqjbdckMsufEgxLJUvhALU1EiAauMzhctzW9K2JcdMD9XgxPvQKpxa3rwogLSs1jUPny4TpILPGwzwmhGCqEIe4R29nXz-gd3RkxMgLJRkoNnuLkdb_lN9Eeci9kV6i9MeI7ePfSz55-pJ43AZr-v4m6JKC_PnyMWLH8gFDawgfK04njizOzKe2LDWqOwBtDBZ_BYqzXEnFTEK0dzXQ8I86tdwZYh4aHiXoer9i10zsXoDSYb-er-23rgejLo8NnYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOX82N3B8YMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rU2olbqdwuMKnBEpy3AxoiKz0Ug%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046725&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294638&bpp=155&bdt=140&idt=351&shv=r20240118&mjsv=m202401170101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C44809531%2C31080505%2C95321958%2C95320869%2C95321626%2C95322163&oid=2&pvsid=2447506523472180&tmod=8997992&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.h682mv4gzvku&fsb=1&dtd=357

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c80f1a8a826dede0f2b6778a3e89430b8d822eb08740d8851acd22387af49bd

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84997e46ee143a8e-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:55 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame D5B6 3 KB
1 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:08:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 10:08:32 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 051F 1 KB
647 B 59ms
59ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29485
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Tue, 23 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame D5B6 20 KB
8 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:28:59 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D5B6 206 KB
65 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 17:24:55 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame E329 0
0 82ms
82ms Fetch
image/gif 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsss1QJyo4xg08kLz-7IF9kaUq4_C1Eiq6ynfesbj53drcmclD1bqruAab1uQmpPdbJPnPoOFkIVmBK19oKrodjrK9l72tlK2L0BQDTxZzcHhjQaDbtwTw6g-XTv4dmaWeqcRNNq3EgGkUvBQWpg39uANwMhp9E9napJko665iUzXVCoQlm8dZdq10EHPuL6weBxBnvg_yrdBd6fvvUZlp0lLnjgm2hXgCEOwozG8_GdbOb9paXq1PW677t3wyIPNoH_1A0HpN8ePEBtl0PY_ut_m3wgxPsA3gqNX2JErtMdhCB4iyNgnCTY6yTSm4xzrtWiPVad0apMyChAhjLjODXeLlhNTo-kIQkZOt0stBQo9E2jbF36azZs8g0pZQMdn8wCSOTDX3it5xFz--_xn7J-Cs2grlUNbixfLvTddsIFoFSfQ_p3C3RJ-xJQVZ2OTjiVFB4Fazzq_c8a5B6sO3-i4XJbly9-KjJQcpATd4KE3-IVOZPZH2KARLcBcN6mYMTC2UghtM07AmI4o5-Y3j5jXULBPRDW1djeKhPoixoqF0I2L6hOGhFJxd7tpiqJaTkDVSePgJ5UqEJkcLVdBJr4u9kik1zftqfLNBkl60geOK3uJB7LEllpCoZ0lfhKQ9qq96FnVr5XNS02bnhkrNqDC6UltzBNVRugZZ8u_DUzg6LPxavqLIUAA6Su6ms7zNeYs7Onrr5auh51c5if3OqUzuvL24ptuYWS3w-8_zy4u5qf4pyVNVt0sgMs3lCYR-_XZ3GfVOKAzAw5dQMzMfzT226j-VbZm0n4MLSLBVT67sQVrBIwyTenKb1F9YsB0NjVjmMJhxd22lDiwutl-17MJZOx0dxNFB-dkQV0tfTJvDiP-DPZe8Ob9rEqbqjWgPvetDIhuYSMWKIqtMOkWd46GBFP9GVhJo5fNoXM0KnMlrWRNu2BiPerE6pyOSZq-orhr0bH97FvZNPxQE3L24KaKd8iT8D8aIsVLmXZDxIe_KWW0MFb7UQHtRPUQjB0I3cLnjmrmMxS6YNb06ScbPQggms9M_uJVIf0Vjn8qRU0aKpAjeNaeszpbZgg-O64ncxtrGEpvXCR7RdL3Uil7wAcZisfBjUCJucpQvaZj3p8jCvVi6MHmksNuVrbR_oiqTyuRwME__n0f-1tRbZsqXAT15CY9tNjZ5X1h5J91fSkSYQ63FNTCqi-SsL9xT0siXK4wlZCOpfjyYnRfSmXQ_kePFvZ1WnYdLy_ixZxw-JS_fxzu2Y2jmHX-eCa9zutqp4Bpw14C-QJdFvjOcvifuJUPdh7t9fuhvJr5QCDTbtWVRwL1AhLDi1WUPmoLSW8C9gsgjGkNY_BmtmAjx0-QlzO8fhYatO8eU1YETlKNpv3AKVXRdrxYbdzNa2DUnHaSI4lEHhVGVW_Dw&sai=AMfl-YTdCfhrf9tM1JFlp2Fy5oKHrEzFkgqQnDhodDIQYn0Zg8KoBTBRxjYpxLrxrh-bD1yAruDxE_aBuV7MQRbe-ErBun_T63ZIlcS-hHR10xnXwqJBcvBu3eOjFBM4FWZRTq8WDGpFB9hGwxLMHilAuy-3wUHxgXNESIPxEPIDwdE_ypwEmvb5JbKHoEgNQn9AzsiNIaoOz-VDr9KZxhAc9s392ryhXQw1WevxWE07jjRaMMJ12qk-8-wQ5-_gPkqEt7cmccRsFu3ufktm8JZBBNrceRC6_Bl0wdSK8Fo-SKQNY7_bAf0mYlJVgPIhePPanQAdq0avyyDl&sig=Cg0ArKJSzMwbrKL7_n29EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zd2lzcy5jb20saHR0cHM6Ly9leGFjdGFnLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=682&vt=11&dtpt=396&dett=3&cstd=282&cisv=r20240118.41871&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DC39 0
0 209ms
209ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401160101&jk=1982201838539988&bg=!ODulO3TNAAa8BdJLnAU7ADQBe5WfOD8DPkluUZ1N_GL8d4Lg72Kb9h8sSPtrApQOa6mmh5ek356v_4X07-Spzb9zbfd_AgAAAChSAAAAAWgBBwoAQniLn8BxH8Xai6EI19WAEs2R5nw1y9aEieM6qBQ0bO_vZvXS7oz5BjUtox_PbNU1rELhE4RisI1XF_YkzCHxkRKuv5kDD97sSNV03vQFSFQqglAEPe3IFkn-fu_kD6OAtxpiXqsEWgy7QEGCUBnSTG8TD3sJLkWo5fSNnO4YhoLg6IXVtSkAIWZYyNDbyABBZRg6oZi1oTcUKUq1nHOG_P4opRJE6NwPrsaEW7rBS6ZFUDDKS5-Y0DrU82rSuk6efEfl9J9wUeOAvy5EA8xVLVm0Pdqm-lBTacUu_HYgWzz6ClEbffIMSjd53eyoU9lPlsEfX9KnRWRrwtTp6WeciVLKn3398g2CdzmzBSXVICco6Tu7uFB3HNogPaIMECZ2-M4xfnALKc7m7M1Mb6nAmThvIX1tl4_f8BmsWIibW6djyigOB-hFQbwppzih63iOGX3cJrhKBYbHIcqZb0zD_H3d3sFqabRRtJQYlRy55o87n9plGOuZdaXeMLsXmcnOzQO1CoHWaFUNxmOJEOXP-gQovveE2ktNuJsfxMgZdVJ9h_Nw40kNx8Xl7dBTgXIEE7XKCVgQS7zL9BZiQ-V8mhgJQtriTu-5iCiHYzT5ojoTpdLoGTbHqB1B3xmsZcywprVbgycw8RTVJ7SAr9-TJGOQyejYeBVXPpR1QshLXX5T2tmMOuDTO0Hzcg9yTKDQuN1NAHAvysn3ENq5cgSKeCnQQcnFpq0s50QJMp3vEEJyLNW-N5ANL27I9UGgFManlsEJK_OTKx3dDvVLrbJeBMcokHfbRt52KGGuAIPu8B0H6QMjK7Lji8ETj0ft8NcKMSEvLs_KxzZXU0rSeQ0uEmpOkntEWvNcuCfnoD-pecOPiSJbJHeCTHhJ59kL_g6e0hOai9STpB9Wv46iWmdN-TzDny3CjWkBWHV2mB1XDVjEeyI5GNM3w6g4_9k6wFqIZl4DpW_vQ40D8LXuiUryZDgGtANAO18xnmfqgeP2M2m5Xv8N8at7rVNmW3BkImEm09A1YjPInwlrV3ATRPrP1-jwTJUgT7tdnjX-nnP85pa_72bWU60eMtmq1oPLdTHO6qwTjvA1XeapWC_i0Sj9xxwqjDMpxfV3uZObiL8l7EuKmoRcug
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2C5C 0
19 B 94ms
93ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnNXf5qSuZeaHNp7sn88P_vSL-AuQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEyQFP0FfU1Xh-RLhb93SFEgyWuRhk06kvnDHHQ5bHTne0qheFxAwPDwf6ouBhH8rHGG3XJFGelrZD8Vv8or3PbZ0g2Pvob40qa8hAnl9r7f_LIfTfuGPc1zw1u2O4WfI0XSMDqjrU_s8Mxe53yXobj3hDkyagqx-TCApuaG-05sHYS-0T8KoaXQ2b4L_9FXtkH3elcEYBd6syL-0rjbrMRCiDiwlB1I2O0i_4QwjvnJI8ASGNsIqPNKFn97wCffQ6Iilj7zgzR4rXmF-ABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliarMvdwfGDA4AKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01ODg0Mjk0NDc5MzkxNjM4GJnSIQ&sigh=EUxewW_N17Q&uach_m=%5BUACH%5D&cid=CAQSKQAvHhf_PNUOWgMwhSRD6jvz-jWv0lXEnvc-AizuBciuab4bkYhTN_v0GAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046727&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294179&bpp=253&bdt=263&idt=586&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080443%2C31080591%2C44809004%2C31080504%2C95321963%2C95320890%2C95321627%2C95322165%2C95322325&oid=2&pvsid=798554487245127&tmod=1786190092&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.84ackw6m3jqq&fsb=1&dtd=591
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 22 Jan 2024 17:24:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 2C5C 0
103 B 144ms
62ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jwvz8wg5za6w2kpms9tqgdr3zr2nqy30y0g27w4zz8k1887ns9hajdftbr21dhygeb978f0720x89rnt2pw7fb7w1f1taek2z0tnqx6135ws0a6rxw9dafzbktchv7zhe8sc1dehz0k8n8ms5dk21zbk7p4a8rthh48r1bntmj6rwrwpgmfj0689pazzveg3fpbm28a8gebypsg6hj6x79a9nhdd2ax3tz9qt9cpvra0rf001jaz1zbafcg5nkaskf9rygaah1war9reqyajmcsc8sddf174ysja6a737tdxsrb1ftf9sqkdemstwwm79x1ennrf7nkbn477yh98x4jvfa3j6e4bxz1ny02g72cajmkje2k778j5g2gnymw4vaeqr49pwxm4tr&b=Za6k5gANg-YD5_YeAAL6fkLS-ikvZx2wT1m4RA&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046727&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294179&bpp=253&bdt=263&idt=586&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080443%2C31080591%2C44809004%2C31080504%2C95321963%2C95320890%2C95321627%2C95322165%2C95322325&oid=2&pvsid=798554487245127&tmod=1786190092&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.84ackw6m3jqq&fsb=1&dtd=591
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 22 Jan 2024 17:24:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 35EF 2 KB
2 KB 40ms
39ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2080149
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 84997e46fe313a8e-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Mon, 22 Jan 2024 17:24:55 GMT
expires: Wed, 29 Nov 2023 11:19:10 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AozNkd0DRtgsw31dAzf4poYdt6cAOoPBJdQGpek%2BWNb0rGePdHjQljnpsTLYxZaEQlw1hnNIMKp8rRsGcQ%2Bff%2BfkNBwR%2BhY%2F47aAK41FG2N%2FXee9ge3IUtp%2Ff1PkcXSOj%2FuPaxo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame D3DA 2 KB
2 KB 57ms
55ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gcgv3bbbq96xx9t4t1mbvg56cc3w5sq0whq40m6qh2d3j768c3tm42jsts20gqfct4jgmb21dzq5fdmjk1qabrmgt5a34mnk2qjbwe8mv043cma6mwctsnet50kxrx6negdbv2ca6x3dab5v3k745w0x5yj495d23cgt5g104xnk1bfqzpv73fa568nbzf94wcxdwn1gvc9zqdkwkjghs2qb5j0qypv3mwzwq15rp6xech8ha05dgkqxk5fd5h8q2237t74q38kyph3w623fcvz4fdbjgng3hpfg29egap659w3c01915690eaht4xt2xxrj7z9vf8xkwd8vhgb127dfhbs6qbxa8t1t2fxhf9wn0ny8r307qjj7ctjs48z9677ejvwwb6xx2ehp52fs363bp9rhnxj712mcxemq11yzecd37vdm42f47kyw3qfm8rnff66&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4C--56SuZcTYCIqp2OMP5-yGwA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQI2xPCRH0eyPqgDAcgDAqoEzAFP0K-1bRdqEeypw1Hr8pUUUpf_ZUzytCf8WIlpqUbKM5aMPiK7P5kPSAYjP0LGDMcfHIdg6xFccBHQKVZmxQgGRpJA4Nek6G2cJ74AlkfQK9gBpK50yLiM2licb3E86OAX1Ll6l2yq0P7dQwqE0QfUPad-irkA-HsMWeiKiKIcYph0sgdpXLU6vyjpfPsm1R_b6fdoTi-XiEKiIVi0-W25KfCnM4A9dJPSEbP9S_NHIef5OMGr73AuipaBgmoVucv6W59q7gKrttn6Kh-ABrfQqsvZtM-hTaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlicjdvdwfGDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2C-Nr0Vd5Yz_vszOA0FfYDSnOX4w%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294535&bpp=221&bdt=162&idt=489&shv=r20240118&mjsv=m202401170101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080442%2C44795922%2C31080557%2C95320377%2C95320890%2C95321627%2C95321862%2C95322162%2C31080557&oid=2&pvsid=1046948045195996&tmod=1940145891&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.b564jzrks8l4&fsb=1&dtd=495

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44db555d2f4d1cb4fb8a1a9772763b469847888f9d5aa166919e51b18ef6b437

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84997e470e403a8e-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:55 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 3397 3 KB
1 KB 58ms
56ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294535&bpp=221&bdt=162&idt=489&shv=r20240118&mjsv=m202401170101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080442%2C44795922%2C31080557%2C95320377%2C95320890%2C95321627%2C95321862%2C95322162%2C31080557&oid=2&pvsid=1046948045195996&tmod=1940145891&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.b564jzrks8l4&fsb=1&dtd=495

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:08:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 10:08:32 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 78C6 1 KB
647 B 58ms
56ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294535&bpp=221&bdt=162&idt=489&shv=r20240118&mjsv=m202401170101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080442%2C44795922%2C31080557%2C95320377%2C95320890%2C95321627%2C95321862%2C95322162%2C31080557&oid=2&pvsid=1046948045195996&tmod=1940145891&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.b564jzrks8l4&fsb=1&dtd=495

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29485
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Tue, 23 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 3397 20 KB
8 KB 59ms
57ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294535&bpp=221&bdt=162&idt=489&shv=r20240118&mjsv=m202401170101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080442%2C44795922%2C31080557%2C95320377%2C95320890%2C95321627%2C95321862%2C95322162%2C31080557&oid=2&pvsid=1046948045195996&tmod=1940145891&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.b564jzrks8l4&fsb=1&dtd=495

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:28:59 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3397 206 KB
65 KB 73ms
71ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294535&bpp=221&bdt=162&idt=489&shv=r20240118&mjsv=m202401170101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080442%2C44795922%2C31080557%2C95320377%2C95320890%2C95321627%2C95321862%2C95322162%2C31080557&oid=2&pvsid=1046948045195996&tmod=1940145891&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.b564jzrks8l4&fsb=1&dtd=495

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 17:24:55 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1DC7 0
0 90ms
90ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsueboLKxw6utQCllCDHAdjtrYBWIedF_yAJAKDJxRluO5pRnIYuyj7xcfuJEAK4uHTq4cgiCe7BhBHi8ItxMgVBfV4eT2oF9WHgFRCyDP3HYUT0rlxW_aQ1axoblUbK_QwoNtMrdudTlBUcBTmB1DWahk0QSKag4_okpmmWLlbpjkUjXnXVj5SjRz6A4LF2zK0_Pwykety2-6Sl-tyKT3nq7WYLtHVXVG8x_5gTorySfkMhaWHkmODrBzI3PqraW1XBkz1baayqWVURSw4uhlEb46H4CPGxzObdE82C1hD7C8Rtld1el5C23P_oE4Y-Kl82MOtP-kBoevQOl1kaL4-wR8GL3LyRNraG8G_aEo7BoH5-B9b-cGZn3auH7vBybuHM1mbvHttsgSGzL7WzPA&sai=AMfl-YRw_mhVBN6bZ6_JwvQOl2Ok6gm76gO9CzxVz71fZny-CNgpzDqImepq0ApsKtWjRBvwMWBQZHco6oavglY&sig=Cg0ArKJSzMIwi-1TsDwpEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 22 Jan 2024 17:24:55 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1DC7 16 KB
12 KB 102ms
102ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240118&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68065b3020de1762bac48d920b7950bfced5ee1005585ca3df3ee62d3d41218d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12299
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3965 41 KB
17 KB 447ms
447ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046724&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944295163&bpp=150&bdt=98&idt=367&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1589409296&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759876%2C44759927%2C95320376%2C95320869%2C95321627%2C95322163%2C31080557&oid=2&pvsid=3922862885230430&tmod=1233601255&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.qttsmmwwhph4&fsb=1&dtd=373

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

beec0092a647ed9f2462b81eda57c12fce8913689315c5db8cf83d13bf3dc9cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 17479
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:55 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 main.js Show response
s0.2mdn.net/creatives/assets/4672102/ Frame C8F3 4 KB
2 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4672102/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3073907470465951617/index.html?e=69&leftOffset=0&topOffset=0&c=dkS7Cy6bQQ&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b95179c7695d6f272190773fc0488184a5ddfc81e6727847cd4a54de9259f5e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3073907470465951617/index.html?e=69&leftOffset=0&topOffset=0&c=dkS7Cy6bQQ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:11:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 835
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1819
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 13:21:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 Jan 2024 17:26:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C8F3 8 KB
6 KB 97ms
97ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3e1c3ddd971246777cf608f58b76b12c513b5cdcb104aa0aa70a17810aaa57a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6021
x-xss-protection: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame B879 115 KB
14 KB 43ms
41ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kaqpxqa535va8f9h53e4x0s1zt11fh9c63xx99738mnqt3tt9abjezvjmr2eecbxwks80mqshs0gek6h4pztrqq97vacd6qw0s5812n8y2feacc1q56g0rkfg07svcb61hv9gf4qds5m5k4r2gknfvkgn0a7sas8zewt4d02yd31enet1qwgnn7hqwdxfna71fa9zb0wn2gyrbvbrhc9mp3q6vbrbxtdv0m5t7qnsbnypa79chqnkcwdg65jtdj89jr4n6w9ke1dxvq4cdesdebr2fegajy7t6v15yvheswjpccjpvy3hq5nwbhnhrbd27hq6rak95xsab9avh7y4gtm9vv8kp7saq7kx5rm1hbp3dbtfph3f2zvzc9s71gfykkrj6pw64q0c9p14c3q3n0csf5hjdpza92w4hgz6h7gcdekqkj31xzgby06sezbnqthm7m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC88op56SuZbbiBtqB2OMPraGbqASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEywFP0CLwbcVPhywP0kqjbdckMsufEgxLJUvhALU1EiAauMzhctzW9K2JcdMD9XgxPvQKpxa3rwogLSs1jUPny4TpILPGwzwmhGCqEIe4R29nXz-gd3RkxMgLJRkoNnuLkdb_lN9Eeci9kV6i9MeI7ePfSz55-pJ43AZr-v4m6JKC_PnyMWLH8gFDawgfK04njizOzKe2LDWqOwBtDBZ_BYqzXEnFTEK0dzXQ8I86tdwZYh4aHiXoer9i10zsXoDSYb-er-23rgejLo8NnYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOX82N3B8YMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rU2olbqdwuMKnBEpy3AxoiKz0Ug%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kaqpxqa535va8f9h53e4x0s1zt11fh9c63xx99738mnqt3tt9abjezvjmr2eecbxwks80mqshs0gek6h4pztrqq97vacd6qw0s5812n8y2feacc1q56g0rkfg07svcb61hv9gf4qds5m5k4r2gknfvkgn0a7sas8zewt4d02yd31enet1qwgnn7hqwdxfna71fa9zb0wn2gyrbvbrhc9mp3q6vbrbxtdv0m5t7qnsbnypa79chqnkcwdg65jtdj89jr4n6w9ke1dxvq4cdesdebr2fegajy7t6v15yvheswjpccjpvy3hq5nwbhnhrbd27hq6rak95xsab9avh7y4gtm9vv8kp7saq7kx5rm1hbp3dbtfph3f2zvzc9s71gfykkrj6pw64q0c9p14c3q3n0csf5hjdpza92w4hgz6h7gcdekqkj31xzgby06sezbnqthm7m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC88op56SuZbbiBtqB2OMPraGbqASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEywFP0CLwbcVPhywP0kqjbdckMsufEgxLJUvhALU1EiAauMzhctzW9K2JcdMD9XgxPvQKpxa3rwogLSs1jUPny4TpILPGwzwmhGCqEIe4R29nXz-gd3RkxMgLJRkoNnuLkdb_lN9Eeci9kV6i9MeI7ePfSz55-pJ43AZr-v4m6JKC_PnyMWLH8gFDawgfK04njizOzKe2LDWqOwBtDBZ_BYqzXEnFTEK0dzXQ8I86tdwZYh4aHiXoer9i10zsXoDSYb-er-23rgejLo8NnYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOX82N3B8YMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rU2olbqdwuMKnBEpy3AxoiKz0Ug%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 728610
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCJkzx7BIRv8qYUS2nHzghCVV%2B6jVCo2CyYiTRCMu3xrhYVBw48Zrr%2FSGu8vVsAwXE6ryIs8GRS0UHPcXkbqxkxnpjtWCfYUCDO7V7BbekRsGD34ObL%2F1Nz7Unhr9vWiysjYqQWzKaI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 84997e474e8f3a8e-FRA
expires: Tue, 23 Jan 2024 17:24:55 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame B879 24 KB
10 KB 70ms
68ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kaqpxqa535va8f9h53e4x0s1zt11fh9c63xx99738mnqt3tt9abjezvjmr2eecbxwks80mqshs0gek6h4pztrqq97vacd6qw0s5812n8y2feacc1q56g0rkfg07svcb61hv9gf4qds5m5k4r2gknfvkgn0a7sas8zewt4d02yd31enet1qwgnn7hqwdxfna71fa9zb0wn2gyrbvbrhc9mp3q6vbrbxtdv0m5t7qnsbnypa79chqnkcwdg65jtdj89jr4n6w9ke1dxvq4cdesdebr2fegajy7t6v15yvheswjpccjpvy3hq5nwbhnhrbd27hq6rak95xsab9avh7y4gtm9vv8kp7saq7kx5rm1hbp3dbtfph3f2zvzc9s71gfykkrj6pw64q0c9p14c3q3n0csf5hjdpza92w4hgz6h7gcdekqkj31xzgby06sezbnqthm7m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC88op56SuZbbiBtqB2OMPraGbqASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEywFP0CLwbcVPhywP0kqjbdckMsufEgxLJUvhALU1EiAauMzhctzW9K2JcdMD9XgxPvQKpxa3rwogLSs1jUPny4TpILPGwzwmhGCqEIe4R29nXz-gd3RkxMgLJRkoNnuLkdb_lN9Eeci9kV6i9MeI7ePfSz55-pJ43AZr-v4m6JKC_PnyMWLH8gFDawgfK04njizOzKe2LDWqOwBtDBZ_BYqzXEnFTEK0dzXQ8I86tdwZYh4aHiXoer9i10zsXoDSYb-er-23rgejLo8NnYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOX82N3B8YMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rU2olbqdwuMKnBEpy3AxoiKz0Ug%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 06:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 558238
etag: W/"ea6b8b5621410c697cbfca30307bc4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tPSxTpo1xVA6RKl9BLoLHtZhSBZDgQX%2FccSzblAgfez6E58wGFmE2QrngK%2Fzx%2FD8QJWTKJp4mn0Zu9sck9lhPFM5pKTA%2FUwYlMTQDYZ42Hzb7a4F3cE3TZpUcdJYPoTVWS3YYbE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 84997e474e923a8e-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 16 Jan 2024 06:20:57 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 051F
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEH1pL-GeBpjRGnGQ1EQR_yA&google_cver=1&google_push=AXcoOmQ04zF-sbiTL-HvhmGpaLBwYhpPfpDnA8cCWxT2v2ckqE9hT9ob29HorIlStJUxD-FzbaisQfQS_5hgntW44X1yg03317zSd...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzE3MDA0MTM3NjAyMjM0ODY0Ng==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEH1pL-GeBpjRGnGQ1EQR_yA&google_cver=1

43 B
398 B

33ms
33ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEH1pL-GeBpjRGnGQ1EQR_yA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046725&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294638&bpp=155&bdt=140&idt=351&shv=r20240118&mjsv=m202401170101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C44809531%2C31080505%2C95321958%2C95320869%2C95321626%2C95322163&oid=2&pvsid=2447506523472180&tmod=8997992&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.h682mv4gzvku&fsb=1&dtd=357
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 22 Jan 2024 17:24:54 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEH1pL-GeBpjRGnGQ1EQR_yA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 051F
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBtxA-D3p6bdgLIhzXDeN3s&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UFJZekFveWcxUnJZMno1&google_gid=CAESEBtxA-D3p6bdgLIhzXDeN3s&google_cver=1&google_push=AXcoOmQRD0VW_bZ1pjp2QP45xaN-NAy7hYcpr7hZRuyF-k7...

170 B
188 B

56ms
56ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UFJZekFveWcxUnJZMno1&google_gid=CAESEBtxA-D3p6bdgLIhzXDeN3s&google_cver=1&google_push=AXcoOmQRD0VW_bZ1pjp2QP45xaN-NAy7hYcpr7hZRuyF-k7wSvZSOJ8KHBLYSlZgUjySqZODDNkimSHt2J5UE1CpJEq1FYmeyu6OHcmwvcenvGRbHzTANpLj7i3gDR_XlJTWiEiTy1xCXgK7UQRHD6fGLT1-

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Jan 2024 17:24:54 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-799-g9c6cd74#rel-ec2-master i-05a941aeab12055fa@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UFJZekFveWcxUnJZMno1&google_gid=CAESEBtxA-D3p6bdgLIhzXDeN3s&google_cver=1&google_push=AXcoOmQRD0VW_bZ1pjp2QP45xaN-NAy7hYcpr7hZRuyF-k7wSvZSOJ8KHBLYSlZgUjySqZODDNkimSHt2J5UE1CpJEq1FYmeyu6OHcmwvcenvGRbHzTANpLj7i3gDR_XlJTWiEiTy1xCXgK7UQRHD6fGLT1-
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 051F
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEHpNzq7tR1aCQOqJuFgk1oc&google_cver=1&google_push=AXcoOmTCM15CXe4i-6zBTt4bTOWfaDGn747uYyA8Rl9rN13L9uaf59L6AxRmaxKZMUWD3UVeZR1uFk9o7NnKLYJF...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5jXluOmoQGYlB3PP_3fP2w&google_push=AXcoOmTCM15CXe4i-6zBTt4bTOWfaDGn747uYyA8Rl9rN13L9uaf59L6AxRmaxKZMUWD3UVeZR1uFk9o7NnKLYJFhGFSKc3qzbyrKpn...

170 B
188 B

57ms
57ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5jXluOmoQGYlB3PP_3fP2w&google_push=AXcoOmTCM15CXe4i-6zBTt4bTOWfaDGn747uYyA8Rl9rN13L9uaf59L6AxRmaxKZMUWD3UVeZR1uFk9o7NnKLYJFhGFSKc3qzbyrKpnIwZdFroUeTBPsZeAycVcHjqR17Y8bivw4PuirW7zqzHMn74s0TjQ

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Jan 2024 17:24:55 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5jXluOmoQGYlB3PP_3fP2w&google_push=AXcoOmTCM15CXe4i-6zBTt4bTOWfaDGn747uYyA8Rl9rN13L9uaf59L6AxRmaxKZMUWD3UVeZR1uFk9o7NnKLYJFhGFSKc3qzbyrKpnIwZdFroUeTBPsZeAycVcHjqR17Y8bivw4PuirW7zqzHMn74s0TjQ
x-host: tde-deliveryengine-production-5db7bf8975-vgdfp
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 051F
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMuKJplgIDAR3svX7Dau6Dk&google_cver=1&google_push=AXcoOmT4apPNaZPMlfUFokCu8nGFmO89NI9-HOe_xA0bhgPRB6KfV22lq7d90phHUDriKg8uiztPaWDm...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzAzNDk2OTI4NDE5MzMwNDcwMg&google_push=AXcoOmT4apPNaZPMlfUFokCu8nGFmO89NI9-HOe_xA0bhgPRB6KfV22lq7d90phHUDriKg8uiztPaW...

170 B
188 B

55ms
55ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzAzNDk2OTI4NDE5MzMwNDcwMg&google_push=AXcoOmT4apPNaZPMlfUFokCu8nGFmO89NI9-HOe_xA0bhgPRB6KfV22lq7d90phHUDriKg8uiztPaWDm6iDm76GhfIfNwZ3OdPKL9tpIh7S0W-gu13JBh-oZ8dr0DJjYVSNTxAWd-S0WFzJcHbs30oryu-d3

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzAzNDk2OTI4NDE5MzMwNDcwMg&google_push=AXcoOmT4apPNaZPMlfUFokCu8nGFmO89NI9-HOe_xA0bhgPRB6KfV22lq7d90phHUDriKg8uiztPaWDm6iDm76GhfIfNwZ3OdPKL9tpIh7S0W-gu13JBh-oZ8dr0DJjYVSNTxAWd-S0WFzJcHbs30oryu-d3
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 051F 43 B
94 B 45ms
40ms Image
image/gif 35.227.252.103
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEH4BgUogcviNaxiIAzXPAvE&google_cver=1&google_push=AXcoOmQVb8Rssgci0BA153iXf7IPkH-oOyhMb_EOzEizs4ZMWw7DTk2t4pnjQL0hOZy_tM4cAp_FnNnNFD_n047Z3Bwu2tyfBazN-NYCnI8fUKxwMDb5IHGK4samaQkK2-8WzVLd-whUhxgMiXlU3VzeN5I
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046725&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294638&bpp=155&bdt=140&idt=351&shv=r20240118&mjsv=m202401170101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C44809531%2C31080505%2C95321958%2C95320869%2C95321626%2C95322163&oid=2&pvsid=2447506523472180&tmod=8997992&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.h682mv4gzvku&fsb=1&dtd=357
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 051F 0
166 B 115ms
35ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFbxTzMURcFvCd6fsoXfmpk&google_cver=1&google_push=AXcoOmRqVEiMu-hmYDDON5H94QwLROdAghoE_199tMo6gqkEcGAho3VuCDX4Ec4GEHhG779ke4xRTkGmJeLU8GCMZX7BdBMrIu1zChgffrsXLdYyqfUU8f9RgjRxSmkzzVLHv0d_rj2A7lA3QKhrwe3nszM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046725&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294638&bpp=155&bdt=140&idt=351&shv=r20240118&mjsv=m202401170101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C44809531%2C31080505%2C95321958%2C95320869%2C95321626%2C95322163&oid=2&pvsid=2447506523472180&tmod=8997992&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.h682mv4gzvku&fsb=1&dtd=357
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Mon, 22 Jan 2024 17:24:54 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 051F
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=635d1957-318b-4352-b3b3-651b5a65c707&google_cver=1&google_gid=CAESEFUARBJcL0MWye6eew1R3y4&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
188 B

55ms
55ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=635d1957-318b-4352-b3b3-651b5a65c707&google_cver=1&google_gid=CAESEFUARBJcL0MWye6eew1R3y4&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSx5xXpIeplE3aDncUh5q9yLl09fH4OfvVJsztRTv_VHPGcUnF_YQq7j2PJPQAyv13oXshZL0GPqeM-5uDAQ3rE-eptYIAO0qeUNnDUSGblksSH2jMkGNFaGF_SFPA2vMG2pGXXA8qLtGIyT52_hVD9mw&gdpr=${GDPR}

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=635d1957-318b-4352-b3b3-651b5a65c707&google_cver=1&google_gid=CAESEFUARBJcL0MWye6eew1R3y4&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmSx5xXpIeplE3aDncUh5q9yLl09fH4OfvVJsztRTv_VHPGcUnF_YQq7j2PJPQAyv13oXshZL0GPqeM-5uDAQ3rE-eptYIAO0qeUNnDUSGblksSH2jMkGNFaGF_SFPA2vMG2pGXXA8qLtGIyT52_hVD9mw&gdpr=${GDPR}
date: Mon, 22 Jan 2024 17:24:55 GMT
server: _
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 051F 0
12 B 57ms
54ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JGKKUgHnhveakgERq9POl3YBF0n4yrUzKoviJdMSzYKZ3dJyFGG7LRsffbTXHOEjuZRoZq7Q

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame D3DA 115 KB
14 KB 51ms
48ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gcgv3bbbq96xx9t4t1mbvg56cc3w5sq0whq40m6qh2d3j768c3tm42jsts20gqfct4jgmb21dzq5fdmjk1qabrmgt5a34mnk2qjbwe8mv043cma6mwctsnet50kxrx6negdbv2ca6x3dab5v3k745w0x5yj495d23cgt5g104xnk1bfqzpv73fa568nbzf94wcxdwn1gvc9zqdkwkjghs2qb5j0qypv3mwzwq15rp6xech8ha05dgkqxk5fd5h8q2237t74q38kyph3w623fcvz4fdbjgng3hpfg29egap659w3c01915690eaht4xt2xxrj7z9vf8xkwd8vhgb127dfhbs6qbxa8t1t2fxhf9wn0ny8r307qjj7ctjs48z9677ejvwwb6xx2ehp52fs363bp9rhnxj712mcxemq11yzecd37vdm42f47kyw3qfm8rnff66&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4C--56SuZcTYCIqp2OMP5-yGwA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQI2xPCRH0eyPqgDAcgDAqoEzAFP0K-1bRdqEeypw1Hr8pUUUpf_ZUzytCf8WIlpqUbKM5aMPiK7P5kPSAYjP0LGDMcfHIdg6xFccBHQKVZmxQgGRpJA4Nek6G2cJ74AlkfQK9gBpK50yLiM2licb3E86OAX1Ll6l2yq0P7dQwqE0QfUPad-irkA-HsMWeiKiKIcYph0sgdpXLU6vyjpfPsm1R_b6fdoTi-XiEKiIVi0-W25KfCnM4A9dJPSEbP9S_NHIef5OMGr73AuipaBgmoVucv6W59q7gKrttn6Kh-ABrfQqsvZtM-hTaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlicjdvdwfGDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2C-Nr0Vd5Yz_vszOA0FfYDSnOX4w%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gcgv3bbbq96xx9t4t1mbvg56cc3w5sq0whq40m6qh2d3j768c3tm42jsts20gqfct4jgmb21dzq5fdmjk1qabrmgt5a34mnk2qjbwe8mv043cma6mwctsnet50kxrx6negdbv2ca6x3dab5v3k745w0x5yj495d23cgt5g104xnk1bfqzpv73fa568nbzf94wcxdwn1gvc9zqdkwkjghs2qb5j0qypv3mwzwq15rp6xech8ha05dgkqxk5fd5h8q2237t74q38kyph3w623fcvz4fdbjgng3hpfg29egap659w3c01915690eaht4xt2xxrj7z9vf8xkwd8vhgb127dfhbs6qbxa8t1t2fxhf9wn0ny8r307qjj7ctjs48z9677ejvwwb6xx2ehp52fs363bp9rhnxj712mcxemq11yzecd37vdm42f47kyw3qfm8rnff66&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4C--56SuZcTYCIqp2OMP5-yGwA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQI2xPCRH0eyPqgDAcgDAqoEzAFP0K-1bRdqEeypw1Hr8pUUUpf_ZUzytCf8WIlpqUbKM5aMPiK7P5kPSAYjP0LGDMcfHIdg6xFccBHQKVZmxQgGRpJA4Nek6G2cJ74AlkfQK9gBpK50yLiM2licb3E86OAX1Ll6l2yq0P7dQwqE0QfUPad-irkA-HsMWeiKiKIcYph0sgdpXLU6vyjpfPsm1R_b6fdoTi-XiEKiIVi0-W25KfCnM4A9dJPSEbP9S_NHIef5OMGr73AuipaBgmoVucv6W59q7gKrttn6Kh-ABrfQqsvZtM-hTaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlicjdvdwfGDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2C-Nr0Vd5Yz_vszOA0FfYDSnOX4w%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 728610
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZrMIdEN34sFREAbEPAQvUhW4dhiqveEcaMG0GNHRre3UBmChLCvwGiv%2BKR1TI6qx%2Bt%2F70Ka%2FfhX6X0aHrwKj%2FgxOUvBvWkV7ewvHe6T7tCRIVnU%2BDWV255PR4JqPiIf6ximkYb%2F1TI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 84997e476ebb3a8e-FRA
expires: Tue, 23 Jan 2024 17:24:55 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame D3DA 24 KB
10 KB 77ms
74ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gcgv3bbbq96xx9t4t1mbvg56cc3w5sq0whq40m6qh2d3j768c3tm42jsts20gqfct4jgmb21dzq5fdmjk1qabrmgt5a34mnk2qjbwe8mv043cma6mwctsnet50kxrx6negdbv2ca6x3dab5v3k745w0x5yj495d23cgt5g104xnk1bfqzpv73fa568nbzf94wcxdwn1gvc9zqdkwkjghs2qb5j0qypv3mwzwq15rp6xech8ha05dgkqxk5fd5h8q2237t74q38kyph3w623fcvz4fdbjgng3hpfg29egap659w3c01915690eaht4xt2xxrj7z9vf8xkwd8vhgb127dfhbs6qbxa8t1t2fxhf9wn0ny8r307qjj7ctjs48z9677ejvwwb6xx2ehp52fs363bp9rhnxj712mcxemq11yzecd37vdm42f47kyw3qfm8rnff66&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4C--56SuZcTYCIqp2OMP5-yGwA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQI2xPCRH0eyPqgDAcgDAqoEzAFP0K-1bRdqEeypw1Hr8pUUUpf_ZUzytCf8WIlpqUbKM5aMPiK7P5kPSAYjP0LGDMcfHIdg6xFccBHQKVZmxQgGRpJA4Nek6G2cJ74AlkfQK9gBpK50yLiM2licb3E86OAX1Ll6l2yq0P7dQwqE0QfUPad-irkA-HsMWeiKiKIcYph0sgdpXLU6vyjpfPsm1R_b6fdoTi-XiEKiIVi0-W25KfCnM4A9dJPSEbP9S_NHIef5OMGr73AuipaBgmoVucv6W59q7gKrttn6Kh-ABrfQqsvZtM-hTaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlicjdvdwfGDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2C-Nr0Vd5Yz_vszOA0FfYDSnOX4w%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jan 2024 06:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 558238
etag: W/"ea6b8b5621410c697cbfca30307bc4ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5m4GIXC1mrrK%2BdPbiu78F%2F58myFAh0q%2BA294pmUk7XmupVm0%2FS2DVTX352jqtV8xVSnuaZ9qoGnO7ZThhWL%2Fed5EarqGDsLJiiAUsfCDxi2bL4X3q65cEa2TGZpZtFAX3B3R8s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 84997e476ebe3a8e-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 16 Jan 2024 06:20:57 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 78C6 35 B
210 B 32ms
31ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBpLP9V3_pk24LVISAkR7Fc&google_cver=1&google_push=AXcoOmR9XakXAphhMnqj_vn8ckUeYxMuMHVojDhm1VAjfZUaj8tVH3YUNgFLqk_DSd1PBXdOYiiKQSILiDZ178-q_g2jl2ryWRCKqAceeoV_62FHawSQOjqZ_f7IvL2C0gesZyLgDIXOSQzx5O7RVdCxhDCx

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294535&bpp=221&bdt=162&idt=489&shv=r20240118&mjsv=m202401170101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080442%2C44795922%2C31080557%2C95320377%2C95320890%2C95321627%2C95321862%2C95322162%2C31080557&oid=2&pvsid=1046948045195996&tmod=1940145891&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.b564jzrks8l4&fsb=1&dtd=495

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 78C6
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEOYDH9GirIitN1e48wFhuto&google_cver=1&google_push=AXcoOmS6MmshRXQXbwSSpDqxgjjohbKRSyFEgj0ZMcLwazRW7n-J76hxQJapOQNkTDkg1ugNRnJM6QW8Mr9mby9BcPulBatSjkmru...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOYDH9GirIitN1e48wFhuto&google_cver=1&google_push=AXcoOmS6MmshRXQXbwSSpDqxgjjohbKRSyFEgj0ZMcLwazRW7n-J76hxQJapOQNkTDkg1ugNRnJM6QW8Mr9mby9BcPulBatSjkm...

43 B
451 B

212ms
211ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOYDH9GirIitN1e48wFhuto&google_cver=1&google_push=AXcoOmS6MmshRXQXbwSSpDqxgjjohbKRSyFEgj0ZMcLwazRW7n-J76hxQJapOQNkTDkg1ugNRnJM6QW8Mr9mby9BcPulBatSjkmruOYiUxeNB1fLrIGMU88V_EqYxTf8et-nU-BfpSgyhydhDrrlIzCxwkp2&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS6MmshRXQXbwSSpDqxgjjohbKRSyFEgj0ZMcLwazRW7n-J76hxQJapOQNkTDkg1ugNRnJM6QW8Mr9mby9BcPulBatSjkmruOYiUxeNB1fLrIGMU88V_EqYxTf8et-nU-BfpSgyhydhDrrlIzCxwkp2%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:56 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 84997e493b923506-WAW
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 720
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOYDH9GirIitN1e48wFhuto&google_cver=1&google_push=AXcoOmS6MmshRXQXbwSSpDqxgjjohbKRSyFEgj0ZMcLwazRW7n-J76hxQJapOQNkTDkg1ugNRnJM6QW8Mr9mby9BcPulBatSjkmruOYiUxeNB1fLrIGMU88V_EqYxTf8et-nU-BfpSgyhydhDrrlIzCxwkp2&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmS6MmshRXQXbwSSpDqxgjjohbKRSyFEgj0ZMcLwazRW7n-J76hxQJapOQNkTDkg1ugNRnJM6QW8Mr9mby9BcPulBatSjkmruOYiUxeNB1fLrIGMU88V_EqYxTf8et-nU-BfpSgyhydhDrrlIzCxwkp2%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 84997e47e9603506-WAW
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 78C6 43 B
235 B 34ms
33ms Image
image/gif 35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDGh4oL2NpiTrh7Uv75OvPk&google_cver=1&google_push=AXcoOmSF-1BhQxaM3M6mX3Vs00WFmAdhbMPgDJ_99_qzgf33b-LU4aOobusYccPHh4NtDcwSeAz9Z27wbnaIEUSZzrmpaeAbZkTeK0yQDTphUT-3DOuXJiISzDegfrNeDApKAqVpX8idqhw3qmOSjbsOxDHc
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294535&bpp=221&bdt=162&idt=489&shv=r20240118&mjsv=m202401170101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080442%2C44795922%2C31080557%2C95320377%2C95320890%2C95321627%2C95321862%2C95322162%2C31080557&oid=2&pvsid=1046948045195996&tmod=1940145891&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.b564jzrks8l4&fsb=1&dtd=495
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 17:24:55 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 78C6
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMuKJplgIDAR3svX7Dau6Dk&google_cver=1&google_push=AXcoOmQ2lN266u8bwZvl-h9khG_S4Pye0W4m77619A4R3v_52s7KM7wfP1D6VMAzOLOKck3MDI76o2-H...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzAzNDk2OTI4NDE5MzMwNDcwMg&google_push=AXcoOmQ2lN266u8bwZvl-h9khG_S4Pye0W4m77619A4R3v_52s7KM7wfP1D6VMAzOLOKck3MDI76o2...

170 B
188 B

56ms
55ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzAzNDk2OTI4NDE5MzMwNDcwMg&google_push=AXcoOmQ2lN266u8bwZvl-h9khG_S4Pye0W4m77619A4R3v_52s7KM7wfP1D6VMAzOLOKck3MDI76o2-HK4WTPegAAF_iP59AfUy0lcIs2XZ9tYC8tRiR6Y4vU-7_EGeZDueKp46ojjsiWeQFA0w3dt_SIMi2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294535&bpp=221&bdt=162&idt=489&shv=r20240118&mjsv=m202401170101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080442%2C44795922%2C31080557%2C95320377%2C95320890%2C95321627%2C95321862%2C95322162%2C31080557&oid=2&pvsid=1046948045195996&tmod=1940145891&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.b564jzrks8l4&fsb=1&dtd=495

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzAzNDk2OTI4NDE5MzMwNDcwMg&google_push=AXcoOmQ2lN266u8bwZvl-h9khG_S4Pye0W4m77619A4R3v_52s7KM7wfP1D6VMAzOLOKck3MDI76o2-HK4WTPegAAF_iP59AfUy0lcIs2XZ9tYC8tRiR6Y4vU-7_EGeZDueKp46ojjsiWeQFA0w3dt_SIMi2
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 78C6 43 B
94 B 38ms
37ms Image
image/gif 35.227.252.103
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEH4BgUogcviNaxiIAzXPAvE&google_cver=1&google_push=AXcoOmT7PEvLHQaKgZH7Hk_IGcc1dbypkaqOpqKdPJABWMVYD0tGARiccY3nqjblaf0zto2ZNNuQBfKr5LBHR9pH8UAbk33yi0Qjff0Ia12P9dXtFjwHwI9UQ7L_vC0L5tJaCMRWEMX00jF4dCMOK-pwJsA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294535&bpp=221&bdt=162&idt=489&shv=r20240118&mjsv=m202401170101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080442%2C44795922%2C31080557%2C95320377%2C95320890%2C95321627%2C95321862%2C95322162%2C31080557&oid=2&pvsid=1046948045195996&tmod=1940145891&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.b564jzrks8l4&fsb=1&dtd=495
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 78C6
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOr2ik-KfuQ3KKPGc6XLn8s&google_cver=1&google_push=AXcoOmTGTDcr6U3KmvJbLJiNlrTRAKoM57VbT1feIxJvsLIS87iHBnjzTMTbZXsEYL7IvPgqF91...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJQNzZRV0UtMU4tTDZDNg==&google_push=AXcoOmTGTDcr6U3KmvJbLJiNlrTRAKoM57VbT1feIxJvsLIS87iHBnjzTMTbZXsEYL7IvPgqF91NHsV4tc39gYWgUCYyGVDFAzDCW...

170 B
188 B

56ms
56ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJQNzZRV0UtMU4tTDZDNg==&google_push=AXcoOmTGTDcr6U3KmvJbLJiNlrTRAKoM57VbT1feIxJvsLIS87iHBnjzTMTbZXsEYL7IvPgqF91NHsV4tc39gYWgUCYyGVDFAzDCWVcJQ3WGBAMzMe3hMkqkj4FPNTlo5OyUU1Z_AzNxRdn5XB54D113gE1k

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294535&bpp=221&bdt=162&idt=489&shv=r20240118&mjsv=m202401170101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080442%2C44795922%2C31080557%2C95320377%2C95320890%2C95321627%2C95321862%2C95322162%2C31080557&oid=2&pvsid=1046948045195996&tmod=1940145891&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.b564jzrks8l4&fsb=1&dtd=495

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJQNzZRV0UtMU4tTDZDNg==&google_push=AXcoOmTGTDcr6U3KmvJbLJiNlrTRAKoM57VbT1feIxJvsLIS87iHBnjzTMTbZXsEYL7IvPgqF91NHsV4tc39gYWgUCYyGVDFAzDCWVcJQ3WGBAMzMe3hMkqkj4FPNTlo5OyUU1Z_AzNxRdn5XB54D113gE1k
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ef823186f233724f4775c0c4b9549d14
Expires: 0

GET
H/1.1 200
OK https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 78C6 43 B
235 B 67ms
33ms Image
image/gif 35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEEK3WW-7vhMSs2DVLGRKZJ4&google_cver=1&google_push=AXcoOmQ7QPHX-NursBE6LDLKQ3smDa0067e7VRZn3g5aFc1Ke-vOTNSUckZv_DbUkaHqLZI6rhm1hw8EvIXBfxHCBvEyyveDBo7FfLQ05thMM51Vwu36mtj5Bzn46-7O5u1jzOgjI2ACkWESZN5JwKuruPSMxA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294535&bpp=221&bdt=162&idt=489&shv=r20240118&mjsv=m202401170101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080442%2C44795922%2C31080557%2C95320377%2C95320890%2C95321627%2C95321862%2C95322162%2C31080557&oid=2&pvsid=1046948045195996&tmod=1940145891&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.b564jzrks8l4&fsb=1&dtd=495
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 17:24:55 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 78C6 0
12 B 54ms
54ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I_sO_qPJ0xoA-6psCEZXyObnWXNRNmK_idZHxiuGVbLC_lMWVps1uM4t0vaDTV5zBtGlyN_g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294535&bpp=221&bdt=162&idt=489&shv=r20240118&mjsv=m202401170101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080442%2C44795922%2C31080557%2C95320377%2C95320890%2C95321627%2C95321862%2C95322162%2C31080557&oid=2&pvsid=1046948045195996&tmod=1940145891&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.b564jzrks8l4&fsb=1&dtd=495

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 200 rs Show response
ad4m.at/ Frame 4EA0 1 KB
2 KB 58ms
58ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44700b1233823163b275ef449b07416584e34fcfa84ea278add52634ea3cf4f7

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jWt0ToDPzlK4XcarMjcXYiMPs%2B4OXOzOS0VkuXtUDJ5Mm9e06bosdHgHyYrIZOn%2BrQL0TwWou%2Biicb02JcVxaQlQVHlfViOgyf0K74T3Y5sIlsm95lkphXlpOJji90mcWgJ6nPc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 84997e481e7065e1-FRA
x-backend-server: aa-reachservice-group-europe-west1-pkcl
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 94ms
60ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84997e47bdd965e1-FRA
content-length: 24
content-type: text/plain
date: Mon, 22 Jan 2024 17:24:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=niO4QxMtjfbBcLYt4H%2FyXiNrNvdrjVMS4Fn9nQnov07DJj%2BRCWs8uTpQRLwnDNeM3V2JzCKrpenDQDjs44ZfgXTulZ%2FlP%2BV1RBWp0QLe7aatR9hfTdQpZo43dnq4B1uQWOS%2BPAI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-pkcl

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 345D 17 KB
6 KB 87ms
87ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 17:24:55 GMT

GET
H3 200 lx_970x250_default.js Show response
s0.2mdn.net/creatives/assets/4672102/ Frame C8F3 113 KB
65 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4672102/lx_970x250_default.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4672102/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89ece7b7919103193fd713f49c65147a7284af4523cd0e8a6333c8c5be3fa3f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3073907470465951617/index.html?e=69&leftOffset=0&topOffset=0&c=dkS7Cy6bQQ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:19:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 329
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66816
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 14:09:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 Jan 2024 17:34:26 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D5B6 0
19 B 96ms
96ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFx8a56SuZbbiBtqB2OMPraGbqASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEyAFP0CLwbcVPhywP0kqjbdckMsufEgxLJUvhALU1EiAauMzhctzW9K2JcdMD9XgxPvQKpxa3rwogLSs1jUPny4TpILPGwzwmhGCqEIe4R29nXz-gd3RkxMgLJRkoNnuLkdb_lN9Eeci9kV6i9MeI7ePfSz55-pJ43AZr-v4m6JKC_PnyMWLH8gFDawgfK04njizOzKe2LDWqOwBtDBZ_BYqzXEmHTmMmoMxXsEe9_UrDK4zoJzHi17VMz5FsnMlAmSuAg_Vicpjj5oAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOX82N3B8YMDgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU4ODQyOTQ0NzkzOTE2MzgYmdIh&sigh=4wFAebj_C_A&uach_m=%5BUACH%5D&cid=CAQSKQAvHhf_ubUe4KGUfchSZp2FPHP6m6CvooUpVC_wPtRN9OJsgudEALxwGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046725&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294638&bpp=155&bdt=140&idt=351&shv=r20240118&mjsv=m202401170101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C44809531%2C31080505%2C95321958%2C95320869%2C95321626%2C95322163&oid=2&pvsid=2447506523472180&tmod=8997992&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.h682mv4gzvku&fsb=1&dtd=357
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 22 Jan 2024 17:24:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame D5B6 0
39 B 64ms
63ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1j87kcc15pb0cxfg3gkc0ty09njyzfng0e18ak1xk8mmkqv28wzn953vkn8nysp4eem451v64nye3rj8hkrnk6brzz4k96awt3r711zv9ax1vcrkmcnpjcvbf5gpx4102rc8mhfe2ndksb6wqmz9khz8br3a3ffdyks263jzam9nppxyzdtkkhw9s2pqvqe47bx8f713ej5b1hy9f2nv5cjddhtnq4j4fzsge6fewen533fw21tapk3rgttjzcp74a6vy2rj7dag4jhyf5mg7mm2yp8ak83k9wp7jv5wtzfrjhzbznxkn56t5698t9k027aeh8f28trv2egp7fgd7eqtaqdxttaj9wedej135ardp2f9yvf2jr5rrcqdj38b9eqvhcqkmcf6ye8&b=Za6k5wABsTYGdgDaAAbQrWVbwBfHLDh9WFXxWA&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046725&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294638&bpp=155&bdt=140&idt=351&shv=r20240118&mjsv=m202401170101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C44809531%2C31080505%2C95321958%2C95320869%2C95321626%2C95322163&oid=2&pvsid=2447506523472180&tmod=8997992&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.h682mv4gzvku&fsb=1&dtd=357
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 22 Jan 2024 17:24:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame D132 2 KB
1 KB 41ms
40ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2080149
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 84997e47bf353a8e-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Mon, 22 Jan 2024 17:24:55 GMT
expires: Wed, 29 Nov 2023 11:19:10 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QPOQYiWzoVvBL8%2BhvMIwqJfOoWGC6q8cHyeDjsJtFG2v3yAJn3Kh97d99EC4e7IOr68tNOYHeiaD2d5UmKxRJ1bSsHpJ69au60sEiboFN3L4Hou3eVP9A1fevMR60X8m8etIeHQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1DC7 17 KB
6 KB 116ms
116ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 17:24:55 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C8F3 17 KB
6 KB 124ms
124ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 17:24:55 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3F10 0
0 90ms
90ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstv91kIBDf93A-50H_Tj7kPc3Usnz2Cb9CVjdHTcjVdRFCY38Gy5VBszlrOjCzqt5Y9J2rlb8T40teIy8AOgR_wkh0vZJvgg70-AVxNGWAqbqCgp-H7NPTzpjFGeLxXkxS3bqPXAtEqZ6saO27temLU3COGio-YDtB0Iovm-UiLlvI8kXG2u3_1tb3m1CvS8kiSAgJScf8yEQPUkQxu0oppnwvrt7uvYWCK5kCwQ8EKHbNg__3dURlo8EGtBHw7KyW5DqzbBRAq6a86UTJY-7_PneqNUP3SMclqB0BlON92rsou4_0zKc0OTBDUgLKjYar_oWug4mmqXsyAR3O86DAsCEsxQzViZIRMoroxqHpYbgEh6f2eWh_kJdZYlMIY8BtgIJX-8R65l4XCMPrb5A&sai=AMfl-YSRfhh9BaG4-HPtvooSVWDHddAaR4TNaYAkUZirCKhBFVqkqSQC1v6bV2_4c73G1U86fUPfKuTQsqXEx-M&sig=Cg0ArKJSzMByK8hHnz54EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 22 Jan 2024 17:24:55 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3F10 16 KB
12 KB 103ms
103ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240118&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

933d9985002878b2cb83a602907207484151629455a23934ecc7c963cd36c3cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12185
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3397 0
19 B 95ms
95ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CC_Kv56SuZcTYCIqp2OMP5-yGwA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQI2xPCRH0eyPqgDAcgDAqoEyQFP0K-1bRdqEeypw1Hr8pUUUpf_ZUzytCf8WIlpqUbKM5aMPiK7P5kPSAYjP0LGDMcfHIdg6xFccBHQKVZmxQgGRpJA4Nek6G2cJ74AlkfQK9gBpK50yLiM2licb3E86OAX1Ll6l2yq0P7dQwqE0QfUPad-irkA-HsMWeiKiKIcYph0sgdpXLU6vyjpfPsm1R_b6fdoTi-XiEKiIVi0-W25KfCncYIc5kQrlvM1zLvR-65ryvi_5d0kpI5cAqhcKzNuRbNyO9409hGABrfQqsvZtM-hTaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlicjdvdwfGDA4AKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01ODg0Mjk0NDc5MzkxNjM4GJnSIQ&sigh=LX3jGp2GIFU&uach_m=%5BUACH%5D&cid=CAQSKQAvHhf_jX0W6CFybJ4vOVqEfwGBgzoE_IUvv502vtfZ5K3Y3cPo5fogGAE&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294535&bpp=221&bdt=162&idt=489&shv=r20240118&mjsv=m202401170101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080442%2C44795922%2C31080557%2C95320377%2C95320890%2C95321627%2C95321862%2C95322162%2C31080557&oid=2&pvsid=1046948045195996&tmod=1940145891&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.b564jzrks8l4&fsb=1&dtd=495

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294535&bpp=221&bdt=162&idt=489&shv=r20240118&mjsv=m202401170101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080442%2C44795922%2C31080557%2C95320377%2C95320890%2C95321627%2C95321862%2C95322162%2C31080557&oid=2&pvsid=1046948045195996&tmod=1940145891&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.b564jzrks8l4&fsb=1&dtd=495
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 22 Jan 2024 17:24:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 3397 0
39 B 66ms
66ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kf0vbj0cbz4de1hvptgcgk2ctt6ekcea6td07dkj6kebkxdsnvv7vvt1s86wvjsrevd7b7ptvw92spmk0772ad3ctevzprtm8d9g5xkdvpq3pj1s7jh66m1y9m8gz93dm31dv8w8asaxatwcs82dvjc4wtwd1sg1btvxwbtwfhsj9kkfzhq3vw2e3m905mjvteqh1nzjjsksrg01z6w0pavnjxg64nvbmn4sw321sya2qz30vce39s9gprdvcks77gca83kwy22rtf1y6saww8nxeb4dxax670qr0913jb2k20c809yz3249b97nqzjewm0nrqre8ez0c5ndrnyky1gxs1ba6e53ab5mfvkvyvdf9k9qzj6tqfz44rrckdztq6be48nd27k4x8&b=Za6k5wACLEQGdhSKAAG2Z89vd6p_WwVBdhlIxQ&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944294535&bpp=221&bdt=162&idt=489&shv=r20240118&mjsv=m202401170101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2623970267&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759875%2C44759926%2C44759837%2C31080442%2C44795922%2C31080557%2C95320377%2C95320890%2C95321627%2C95321862%2C95322162%2C31080557&oid=2&pvsid=1046948045195996&tmod=1940145891&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.b564jzrks8l4&fsb=1&dtd=495
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 22 Jan 2024 17:24:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 8146 2 KB
1 KB 40ms
40ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2080149
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 84997e47ef733a8e-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Mon, 22 Jan 2024 17:24:55 GMT
expires: Wed, 29 Nov 2023 11:19:10 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DyWSLSZiicsU%2FVgcnbUv9oXbgf2M1zOUnueo5cg6mKoc9GlY4C2lHpD%2BvdeasFJaDu9Jq96zjrKqkThikf19fV8vpP5WLcIoUh%2BKcJPwzkaFAkbfIvgv4otS%2B8p8zXeuFo116m0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame B879 1 KB
1 KB 58ms
58ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ad8f1977f03578b7a5822a6b9aea59d9a5c136dfb57ea1f6f720afbcb0b513e

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dGe0RF%2F2mFCLgGNlR6313NTTHTdFRtr2lkSln90a4hvKPWThBZJsZPbsIzZFAsGGRmtOT7MgSlN77SoGMUWx4Efl15Ajphy9wVvzkZV4ftDL5b966vokFsH5hlJnMa%2BCStge%2Fbw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 84997e486ee665e1-FRA
x-backend-server: aa-reachservice-group-europe-west1-pkcl
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 59ms
58ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84997e480e6565e1-FRA
content-length: 24
content-type: text/plain
date: Mon, 22 Jan 2024 17:24:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jEOpN4%2FoxEzUT3I4Lg3VH0LUa2ZisOr0BO6r%2B1M7LGKjx6Br6OAQK10abPxEz7VHMmytl96hEgk1YQNRw4xv3qzzf9xETa895LVUfs5QOXaBS%2Fo5recyNFs3ugqVppH19RJeuww%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-pkcl

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 997D 13 KB
5 KB 56ms
56ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 26108
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 10:09:47 GMT
expires: Tue, 21 Jan 2025 10:09:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 32BA 829 B
559 B 66ms
66ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4ad77e5720212532738f16bf5d23e1303d984d0d14b396da32f00018e70ab91d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4fKIO17uwfWhCeVLsapSZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-4fKIO17uwfWhCeVLsapSZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:55 GMT
expires: Mon, 22 Jan 2024 17:24:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 55ms
55ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84997e483e9b65e1-FRA
content-length: 24
content-type: text/plain
date: Mon, 22 Jan 2024 17:24:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSDhkVYwlmT%2FMzqJQS4wXnVfkfZU5Fc07no12Y%2Bg04DJm6JJJ8zhJdBqBMX0s6diRZu%2FCC%2F%2FNSNSVJ%2FY7BGCX%2Fjw7ko5SH%2BROrijRaAwEO%2B2spOy%2BG4oeNdmnqiBYSh3XX1t0mo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-pkcl

POST
H3 200 rs Show response
ad4m.at/ Frame D3DA 1 KB
1 KB 64ms
64ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98472aca1751533477d796babf3f0280fa5535001795bba67124335dd0dc0d5b

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FRD71kf7N1ESLfemqjazw4fsAPIOrU36lZyRknEh%2F8vCrfR2400WaP%2BOBNvfHn1PU2vx%2BHsWzdjJ34dU9RG%2BNUERlqYNWHktUHBHmxZPX9FfJn%2B%2Fy3lvoXTRROLhu9ms%2BQ7jbHY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 84997e488f2b65e1-FRA
x-backend-server: aa-reachservice-group-europe-west1-pkcl
alt-svc: h3=":443"; ma=86400

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3F06 0
0 93ms
93ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstuDKZUrQURIMXyPZs2eAW2seMf57jdWkzm1egSaWU1y8nnYA7HpTFTiiABrveqwo6rug86NZY6L16ZXMK4jI9AJD1KYDrjwtO2AlOOdzWuFLmf3-ExTLNFgdOrEtT3N40st9_0DY7uzReirOC45KTwp1MugKhM7nkmbmsmxe4NdElBRYezLrRTiRrx6WXE2DadRxlC_f2mE9mzE31sWI7yDYV2zCTRoAAyxsN1uWiRU9b4QXmL0G1ROStn2Wph9iYYo-pezDNthhYDiaJB5bP6-J4_rVJVk4qIM2tbGoYPjPGuksVRK0_5hS56OPqj0EW7OKbqV0phJhInpoTVYbP4dM_CiAovMgtyAlxIGK5maNajAlQaDixj6Fv9LFk_J3fPNbVvUnLMsrkatubtIQ&sai=AMfl-YSasElaCDpA-X2qxEaBQ8tITVNLCF2bsFaQKrrO-FPUQmZ4aLTHmWOCJoUEyVOnNqL7lLPx8u2XFrZeHjY&sig=Cg0ArKJSzA9vadA_e1R6EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 22 Jan 2024 17:24:55 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3F06 16 KB
12 KB 100ms
100ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240118&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

381232d2c2abe63e0ab584724b576679821605344ee9e94b54269b09b3c39768

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12194
x-xss-protection: 0

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 2504 11 KB
5 KB 55ms
55ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862%2C765%2C537178&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CEjgSDfEfARG7szHAHjt4t4AQTKSVTYr3hBgQ5&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CADYaYfqfbZr3UAHRH4tMCM7duRS4TRrAH3JMm&c=120&d=600&e=&g=13291a614db78136b0d985e7953fed26%2F17624810589492035411&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705944295695&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfy24v0cnz41h3mrrw4xc666b59a35b91ss0fbbxtny7reqzkms7h663qrdhga9jphyw5261ne4e81bfktravk2getcr4w3krj9qcv3da2g7ca1dtn7xesz42jn2ky0fhx2n37tc9vjrqgcqv03zcefh80t14gq7tfc050ct79wrt733azwjc32qschnvxcfyk27aemej67vx98vjp1q10g4ha6f40atnaen36zcxq2k4thae0vxb8g4ndq5an6hqxe89dq1mz2f7s0aa21dnba%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCy3H95qSuZeaHNp7sn88P_vSL-AuQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEzAFP0FfU1Xh-RLhb93SFEgyWuRhk06kvnDHHQ5bHTne0qheFxAwPDwf6ouBhH8rHGG3XJFGelrZD8Vv8or3PbZ0g2Pvob40qa8hAnl9r7f_LIfTfuGPc1zw1u2O4WfI0XSMDqjrU_s8Mxe53yXobj3hDkyagqx-TCApuaG-05sHYS-0T8KoaXQ2b4L_9FXtkH3elcEYBd6syL-0rjbrMRCiDiwlBlo-vQPgBxEgnG9qq22gfQrObPgxt2aTf_TZzsNH38RQrklZI2JfLl4qABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliarMvdwfGDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Yz3mf4LaAWe-ukvWeiU62pyuBGA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

576344e4303afb0331fc64176138c1e308271b5198032d20dccd114e7d81ad55

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jse48w4jcg4dfs1ehbt07883vwzr5b2n0mt0s50mrexkqz963tt5caj4frm5ey8dscknktyve08a8hbxpjwyw8kg2h1bxj2t4szqrf4fwq1rpmay1prsm2296v7y4f50rxqmjptpqxfc0c493ygdjy6rqqe4n61cm4r5pnh6zhmxw6pf3eqeyfw14e9pgjdbhx9kezp2pw07aaqvbm0tsmexrsh18c9ns5vp3bandpqxmbm3ea51ynyytz9g9w538bpd6nkefqg3dmn9r0dq7p159fwdc6m19zd83bkayd03vbstfsz9pfzekb134g5vak83rb2zdbpybspvam84n55yjp07sb5hqfhp3wvnetsxaqnhqrk5ha2n7vwzf7rm3r9hjvp31pyhtvch9vzgqhhdntny60pek9g9yq1tdpcf3mmvwcz9d82h9v2b3t0jtrn2922g4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCy3H95qSuZeaHNp7sn88P_vSL-AuQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEzAFP0FfU1Xh-RLhb93SFEgyWuRhk06kvnDHHQ5bHTne0qheFxAwPDwf6ouBhH8rHGG3XJFGelrZD8Vv8or3PbZ0g2Pvob40qa8hAnl9r7f_LIfTfuGPc1zw1u2O4WfI0XSMDqjrU_s8Mxe53yXobj3hDkyagqx-TCApuaG-05sHYS-0T8KoaXQ2b4L_9FXtkH3elcEYBd6syL-0rjbrMRCiDiwlBlo-vQPgBxEgnG9qq22gfQrObPgxt2aTf_TZzsNH38RQrklZI2JfLl4qABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliarMvdwfGDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Yz3mf4LaAWe-ukvWeiU62pyuBGA%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84997e48784c3a8e-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:55 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 997D 39 KB
15 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 09:54:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Jan 2025 09:54:39 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F56A 0
0 90ms
90ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsth-e8iPbKRgz7wVMA1EYDJbhhCggO8hrX-Yc7vd52z2KeU9vTxAmpeVe9JtW1YWw6F3c8L_tpV1It00Fva2-CO87dsusIeFwjz370PwQur_XhHq34yZu4Gel9fEHKrPGmaRftazIOOz1Dy7qGqAIW-1_viF0Vwi0RWV0SduKV7dU9FhrPD2EGJYN3pefbNQp7UFIXKvRK9e-aBM-vwGcEGph2p5PPNQEzgZC9KfiNX9dLBCn-99WaulR2jPXNevvnChSErQGU4ltOY06vvSB4I89s3odIgpPpnN72JIiKaoKSoq3z0wYocOExSAmTBu9fFVtXpE2EWZ_xUAsQ1pjuYCwLYSNzJnJnMsBx6v7DVMV9BD7opNabiu2pyycSPa6yHZtGk6okCiVkjJbnKaw&sai=AMfl-YSoLOOALuWkDe8TC_FGmv1u8wJwUhRm7l4HBiYtjMpGB65EQsDrOSLDRG_LW174m1uFdmIUXIxu4hpiPdQ&sig=Cg0ArKJSzGhCTnzZCwJMEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 22 Jan 2024 17:24:55 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F56A 16 KB
12 KB 101ms
101ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240118&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41299fba41f71ca08502042a20505807e595df9bf997248f4f4e2cc5ecc1cfc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12108
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 32BA 0
0 202ms
201ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240118&jk=3736950477463667&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3F10 17 KB
6 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 17:24:55 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FAF5 13 KB
5 KB 56ms
56ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 26108
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 10:09:47 GMT
expires: Tue, 21 Jan 2025 10:09:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5756 829 B
561 B 65ms
65ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

79a4ee5fa6a15fbae55eea751a98c49c19bc62f20c2088918336cbcf6a21b178

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jh_4AG6G-h-fUPmYYnke3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-jh_4AG6G-h-fUPmYYnke3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:55 GMT
expires: Mon, 22 Jan 2024 17:24:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 1A95 39 KB
15 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 09:54:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Jan 2025 09:54:39 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame B282 3 KB
3 KB 52ms
51ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=12798&b=13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7dr&f=wAjudfjfZk3SEHRH2tEC4m9hzSATmrZTKJQ1&c=300&d=50&e=&g=4236919d0fe064802313eda6aa248b3c%2F3756930811364068977&i=20363&j=24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705944295748&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzfsn4hex4gd46jr363bd6pn63dhmwkvj1ttqxnnt8g40h07tmgp1wj1xd77x1wb2qn4x4ptnjvztxwhkm1qg2t820xv5cxj48kh9gndsxevegeze0jdarg2gpqrcs1rea84ynffzd0vdnqe28gm9jpek5xcknxj76s6m8sep9knnksr84f6jk75cfqmw8c241na7ad56wfzhy0141ndt6x11bs2aed20jbtmkagy6vg48hjg4fh0zybdrtczdjbn275ys0e1f756fgy8k095je%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC88op56SuZbbiBtqB2OMPraGbqASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEywFP0CLwbcVPhywP0kqjbdckMsufEgxLJUvhALU1EiAauMzhctzW9K2JcdMD9XgxPvQKpxa3rwogLSs1jUPny4TpILPGwzwmhGCqEIe4R29nXz-gd3RkxMgLJRkoNnuLkdb_lN9Eeci9kV6i9MeI7ePfSz55-pJ43AZr-v4m6JKC_PnyMWLH8gFDawgfK04njizOzKe2LDWqOwBtDBZ_BYqzXEnFTEK0dzXQ8I86tdwZYh4aHiXoer9i10zsXoDSYb-er-23rgejLo8NnYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOX82N3B8YMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2rU2olbqdwuMKnBEpy3AxoiKz0Ug%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fb7ec6f047fb6fb6887ee3f4561e828c9cae980a040d85346d1805759756645

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1kaqpxqa535va8f9h53e4x0s1zt11fh9c63xx99738mnqt3tt9abjezvjmr2eecbxwks80mqshs0gek6h4pztrqq97vacd6qw0s5812n8y2feacc1q56g0rkfg07svcb61hv9gf4qds5m5k4r2gknfvkgn0a7sas8zewt4d02yd31enet1qwgnn7hqwdxfna71fa9zb0wn2gyrbvbrhc9mp3q6vbrbxtdv0m5t7qnsbnypa79chqnkcwdg65jtdj89jr4n6w9ke1dxvq4cdesdebr2fegajy7t6v15yvheswjpccjpvy3hq5nwbhnhrbd27hq6rak95xsab9avh7y4gtm9vv8kp7saq7kx5rm1hbp3dbtfph3f2zvzc9s71gfykkrj6pw64q0c9p14c3q3n0csf5hjdpza92w4hgz6h7gcdekqkj31xzgby06sezbnqthm7m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC88op56SuZbbiBtqB2OMPraGbqASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEywFP0CLwbcVPhywP0kqjbdckMsufEgxLJUvhALU1EiAauMzhctzW9K2JcdMD9XgxPvQKpxa3rwogLSs1jUPny4TpILPGwzwmhGCqEIe4R29nXz-gd3RkxMgLJRkoNnuLkdb_lN9Eeci9kV6i9MeI7ePfSz55-pJ43AZr-v4m6JKC_PnyMWLH8gFDawgfK04njizOzKe2LDWqOwBtDBZ_BYqzXEnFTEK0dzXQ8I86tdwZYh4aHiXoer9i10zsXoDSYb-er-23rgejLo8NnYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOX82N3B8YMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rU2olbqdwuMKnBEpy3AxoiKz0Ug%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84997e48c8bb3a8e-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:55 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 2504 115 KB
14 KB 43ms
43ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C765%2C537178&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CEjgSDfEfARG7szHAHjt4t4AQTKSVTYr3hBgQ5&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CADYaYfqfbZr3UAHRH4tMCM7duRS4TRrAH3JMm&c=120&d=600&e=&g=13291a614db78136b0d985e7953fed26%2F17624810589492035411&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705944295695&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfy24v0cnz41h3mrrw4xc666b59a35b91ss0fbbxtny7reqzkms7h663qrdhga9jphyw5261ne4e81bfktravk2getcr4w3krj9qcv3da2g7ca1dtn7xesz42jn2ky0fhx2n37tc9vjrqgcqv03zcefh80t14gq7tfc050ct79wrt733azwjc32qschnvxcfyk27aemej67vx98vjp1q10g4ha6f40atnaen36zcxq2k4thae0vxb8g4ndq5an6hqxe89dq1mz2f7s0aa21dnba%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCy3H95qSuZeaHNp7sn88P_vSL-AuQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEzAFP0FfU1Xh-RLhb93SFEgyWuRhk06kvnDHHQ5bHTne0qheFxAwPDwf6ouBhH8rHGG3XJFGelrZD8Vv8or3PbZ0g2Pvob40qa8hAnl9r7f_LIfTfuGPc1zw1u2O4WfI0XSMDqjrU_s8Mxe53yXobj3hDkyagqx-TCApuaG-05sHYS-0T8KoaXQ2b4L_9FXtkH3elcEYBd6syL-0rjbrMRCiDiwlBlo-vQPgBxEgnG9qq22gfQrObPgxt2aTf_TZzsNH38RQrklZI2JfLl4qABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliarMvdwfGDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Yz3mf4LaAWe-ukvWeiU62pyuBGA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862%2C765%2C537178&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CEjgSDfEfARG7szHAHjt4t4AQTKSVTYr3hBgQ5&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CADYaYfqfbZr3UAHRH4tMCM7duRS4TRrAH3JMm&c=120&d=600&e=&g=13291a614db78136b0d985e7953fed26%2F17624810589492035411&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705944295695&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfy24v0cnz41h3mrrw4xc666b59a35b91ss0fbbxtny7reqzkms7h663qrdhga9jphyw5261ne4e81bfktravk2getcr4w3krj9qcv3da2g7ca1dtn7xesz42jn2ky0fhx2n37tc9vjrqgcqv03zcefh80t14gq7tfc050ct79wrt733azwjc32qschnvxcfyk27aemej67vx98vjp1q10g4ha6f40atnaen36zcxq2k4thae0vxb8g4ndq5an6hqxe89dq1mz2f7s0aa21dnba%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCy3H95qSuZeaHNp7sn88P_vSL-AuQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEzAFP0FfU1Xh-RLhb93SFEgyWuRhk06kvnDHHQ5bHTne0qheFxAwPDwf6ouBhH8rHGG3XJFGelrZD8Vv8or3PbZ0g2Pvob40qa8hAnl9r7f_LIfTfuGPc1zw1u2O4WfI0XSMDqjrU_s8Mxe53yXobj3hDkyagqx-TCApuaG-05sHYS-0T8KoaXQ2b4L_9FXtkH3elcEYBd6syL-0rjbrMRCiDiwlBlo-vQPgBxEgnG9qq22gfQrObPgxt2aTf_TZzsNH38RQrklZI2JfLl4qABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliarMvdwfGDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Yz3mf4LaAWe-ukvWeiU62pyuBGA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 728610
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KpN0dTzqSwzEkDaFSry6yaW4%2BxHGY5kuIy%2FAAmIXNc50pQQYxJsQqIZPdp4Gk9MEWV81BlLSZTKQtllQai7d9ApXarCNsD1EJrdfL0NWQkSr7dAbxDueBoaJ6qs3CgKRPgmgjQ3GCgs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 84997e48c8c53a8e-FRA
expires: Tue, 23 Jan 2024 17:24:55 GMT

GET
H2 200 AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
assets.ad4m.at/logo/ Frame 2504 8 KB
8 KB 59ms
50ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C765%2C537178&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CEjgSDfEfARG7szHAHjt4t4AQTKSVTYr3hBgQ5&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CADYaYfqfbZr3UAHRH4tMCM7duRS4TRrAH3JMm&c=120&d=600&e=&g=13291a614db78136b0d985e7953fed26%2F17624810589492035411&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705944295695&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfy24v0cnz41h3mrrw4xc666b59a35b91ss0fbbxtny7reqzkms7h663qrdhga9jphyw5261ne4e81bfktravk2getcr4w3krj9qcv3da2g7ca1dtn7xesz42jn2ky0fhx2n37tc9vjrqgcqv03zcefh80t14gq7tfc050ct79wrt733azwjc32qschnvxcfyk27aemej67vx98vjp1q10g4ha6f40atnaen36zcxq2k4thae0vxb8g4ndq5an6hqxe89dq1mz2f7s0aa21dnba%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCy3H95qSuZeaHNp7sn88P_vSL-AuQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEzAFP0FfU1Xh-RLhb93SFEgyWuRhk06kvnDHHQ5bHTne0qheFxAwPDwf6ouBhH8rHGG3XJFGelrZD8Vv8or3PbZ0g2Pvob40qa8hAnl9r7f_LIfTfuGPc1zw1u2O4WfI0XSMDqjrU_s8Mxe53yXobj3hDkyagqx-TCApuaG-05sHYS-0T8KoaXQ2b4L_9FXtkH3elcEYBd6syL-0rjbrMRCiDiwlBlo-vQPgBxEgnG9qq22gfQrObPgxt2aTf_TZzsNH38RQrklZI2JfLl4qABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliarMvdwfGDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Yz3mf4LaAWe-ukvWeiU62pyuBGA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1126261762db36bce53560ac36f5ede1954662d33a6d6eeb62d84b715070e7bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 245789
cf-polished: qual=85, origFmt=jpeg, origSize=10446
alt-svc: h3=":443"; ma=86400
content-length: 7728
cf-bgj: imgq:85,h2pri
last-modified: Sat, 04 Nov 2023 16:41:23 GMT
server: cloudflare
etag: "bddcb815cd8abad672404f9cdec6f97c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WktKCHLJjw8uzbaAyPdmE%2B9nKktPZ30Ixf4M6htWE8hyzgfbvGKejX1gXfiIVnQumqN9YtO7KKQhhBaYypitz53jcC9Wvov6321llGmeASCzMWEwlvAwzP8KHGl0jgblZw9ox0TP4DJMEoSz"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84997e48df803aa3-FRA

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 2504 11 KB
11 KB 89ms
79ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C765%2C537178&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CEjgSDfEfARG7szHAHjt4t4AQTKSVTYr3hBgQ5&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CADYaYfqfbZr3UAHRH4tMCM7duRS4TRrAH3JMm&c=120&d=600&e=&g=13291a614db78136b0d985e7953fed26%2F17624810589492035411&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705944295695&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfy24v0cnz41h3mrrw4xc666b59a35b91ss0fbbxtny7reqzkms7h663qrdhga9jphyw5261ne4e81bfktravk2getcr4w3krj9qcv3da2g7ca1dtn7xesz42jn2ky0fhx2n37tc9vjrqgcqv03zcefh80t14gq7tfc050ct79wrt733azwjc32qschnvxcfyk27aemej67vx98vjp1q10g4ha6f40atnaen36zcxq2k4thae0vxb8g4ndq5an6hqxe89dq1mz2f7s0aa21dnba%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCy3H95qSuZeaHNp7sn88P_vSL-AuQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEzAFP0FfU1Xh-RLhb93SFEgyWuRhk06kvnDHHQ5bHTne0qheFxAwPDwf6ouBhH8rHGG3XJFGelrZD8Vv8or3PbZ0g2Pvob40qa8hAnl9r7f_LIfTfuGPc1zw1u2O4WfI0XSMDqjrU_s8Mxe53yXobj3hDkyagqx-TCApuaG-05sHYS-0T8KoaXQ2b4L_9FXtkH3elcEYBd6syL-0rjbrMRCiDiwlBlo-vQPgBxEgnG9qq22gfQrObPgxt2aTf_TZzsNH38RQrklZI2JfLl4qABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliarMvdwfGDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Yz3mf4LaAWe-ukvWeiU62pyuBGA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7f7f5265aeb0202ce88e8a6dfcc0ca25a7b990bb9ffac2f9e430ae6af2b6154

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 243182
cf-polished: qual=85, origFmt=jpeg, origSize=13532
alt-svc: h3=":443"; ma=86400
content-length: 11268
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Nov 2023 22:13:51 GMT
server: cloudflare
etag: "d9fd29c7a268fd485230a60f0d2e0192"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ww8TO9e6ZyETb0yZQPnB0nHr2zRa8Unfo0uZsnHhU3RlqTFrPooX7UNBH3IOPzbcHDa%2BVzRMy0CIDfj4llv3QYKorEmTsRu417FSJ1BRbZ4O%2Bxcy9E%2FYtkNMYiAKP9JSMW5Nt%2BxdWoRBVBbQ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84997e48df7e3aa3-FRA

GET
H2 200 5BEA37F6D446D4C03B5B8A479BAA7B5322DEA7B4FA3695C41DD3E6D3E6347B5DE247A601FDF909E0717C08186D3BBFC9B7677AEC046BA8D01CF57DDA0A0AE7A5
assets.ad4m.at/logo/ Frame 2504 6 KB
6 KB 52ms
43ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/5BEA37F6D446D4C03B5B8A479BAA7B5322DEA7B4FA3695C41DD3E6D3E6347B5DE247A601FDF909E0717C08186D3BBFC9B7677AEC046BA8D01CF57DDA0A0AE7A5
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C765%2C537178&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CEjgSDfEfARG7szHAHjt4t4AQTKSVTYr3hBgQ5&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CADYaYfqfbZr3UAHRH4tMCM7duRS4TRrAH3JMm&c=120&d=600&e=&g=13291a614db78136b0d985e7953fed26%2F17624810589492035411&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705944295695&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfy24v0cnz41h3mrrw4xc666b59a35b91ss0fbbxtny7reqzkms7h663qrdhga9jphyw5261ne4e81bfktravk2getcr4w3krj9qcv3da2g7ca1dtn7xesz42jn2ky0fhx2n37tc9vjrqgcqv03zcefh80t14gq7tfc050ct79wrt733azwjc32qschnvxcfyk27aemej67vx98vjp1q10g4ha6f40atnaen36zcxq2k4thae0vxb8g4ndq5an6hqxe89dq1mz2f7s0aa21dnba%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCy3H95qSuZeaHNp7sn88P_vSL-AuQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEzAFP0FfU1Xh-RLhb93SFEgyWuRhk06kvnDHHQ5bHTne0qheFxAwPDwf6ouBhH8rHGG3XJFGelrZD8Vv8or3PbZ0g2Pvob40qa8hAnl9r7f_LIfTfuGPc1zw1u2O4WfI0XSMDqjrU_s8Mxe53yXobj3hDkyagqx-TCApuaG-05sHYS-0T8KoaXQ2b4L_9FXtkH3elcEYBd6syL-0rjbrMRCiDiwlBlo-vQPgBxEgnG9qq22gfQrObPgxt2aTf_TZzsNH38RQrklZI2JfLl4qABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliarMvdwfGDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Yz3mf4LaAWe-ukvWeiU62pyuBGA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40803f6727061b25fdffeca62b391f51e86f4656ec71f6748e70adb24e4ef2a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 253582
cf-polished: origFmt=png, origSize=12441
alt-svc: h3=":443"; ma=86400
content-length: 5676
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Oct 2023 15:47:18 GMT
server: cloudflare
etag: "db74c4d3f2426619eeab7362f8f8e9a4"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2FziAQxmeAYM6WPWjJhlLI67Vz6plYWVeqoiTf9%2FQGp8vj3IQmgdPy5qsWnQ8UR74i1PFQrM5rhTORVhOKiHYS4btTHVArR%2B55bX5ecX1q9XfXsGeqt9knhzpbQkP%2FCLCpp3hTKGsV%2BPY%2FBl"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84997e48df7d3aa3-FRA

GET
H2 200 9A6AB5B03987FD43FC0F4811D9BA44190BAE529CC9CDBC80A1EE8AEE414929F6AA6AD8AD382FDF20E7DF4F4A57A5523074CB0D4B7C5049C1CFA10DA8CFB941EF
assets.ad4m.at/product_image/ Frame 2504 35 KB
36 KB 64ms
55ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/9A6AB5B03987FD43FC0F4811D9BA44190BAE529CC9CDBC80A1EE8AEE414929F6AA6AD8AD382FDF20E7DF4F4A57A5523074CB0D4B7C5049C1CFA10DA8CFB941EF
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C765%2C537178&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CEjgSDfEfARG7szHAHjt4t4AQTKSVTYr3hBgQ5&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CADYaYfqfbZr3UAHRH4tMCM7duRS4TRrAH3JMm&c=120&d=600&e=&g=13291a614db78136b0d985e7953fed26%2F17624810589492035411&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705944295695&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfy24v0cnz41h3mrrw4xc666b59a35b91ss0fbbxtny7reqzkms7h663qrdhga9jphyw5261ne4e81bfktravk2getcr4w3krj9qcv3da2g7ca1dtn7xesz42jn2ky0fhx2n37tc9vjrqgcqv03zcefh80t14gq7tfc050ct79wrt733azwjc32qschnvxcfyk27aemej67vx98vjp1q10g4ha6f40atnaen36zcxq2k4thae0vxb8g4ndq5an6hqxe89dq1mz2f7s0aa21dnba%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCy3H95qSuZeaHNp7sn88P_vSL-AuQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEzAFP0FfU1Xh-RLhb93SFEgyWuRhk06kvnDHHQ5bHTne0qheFxAwPDwf6ouBhH8rHGG3XJFGelrZD8Vv8or3PbZ0g2Pvob40qa8hAnl9r7f_LIfTfuGPc1zw1u2O4WfI0XSMDqjrU_s8Mxe53yXobj3hDkyagqx-TCApuaG-05sHYS-0T8KoaXQ2b4L_9FXtkH3elcEYBd6syL-0rjbrMRCiDiwlBlo-vQPgBxEgnG9qq22gfQrObPgxt2aTf_TZzsNH38RQrklZI2JfLl4qABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliarMvdwfGDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Yz3mf4LaAWe-ukvWeiU62pyuBGA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f121a336589baa8e4e36ff8e08c70847b57ad8545b693a2e4e96a0fbda38e42a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 248546
cf-polished: qual=85, origFmt=jpeg, origSize=36074
alt-svc: h3=":443"; ma=86400
content-length: 36044
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Nov 2023 06:27:23 GMT
server: cloudflare
etag: "7850b9052be937f41ce82bc92c12f968"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oTXtdNcIFNvIDJjj9QUatjh8hi2ugbOzZN4KYspP7vzExAYfEDdfubGtlhGmYZClHTuvA8W9zhfYKo6njpi3TND01S8cE8bcWSH7p8K1aYbu1l%2BfbdrnAkdjmIEIcYM5QbB91bm8%2FM%2BshACM"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84997e48df7b3aa3-FRA

GET
H2 200 view
t.adcell.com/p/ Frame 2504 42 B
460 B 152ms
62ms Image
image/gif 2a02:cb40:200::242
SOPRADO-ANY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.adcell.com/p/view?promoId=164800&slotId=46690&pv=1&subId=oneid7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1joneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C765%2C537178&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CEjgSDfEfARG7szHAHjt4t4AQTKSVTYr3hBgQ5&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CADYaYfqfbZr3UAHRH4tMCM7duRS4TRrAH3JMm&c=120&d=600&e=&g=13291a614db78136b0d985e7953fed26%2F17624810589492035411&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705944295695&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfy24v0cnz41h3mrrw4xc666b59a35b91ss0fbbxtny7reqzkms7h663qrdhga9jphyw5261ne4e81bfktravk2getcr4w3krj9qcv3da2g7ca1dtn7xesz42jn2ky0fhx2n37tc9vjrqgcqv03zcefh80t14gq7tfc050ct79wrt733azwjc32qschnvxcfyk27aemej67vx98vjp1q10g4ha6f40atnaen36zcxq2k4thae0vxb8g4ndq5an6hqxe89dq1mz2f7s0aa21dnba%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCy3H95qSuZeaHNp7sn88P_vSL-AuQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEzAFP0FfU1Xh-RLhb93SFEgyWuRhk06kvnDHHQ5bHTne0qheFxAwPDwf6ouBhH8rHGG3XJFGelrZD8Vv8or3PbZ0g2Pvob40qa8hAnl9r7f_LIfTfuGPc1zw1u2O4WfI0XSMDqjrU_s8Mxe53yXobj3hDkyagqx-TCApuaG-05sHYS-0T8KoaXQ2b4L_9FXtkH3elcEYBd6syL-0rjbrMRCiDiwlBlo-vQPgBxEgnG9qq22gfQrObPgxt2aTf_TZzsNH38RQrklZI2JfLl4qABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliarMvdwfGDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Yz3mf4LaAWe-ukvWeiU62pyuBGA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:cb40:200::242 , Germany, ASN20546 (SOPRADO-ANY, DE),

Reverse DNS

Software

myracloud /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:55 GMT
strict-transport-security: max-age=15768000
last-modified: Wed, 11 Jan 2006 12:59:00 GMT
server: myracloud
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 42
expires: Sat, 11 Jan 2003 12:59:00 GMT

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 2504 7 KB
7 KB 53ms
44ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C765%2C537178&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CEjgSDfEfARG7szHAHjt4t4AQTKSVTYr3hBgQ5&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CADYaYfqfbZr3UAHRH4tMCM7duRS4TRrAH3JMm&c=120&d=600&e=&g=13291a614db78136b0d985e7953fed26%2F17624810589492035411&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705944295695&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfy24v0cnz41h3mrrw4xc666b59a35b91ss0fbbxtny7reqzkms7h663qrdhga9jphyw5261ne4e81bfktravk2getcr4w3krj9qcv3da2g7ca1dtn7xesz42jn2ky0fhx2n37tc9vjrqgcqv03zcefh80t14gq7tfc050ct79wrt733azwjc32qschnvxcfyk27aemej67vx98vjp1q10g4ha6f40atnaen36zcxq2k4thae0vxb8g4ndq5an6hqxe89dq1mz2f7s0aa21dnba%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCy3H95qSuZeaHNp7sn88P_vSL-AuQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEzAFP0FfU1Xh-RLhb93SFEgyWuRhk06kvnDHHQ5bHTne0qheFxAwPDwf6ouBhH8rHGG3XJFGelrZD8Vv8or3PbZ0g2Pvob40qa8hAnl9r7f_LIfTfuGPc1zw1u2O4WfI0XSMDqjrU_s8Mxe53yXobj3hDkyagqx-TCApuaG-05sHYS-0T8KoaXQ2b4L_9FXtkH3elcEYBd6syL-0rjbrMRCiDiwlBlo-vQPgBxEgnG9qq22gfQrObPgxt2aTf_TZzsNH38RQrklZI2JfLl4qABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliarMvdwfGDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Yz3mf4LaAWe-ukvWeiU62pyuBGA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 243908
cf-polished: qual=85, origFmt=jpeg, origSize=8714
alt-svc: h3=":443"; ma=86400
content-length: 6672
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 08:50:26 GMT
server: cloudflare
etag: "52953af169f970e1ac17ba40d8c26548"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2BJz00yg6b9D0hevOn3eo1jkOcKroTmEyNswOAcjVg4HeILsQFYzBB4gezbuiavB%2F1HmbKkI8iG4LAqMj03hqvMuM6B%2B84vHR%2BXG78F%2Bu65%2FpoDnmswmttduOSLXi4XHuhKfTQTU859LnOW2"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84997e48df793aa3-FRA

GET
H2 200 E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
assets.ad4m.at/ Frame 2504 25 KB
25 KB 57ms
48ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C765%2C537178&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CEjgSDfEfARG7szHAHjt4t4AQTKSVTYr3hBgQ5&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CADYaYfqfbZr3UAHRH4tMCM7duRS4TRrAH3JMm&c=120&d=600&e=&g=13291a614db78136b0d985e7953fed26%2F17624810589492035411&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705944295695&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfy24v0cnz41h3mrrw4xc666b59a35b91ss0fbbxtny7reqzkms7h663qrdhga9jphyw5261ne4e81bfktravk2getcr4w3krj9qcv3da2g7ca1dtn7xesz42jn2ky0fhx2n37tc9vjrqgcqv03zcefh80t14gq7tfc050ct79wrt733azwjc32qschnvxcfyk27aemej67vx98vjp1q10g4ha6f40atnaen36zcxq2k4thae0vxb8g4ndq5an6hqxe89dq1mz2f7s0aa21dnba%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCy3H95qSuZeaHNp7sn88P_vSL-AuQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEzAFP0FfU1Xh-RLhb93SFEgyWuRhk06kvnDHHQ5bHTne0qheFxAwPDwf6ouBhH8rHGG3XJFGelrZD8Vv8or3PbZ0g2Pvob40qa8hAnl9r7f_LIfTfuGPc1zw1u2O4WfI0XSMDqjrU_s8Mxe53yXobj3hDkyagqx-TCApuaG-05sHYS-0T8KoaXQ2b4L_9FXtkH3elcEYBd6syL-0rjbrMRCiDiwlBlo-vQPgBxEgnG9qq22gfQrObPgxt2aTf_TZzsNH38RQrklZI2JfLl4qABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliarMvdwfGDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Yz3mf4LaAWe-ukvWeiU62pyuBGA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d276da068fea1049fbb29d0aaeda5b9fa8a38e50b3f55741ffe2899cd52e6d5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4093237
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 25413
cf-bgj: imgq:85,h2pri
last-modified: Wed, 06 Dec 2023 08:24:17 GMT
server: cloudflare
etag: "7e811696e8763f5dce86bbb648013620"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hcZ7zSZHHJzZ3FO46RA14GAh%2F0DV311R7OQZZG88QOvHElgi71EJHewXAg1QiQGb0TmG5AqkOwRfem9E9%2Bh41hKd3tAgV56wLkggESGBY9%2BOAHMzSnnp6r912Fl%2F4Uft8P0qdk%2BrMI4tI03"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84997e48df813aa3-FRA

GET
H2

200

ztpv.php
www.conrad.de/ Frame 2504
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidEjgSDfEfARG7szHAHjt4t4AQTKSVTYr3hBgQ5oneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1705944295_29280b41-b94b-11ee-9c4b-223173d2bc6e&insert=AW&&gdpr=0&gdpr_consent=

0
494 B

121ms
47ms

Image
text/html

2606:4700::6810:c0cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1705944295_29280b41-b94b-11ee-9c4b-223173d2bc6e&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Protocol

Server

2606:4700::6810:c0cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:56 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
cf-ray: 84997e4a8bcd3492-WAW
content-length: 0
expires: -1

Redirect headers

Date: Mon, 22 Jan 2024 17:24:55 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1705944295_29280b41-b94b-11ee-9c4b-223173d2bc6e&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame BE32 3 KB
3 KB 52ms
52ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=19769&b=8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=ZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=300&d=50&e=&g=faf03f9df1347a56236bd346e5b43724%2F6460212238187733943&i=21630&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705944295775&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gandr6f7015qkty9h1zwtavr7tx4vrbh225c5m50f5zpnqyechf63cj7t45pg1sxdmxvaad7xg3j40ebe11pbg674a20xm3m6ks9vxh0r1v54r7cdhfy4dq9qh0d4xwqaa9ds2fptm6pmmwx5ahb3zrkrz614j2snjrtvvzegr6hjv6kawyxw3q2d9fr85zz67pm376hedsrtde7hpsqpekfvvmyqk6damv0tj6d1xc0yw7r4a9stww82wvscv2m8cf2fjdc5m50jyznadqw2vr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4C--56SuZcTYCIqp2OMP5-yGwA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQI2xPCRH0eyPqgDAcgDAqoEzAFP0K-1bRdqEeypw1Hr8pUUUpf_ZUzytCf8WIlpqUbKM5aMPiK7P5kPSAYjP0LGDMcfHIdg6xFccBHQKVZmxQgGRpJA4Nek6G2cJ74AlkfQK9gBpK50yLiM2licb3E86OAX1Ll6l2yq0P7dQwqE0QfUPad-irkA-HsMWeiKiKIcYph0sgdpXLU6vyjpfPsm1R_b6fdoTi-XiEKiIVi0-W25KfCnM4A9dJPSEbP9S_NHIef5OMGr73AuipaBgmoVucv6W59q7gKrttn6Kh-ABrfQqsvZtM-hTaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlicjdvdwfGDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2C-Nr0Vd5Yz_vszOA0FfYDSnOX4w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35b4879e99e37de528d52106843e2fe7429d4f13a3e4897c6be11d167ee75d69

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1gcgv3bbbq96xx9t4t1mbvg56cc3w5sq0whq40m6qh2d3j768c3tm42jsts20gqfct4jgmb21dzq5fdmjk1qabrmgt5a34mnk2qjbwe8mv043cma6mwctsnet50kxrx6negdbv2ca6x3dab5v3k745w0x5yj495d23cgt5g104xnk1bfqzpv73fa568nbzf94wcxdwn1gvc9zqdkwkjghs2qb5j0qypv3mwzwq15rp6xech8ha05dgkqxk5fd5h8q2237t74q38kyph3w623fcvz4fdbjgng3hpfg29egap659w3c01915690eaht4xt2xxrj7z9vf8xkwd8vhgb127dfhbs6qbxa8t1t2fxhf9wn0ny8r307qjj7ctjs48z9677ejvwwb6xx2ehp52fs363bp9rhnxj712mcxemq11yzecd37vdm42f47kyw3qfm8rnff66&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4C--56SuZcTYCIqp2OMP5-yGwA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQI2xPCRH0eyPqgDAcgDAqoEzAFP0K-1bRdqEeypw1Hr8pUUUpf_ZUzytCf8WIlpqUbKM5aMPiK7P5kPSAYjP0LGDMcfHIdg6xFccBHQKVZmxQgGRpJA4Nek6G2cJ74AlkfQK9gBpK50yLiM2licb3E86OAX1Ll6l2yq0P7dQwqE0QfUPad-irkA-HsMWeiKiKIcYph0sgdpXLU6vyjpfPsm1R_b6fdoTi-XiEKiIVi0-W25KfCnM4A9dJPSEbP9S_NHIef5OMGr73AuipaBgmoVucv6W59q7gKrttn6Kh-ABrfQqsvZtM-hTaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlicjdvdwfGDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2C-Nr0Vd5Yz_vszOA0FfYDSnOX4w%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84997e48f8f73a8e-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:55 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame FAF5 39 KB
15 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 09:54:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Jan 2025 09:54:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5756 0
0 202ms
201ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240118&jk=2422972194057826&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3F06 17 KB
6 KB 90ms
90ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 17:24:55 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9C2B 13 KB
5 KB 56ms
56ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 26108
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 10:09:47 GMT
expires: Tue, 21 Jan 2025 10:09:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 95B6 829 B
558 B 65ms
65ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bb92aa26cc98e918f266d4ac25043175859c1cde5cd1a728b67d498a9525a5e9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JuId9WnzI-aMgS62prmldA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-JuId9WnzI-aMgS62prmldA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:55 GMT
expires: Mon, 22 Jan 2024 17:24:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame B282 115 KB
14 KB 52ms
52ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=12798&b=13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7dr&f=wAjudfjfZk3SEHRH2tEC4m9hzSATmrZTKJQ1&c=300&d=50&e=&g=4236919d0fe064802313eda6aa248b3c%2F3756930811364068977&i=20363&j=24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705944295748&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzfsn4hex4gd46jr363bd6pn63dhmwkvj1ttqxnnt8g40h07tmgp1wj1xd77x1wb2qn4x4ptnjvztxwhkm1qg2t820xv5cxj48kh9gndsxevegeze0jdarg2gpqrcs1rea84ynffzd0vdnqe28gm9jpek5xcknxj76s6m8sep9knnksr84f6jk75cfqmw8c241na7ad56wfzhy0141ndt6x11bs2aed20jbtmkagy6vg48hjg4fh0zybdrtczdjbn275ys0e1f756fgy8k095je%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC88op56SuZbbiBtqB2OMPraGbqASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEywFP0CLwbcVPhywP0kqjbdckMsufEgxLJUvhALU1EiAauMzhctzW9K2JcdMD9XgxPvQKpxa3rwogLSs1jUPny4TpILPGwzwmhGCqEIe4R29nXz-gd3RkxMgLJRkoNnuLkdb_lN9Eeci9kV6i9MeI7ePfSz55-pJ43AZr-v4m6JKC_PnyMWLH8gFDawgfK04njizOzKe2LDWqOwBtDBZ_BYqzXEnFTEK0dzXQ8I86tdwZYh4aHiXoer9i10zsXoDSYb-er-23rgejLo8NnYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOX82N3B8YMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2rU2olbqdwuMKnBEpy3AxoiKz0Ug%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=12798&b=13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7dr&f=wAjudfjfZk3SEHRH2tEC4m9hzSATmrZTKJQ1&c=300&d=50&e=&g=4236919d0fe064802313eda6aa248b3c%2F3756930811364068977&i=20363&j=24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705944295748&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzfsn4hex4gd46jr363bd6pn63dhmwkvj1ttqxnnt8g40h07tmgp1wj1xd77x1wb2qn4x4ptnjvztxwhkm1qg2t820xv5cxj48kh9gndsxevegeze0jdarg2gpqrcs1rea84ynffzd0vdnqe28gm9jpek5xcknxj76s6m8sep9knnksr84f6jk75cfqmw8c241na7ad56wfzhy0141ndt6x11bs2aed20jbtmkagy6vg48hjg4fh0zybdrtczdjbn275ys0e1f756fgy8k095je%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC88op56SuZbbiBtqB2OMPraGbqASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEywFP0CLwbcVPhywP0kqjbdckMsufEgxLJUvhALU1EiAauMzhctzW9K2JcdMD9XgxPvQKpxa3rwogLSs1jUPny4TpILPGwzwmhGCqEIe4R29nXz-gd3RkxMgLJRkoNnuLkdb_lN9Eeci9kV6i9MeI7ePfSz55-pJ43AZr-v4m6JKC_PnyMWLH8gFDawgfK04njizOzKe2LDWqOwBtDBZ_BYqzXEnFTEK0dzXQ8I86tdwZYh4aHiXoer9i10zsXoDSYb-er-23rgejLo8NnYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOX82N3B8YMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2rU2olbqdwuMKnBEpy3AxoiKz0Ug%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 728610
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EER0ie4t9JyipfoI2WQvQ2iU4oyEWFdJicNtnsmUk18yw11qSw%2FzfhDNUBArHfai5hB2mJNsCe1zievIX1OHT%2BjQyYuLwK5Ix7G1j4b%2B3CR7vF%2BHcXvHsAxeV7SJIwfPE0ee68AWi8E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 84997e4939343a8e-FRA
expires: Tue, 23 Jan 2024 17:24:55 GMT

GET
H3 200 CE6834AD498963D86DCF81CEFC3C8B2F207262F71B4D750782ACC1A1406885822D68122DFB2A560E5E701C233F87E8D5DDF70708DEEF423D7ACE0B4A3456D62C
assets.ad4m.at/logo/ Frame B282 19 KB
20 KB 71ms
70ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CE6834AD498963D86DCF81CEFC3C8B2F207262F71B4D750782ACC1A1406885822D68122DFB2A560E5E701C233F87E8D5DDF70708DEEF423D7ACE0B4A3456D62C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=12798&b=13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7dr&f=wAjudfjfZk3SEHRH2tEC4m9hzSATmrZTKJQ1&c=300&d=50&e=&g=4236919d0fe064802313eda6aa248b3c%2F3756930811364068977&i=20363&j=24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705944295748&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzfsn4hex4gd46jr363bd6pn63dhmwkvj1ttqxnnt8g40h07tmgp1wj1xd77x1wb2qn4x4ptnjvztxwhkm1qg2t820xv5cxj48kh9gndsxevegeze0jdarg2gpqrcs1rea84ynffzd0vdnqe28gm9jpek5xcknxj76s6m8sep9knnksr84f6jk75cfqmw8c241na7ad56wfzhy0141ndt6x11bs2aed20jbtmkagy6vg48hjg4fh0zybdrtczdjbn275ys0e1f756fgy8k095je%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC88op56SuZbbiBtqB2OMPraGbqASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEywFP0CLwbcVPhywP0kqjbdckMsufEgxLJUvhALU1EiAauMzhctzW9K2JcdMD9XgxPvQKpxa3rwogLSs1jUPny4TpILPGwzwmhGCqEIe4R29nXz-gd3RkxMgLJRkoNnuLkdb_lN9Eeci9kV6i9MeI7ePfSz55-pJ43AZr-v4m6JKC_PnyMWLH8gFDawgfK04njizOzKe2LDWqOwBtDBZ_BYqzXEnFTEK0dzXQ8I86tdwZYh4aHiXoer9i10zsXoDSYb-er-23rgejLo8NnYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOX82N3B8YMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2rU2olbqdwuMKnBEpy3AxoiKz0Ug%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0608f1a7ef6606a2cfffc069a4dbfac115530a028c34f41fdee74025a8e041ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 330276
cf-polished: origFmt=png, origSize=22787
alt-svc: h3=":443"; ma=86400
content-length: 19466
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Nov 2023 22:10:05 GMT
server: cloudflare
etag: "4b9704be0737f6ef5c79d5399f862263"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YRf4VF4tcAAk2os1tKWvnkgHt73bnHeA3VULOZ%2FOmiGMNRurRRNLNWS67ibdqfd3GqzPH%2F1u2WCIN1vfdK1BcrxL8zy%2FL0JzKOGE6Wi2W51LEyStzAs%2FcsPuQ8tMN639cwAUpi5jh0ukqJKo"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84997e4939383a8e-FRA

GET
H3 200 4B927AAF30F443F7A88AA5F69050293EE8D5C60E263C40829E029C16040D20F6AE81092D665019CBC0DD839F6AFB90D93F94F73A47C1002601D444B61B1C7967
assets.ad4m.at/ Frame B282 36 KB
37 KB 42ms
42ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/4B927AAF30F443F7A88AA5F69050293EE8D5C60E263C40829E029C16040D20F6AE81092D665019CBC0DD839F6AFB90D93F94F73A47C1002601D444B61B1C7967
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=12798&b=13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7dr&f=wAjudfjfZk3SEHRH2tEC4m9hzSATmrZTKJQ1&c=300&d=50&e=&g=4236919d0fe064802313eda6aa248b3c%2F3756930811364068977&i=20363&j=24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705944295748&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzfsn4hex4gd46jr363bd6pn63dhmwkvj1ttqxnnt8g40h07tmgp1wj1xd77x1wb2qn4x4ptnjvztxwhkm1qg2t820xv5cxj48kh9gndsxevegeze0jdarg2gpqrcs1rea84ynffzd0vdnqe28gm9jpek5xcknxj76s6m8sep9knnksr84f6jk75cfqmw8c241na7ad56wfzhy0141ndt6x11bs2aed20jbtmkagy6vg48hjg4fh0zybdrtczdjbn275ys0e1f756fgy8k095je%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC88op56SuZbbiBtqB2OMPraGbqASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEywFP0CLwbcVPhywP0kqjbdckMsufEgxLJUvhALU1EiAauMzhctzW9K2JcdMD9XgxPvQKpxa3rwogLSs1jUPny4TpILPGwzwmhGCqEIe4R29nXz-gd3RkxMgLJRkoNnuLkdb_lN9Eeci9kV6i9MeI7ePfSz55-pJ43AZr-v4m6JKC_PnyMWLH8gFDawgfK04njizOzKe2LDWqOwBtDBZ_BYqzXEnFTEK0dzXQ8I86tdwZYh4aHiXoer9i10zsXoDSYb-er-23rgejLo8NnYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOX82N3B8YMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2rU2olbqdwuMKnBEpy3AxoiKz0Ug%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c6a31c295e712e8e9e0875189171f743c70a2da3d2b3f975ed577844698fc5f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 958465
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 37180
cf-bgj: imgq:85,h2pri
last-modified: Thu, 11 Jan 2024 15:10:27 GMT
server: cloudflare
etag: "9e3ea7345b998abf34ffc42fd4d7f7df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BMCmoQ%2FtCgVYACj3lmyU7IYpoapSI5BBUQfPDURlSy89ryh8dEnY1GaJk6Pnyueex3IJMriZtxi9%2BnBJyO9e8%2B4wXAToDcvjrvl1vzFqtRLp3xlJJ13u8BIMkWsl8oD7e%2FiSSM4dqdGjosjc"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84997e49393b3a8e-FRA

GET
H/1.1 200
OK af4ff75e9ff0f691fd8dd53e639ddaad Show response
netzwerk.uppr.de/trck/epv/ Frame B282 542 B
1 KB 324ms
231ms Script
application/javascript 147.135.143.66
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://netzwerk.uppr.de/trck/epv/af4ff75e9ff0f691fd8dd53e639ddaad?subid=oneid13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7droneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=12798&b=13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7dr&f=wAjudfjfZk3SEHRH2tEC4m9hzSATmrZTKJQ1&c=300&d=50&e=&g=4236919d0fe064802313eda6aa248b3c%2F3756930811364068977&i=20363&j=24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705944295748&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzfsn4hex4gd46jr363bd6pn63dhmwkvj1ttqxnnt8g40h07tmgp1wj1xd77x1wb2qn4x4ptnjvztxwhkm1qg2t820xv5cxj48kh9gndsxevegeze0jdarg2gpqrcs1rea84ynffzd0vdnqe28gm9jpek5xcknxj76s6m8sep9knnksr84f6jk75cfqmw8c241na7ad56wfzhy0141ndt6x11bs2aed20jbtmkagy6vg48hjg4fh0zybdrtczdjbn275ys0e1f756fgy8k095je%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC88op56SuZbbiBtqB2OMPraGbqASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEywFP0CLwbcVPhywP0kqjbdckMsufEgxLJUvhALU1EiAauMzhctzW9K2JcdMD9XgxPvQKpxa3rwogLSs1jUPny4TpILPGwzwmhGCqEIe4R29nXz-gd3RkxMgLJRkoNnuLkdb_lN9Eeci9kV6i9MeI7ePfSz55-pJ43AZr-v4m6JKC_PnyMWLH8gFDawgfK04njizOzKe2LDWqOwBtDBZ_BYqzXEnFTEK0dzXQ8I86tdwZYh4aHiXoer9i10zsXoDSYb-er-23rgejLo8NnYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOX82N3B8YMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2rU2olbqdwuMKnBEpy3AxoiKz0Ug%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.135.143.66 Montpellier, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: ae06558e4b4f72de2a6008cb633ba3952e1a6ab05ede21c70b5bac8be060f130

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:56 GMT
attribution-reporting-register-source: {"source_event_id":"12200505250107494","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
x-iplb-request-id: C120F8E1:B612_93878F42:01BB_65AEA4E7_17C717C:4AE3
x-iplb-instance: 54193
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
x-https-header: 1
content-length: 542

GET
H2 200 link.html Show response
track.webgains.com/ Frame 2504 2 KB
2 KB 194ms
77ms Script
text/html 13.42.201.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&wgprogramid=286305&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hkkqsr4v1d1pyj2hpmpj74xa3azzbf74qmgz5eba7emjgk9se3tmzdrcpss7r6ja23mnpzs7rz9me2asxgkxf8gna2t6yhryz5gb7eeahe25xz3zdm2ga7fkt701e0znye9yfkxkz5jjjyvy4mzp31sefdj9e3c6v1p9x7mzxay575stf81cwvh6ks1z7p6bj6xpms1d14zyvh3nhwwbygjnjqe2thrahy6kzh0vcsacmx5sxe6xnyd9f0qz3vzx0msc%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kfy24v0cnz41h3mrrw4xc666b59a35b91ss0fbbxtny7reqzkms7h663qrdhga9jphyw5261ne4e81bfktravk2getcr4w3krj9qcv3da2g7ca1dtn7xesz42jn2ky0fhx2n37tc9vjrqgcqv03zcefh80t14gq7tfc050ct79wrt733azwjc32qschnvxcfyk27aemej67vx98vjp1q10g4ha6f40atnaen36zcxq2k4thae0vxb8g4ndq5an6hqxe89dq1mz2f7s0aa21dnba%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCy3H95qSuZeaHNp7sn88P_vSL-AuQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEzAFP0FfU1Xh-RLhb93SFEgyWuRhk06kvnDHHQ5bHTne0qheFxAwPDwf6ouBhH8rHGG3XJFGelrZD8Vv8or3PbZ0g2Pvob40qa8hAnl9r7f_LIfTfuGPc1zw1u2O4WfI0XSMDqjrU_s8Mxe53yXobj3hDkyagqx-TCApuaG-05sHYS-0T8KoaXQ2b4L_9FXtkH3elcEYBd6syL-0rjbrMRCiDiwlBlo-vQPgBxEgnG9qq22gfQrObPgxt2aTf_TZzsNH38RQrklZI2JfLl4qABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliarMvdwfGDA_oLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1Yz3mf4LaAWe-ukvWeiU62pyuBGA%252526client%25253Dca-pub-5884294479391638%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C765%2C537178&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CEjgSDfEfARG7szHAHjt4t4AQTKSVTYr3hBgQ5&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CADYaYfqfbZr3UAHRH4tMCM7duRS4TRrAH3JMm&c=120&d=600&e=&g=13291a614db78136b0d985e7953fed26%2F17624810589492035411&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705944295695&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfy24v0cnz41h3mrrw4xc666b59a35b91ss0fbbxtny7reqzkms7h663qrdhga9jphyw5261ne4e81bfktravk2getcr4w3krj9qcv3da2g7ca1dtn7xesz42jn2ky0fhx2n37tc9vjrqgcqv03zcefh80t14gq7tfc050ct79wrt733azwjc32qschnvxcfyk27aemej67vx98vjp1q10g4ha6f40atnaen36zcxq2k4thae0vxb8g4ndq5an6hqxe89dq1mz2f7s0aa21dnba%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCy3H95qSuZeaHNp7sn88P_vSL-AuQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEzAFP0FfU1Xh-RLhb93SFEgyWuRhk06kvnDHHQ5bHTne0qheFxAwPDwf6ouBhH8rHGG3XJFGelrZD8Vv8or3PbZ0g2Pvob40qa8hAnl9r7f_LIfTfuGPc1zw1u2O4WfI0XSMDqjrU_s8Mxe53yXobj3hDkyagqx-TCApuaG-05sHYS-0T8KoaXQ2b4L_9FXtkH3elcEYBd6syL-0rjbrMRCiDiwlBlo-vQPgBxEgnG9qq22gfQrObPgxt2aTf_TZzsNH38RQrklZI2JfLl4qABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliarMvdwfGDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Yz3mf4LaAWe-ukvWeiU62pyuBGA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.201.144 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-42-201-144.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 01dac0a23f1ab1677d48fad923d2ba0cc16a00bb251f7cbd81fdc96be1a5dd41

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:56 GMT
last-modified: Mon, 22 Jan 2024 17:24:55 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 22 Jan 2024 17:25:55 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F56A 17 KB
6 KB 82ms
81ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 17:24:55 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 997D 0
10 B 56ms
56ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?arjkGg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame BE32 115 KB
14 KB 46ms
46ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769&b=8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=ZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=300&d=50&e=&g=faf03f9df1347a56236bd346e5b43724%2F6460212238187733943&i=21630&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705944295775&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gandr6f7015qkty9h1zwtavr7tx4vrbh225c5m50f5zpnqyechf63cj7t45pg1sxdmxvaad7xg3j40ebe11pbg674a20xm3m6ks9vxh0r1v54r7cdhfy4dq9qh0d4xwqaa9ds2fptm6pmmwx5ahb3zrkrz614j2snjrtvvzegr6hjv6kawyxw3q2d9fr85zz67pm376hedsrtde7hpsqpekfvvmyqk6damv0tj6d1xc0yw7r4a9stww82wvscv2m8cf2fjdc5m50jyznadqw2vr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4C--56SuZcTYCIqp2OMP5-yGwA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQI2xPCRH0eyPqgDAcgDAqoEzAFP0K-1bRdqEeypw1Hr8pUUUpf_ZUzytCf8WIlpqUbKM5aMPiK7P5kPSAYjP0LGDMcfHIdg6xFccBHQKVZmxQgGRpJA4Nek6G2cJ74AlkfQK9gBpK50yLiM2licb3E86OAX1Ll6l2yq0P7dQwqE0QfUPad-irkA-HsMWeiKiKIcYph0sgdpXLU6vyjpfPsm1R_b6fdoTi-XiEKiIVi0-W25KfCnM4A9dJPSEbP9S_NHIef5OMGr73AuipaBgmoVucv6W59q7gKrttn6Kh-ABrfQqsvZtM-hTaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlicjdvdwfGDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2C-Nr0Vd5Yz_vszOA0FfYDSnOX4w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=19769&b=8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=ZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=300&d=50&e=&g=faf03f9df1347a56236bd346e5b43724%2F6460212238187733943&i=21630&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705944295775&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gandr6f7015qkty9h1zwtavr7tx4vrbh225c5m50f5zpnqyechf63cj7t45pg1sxdmxvaad7xg3j40ebe11pbg674a20xm3m6ks9vxh0r1v54r7cdhfy4dq9qh0d4xwqaa9ds2fptm6pmmwx5ahb3zrkrz614j2snjrtvvzegr6hjv6kawyxw3q2d9fr85zz67pm376hedsrtde7hpsqpekfvvmyqk6damv0tj6d1xc0yw7r4a9stww82wvscv2m8cf2fjdc5m50jyznadqw2vr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4C--56SuZcTYCIqp2OMP5-yGwA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQI2xPCRH0eyPqgDAcgDAqoEzAFP0K-1bRdqEeypw1Hr8pUUUpf_ZUzytCf8WIlpqUbKM5aMPiK7P5kPSAYjP0LGDMcfHIdg6xFccBHQKVZmxQgGRpJA4Nek6G2cJ74AlkfQK9gBpK50yLiM2licb3E86OAX1Ll6l2yq0P7dQwqE0QfUPad-irkA-HsMWeiKiKIcYph0sgdpXLU6vyjpfPsm1R_b6fdoTi-XiEKiIVi0-W25KfCnM4A9dJPSEbP9S_NHIef5OMGr73AuipaBgmoVucv6W59q7gKrttn6Kh-ABrfQqsvZtM-hTaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlicjdvdwfGDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2C-Nr0Vd5Yz_vszOA0FfYDSnOX4w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 728610
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NwZrtSdMA8Gojcjoqdq1y8h0lc1HmSvNx0Lr02ebasXV6RuxVxpGt8Sl%2BV9aBRfJ%2Bf44BCfYdpJzgj7b%2FX2bfYFhJVwOis7RtaSClO0Sndh7R2xoc%2BcU9wSL52STUoxIEvMHd0Vr1oo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 84997e4959633a8e-FRA
expires: Tue, 23 Jan 2024 17:24:55 GMT

GET
H3 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame BE32 4 KB
5 KB 73ms
72ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769&b=8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=ZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=300&d=50&e=&g=faf03f9df1347a56236bd346e5b43724%2F6460212238187733943&i=21630&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705944295775&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gandr6f7015qkty9h1zwtavr7tx4vrbh225c5m50f5zpnqyechf63cj7t45pg1sxdmxvaad7xg3j40ebe11pbg674a20xm3m6ks9vxh0r1v54r7cdhfy4dq9qh0d4xwqaa9ds2fptm6pmmwx5ahb3zrkrz614j2snjrtvvzegr6hjv6kawyxw3q2d9fr85zz67pm376hedsrtde7hpsqpekfvvmyqk6damv0tj6d1xc0yw7r4a9stww82wvscv2m8cf2fjdc5m50jyznadqw2vr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4C--56SuZcTYCIqp2OMP5-yGwA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQI2xPCRH0eyPqgDAcgDAqoEzAFP0K-1bRdqEeypw1Hr8pUUUpf_ZUzytCf8WIlpqUbKM5aMPiK7P5kPSAYjP0LGDMcfHIdg6xFccBHQKVZmxQgGRpJA4Nek6G2cJ74AlkfQK9gBpK50yLiM2licb3E86OAX1Ll6l2yq0P7dQwqE0QfUPad-irkA-HsMWeiKiKIcYph0sgdpXLU6vyjpfPsm1R_b6fdoTi-XiEKiIVi0-W25KfCnM4A9dJPSEbP9S_NHIef5OMGr73AuipaBgmoVucv6W59q7gKrttn6Kh-ABrfQqsvZtM-hTaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlicjdvdwfGDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2C-Nr0Vd5Yz_vszOA0FfYDSnOX4w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 246757
cf-polished: qual=85, origFmt=jpeg, origSize=7258
alt-svc: h3=":443"; ma=86400
content-length: 4294
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 09:56:16 GMT
server: cloudflare
etag: "679602b08629bcaaabfcfad4e68fe53a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BWoXc%2F4WLUp5kbX1pB0heNTy4fh7aO98Q6CVyl%2Bft41AAuVu6Z2XEBELGkGNWw6YDWbiddT%2B8y9CfPOAwX4aWnZsDYLkZtFsUBiPGA55S6x2vYkPmOpRmA0LDtRBtylx4e2qvK%2BE45HL%2BFIx"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84997e4959663a8e-FRA

GET
H3 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame BE32 15 KB
16 KB 73ms
73ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769&b=8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=ZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=300&d=50&e=&g=faf03f9df1347a56236bd346e5b43724%2F6460212238187733943&i=21630&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705944295775&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gandr6f7015qkty9h1zwtavr7tx4vrbh225c5m50f5zpnqyechf63cj7t45pg1sxdmxvaad7xg3j40ebe11pbg674a20xm3m6ks9vxh0r1v54r7cdhfy4dq9qh0d4xwqaa9ds2fptm6pmmwx5ahb3zrkrz614j2snjrtvvzegr6hjv6kawyxw3q2d9fr85zz67pm376hedsrtde7hpsqpekfvvmyqk6damv0tj6d1xc0yw7r4a9stww82wvscv2m8cf2fjdc5m50jyznadqw2vr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4C--56SuZcTYCIqp2OMP5-yGwA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQI2xPCRH0eyPqgDAcgDAqoEzAFP0K-1bRdqEeypw1Hr8pUUUpf_ZUzytCf8WIlpqUbKM5aMPiK7P5kPSAYjP0LGDMcfHIdg6xFccBHQKVZmxQgGRpJA4Nek6G2cJ74AlkfQK9gBpK50yLiM2licb3E86OAX1Ll6l2yq0P7dQwqE0QfUPad-irkA-HsMWeiKiKIcYph0sgdpXLU6vyjpfPsm1R_b6fdoTi-XiEKiIVi0-W25KfCnM4A9dJPSEbP9S_NHIef5OMGr73AuipaBgmoVucv6W59q7gKrttn6Kh-ABrfQqsvZtM-hTaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlicjdvdwfGDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2C-Nr0Vd5Yz_vszOA0FfYDSnOX4w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6348091
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 15521
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:09:52 GMT
server: cloudflare
etag: "269bd58060bc660c3aec98b388bae571"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vymSpujwNZASQU4O%2F5%2FsVJL%2Bj5UF78HHdVpWRpjLHslr93Zks6nP8nevd8o%2FUzzWL%2BviiEiNrXn0jlLuLYJj%2BIJhkgBXMAcu9J7V248UiBl7BpvBOByFtSstrM8lj3iPFwU8AdmguiXcxvyx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 84997e4959673a8e-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame BE32 43 B
705 B 233ms
162ms Image
image/gif 23.56.205.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneid8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6Aoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769&b=8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=ZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=300&d=50&e=&g=faf03f9df1347a56236bd346e5b43724%2F6460212238187733943&i=21630&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705944295775&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gandr6f7015qkty9h1zwtavr7tx4vrbh225c5m50f5zpnqyechf63cj7t45pg1sxdmxvaad7xg3j40ebe11pbg674a20xm3m6ks9vxh0r1v54r7cdhfy4dq9qh0d4xwqaa9ds2fptm6pmmwx5ahb3zrkrz614j2snjrtvvzegr6hjv6kawyxw3q2d9fr85zz67pm376hedsrtde7hpsqpekfvvmyqk6damv0tj6d1xc0yw7r4a9stww82wvscv2m8cf2fjdc5m50jyznadqw2vr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC4C--56SuZcTYCIqp2OMP5-yGwA2Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQI2xPCRH0eyPqgDAcgDAqoEzAFP0K-1bRdqEeypw1Hr8pUUUpf_ZUzytCf8WIlpqUbKM5aMPiK7P5kPSAYjP0LGDMcfHIdg6xFccBHQKVZmxQgGRpJA4Nek6G2cJ74AlkfQK9gBpK50yLiM2licb3E86OAX1Ll6l2yq0P7dQwqE0QfUPad-irkA-HsMWeiKiKIcYph0sgdpXLU6vyjpfPsm1R_b6fdoTi-XiEKiIVi0-W25KfCnM4A9dJPSEbP9S_NHIef5OMGr73AuipaBgmoVucv6W59q7gKrttn6Kh-ABrfQqsvZtM-hTaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlicjdvdwfGDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2C-Nr0Vd5Yz_vszOA0FfYDSnOX4w%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-205-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Jan 2024 17:24:56 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 95B6 0
0 202ms
202ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240118&jk=798554487245127&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 9C2B 39 KB
15 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 09:54:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Jan 2025 09:54:39 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 00AC 13 KB
5 KB 57ms
56ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 26108
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 10:09:47 GMT
expires: Tue, 21 Jan 2025 10:09:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 91F5 829 B
561 B 65ms
65ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5ccc894d9f9c7fc37246fa2358b042bfeaef3258473dab8c2db90c6d06d5b59b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3rB07Lz6UpD4bk-WcEnf2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-3rB07Lz6UpD4bk-WcEnf2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:55 GMT
expires: Mon, 22 Jan 2024 17:24:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FAF5 0
10 B 56ms
56ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?5jgaaw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E15A 13 KB
5 KB 56ms
56ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 26108
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 10:09:47 GMT
expires: Tue, 21 Jan 2025 10:09:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 881A 829 B
561 B 67ms
66ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

05dc26f26011ab1dd2368169f3ceb19fb834eafdb3b69a31c4007571e6b7e544

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4-YiOG7ERkv9AkLbff9p3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-4-YiOG7ERkv9AkLbff9p3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:55 GMT
expires: Mon, 22 Jan 2024 17:24:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 XassetngTNm1bf.png
ads.w55c.net/t/d/ Frame 3965 66 KB
67 KB 34ms
33ms Image
image/png 2600:9000:2491:4e00:1b:f040:3600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.w55c.net/t/d/XassetngTNm1bf.png?at=0&rtbhost=conf01-europe-west1.rtb.roku.com&btid=RUJDMEJCRjA3Mjg2NTM3NTVBNjU5QTkzM0I2MEU2NDV8R0YxVmRNcm01Y3wxNzA1OTQ0Mjk1NzY2fDF8WG1KVFAyNDVlMHxYUjlNS0pFbFcwfDM0NjkwODc2M19FWHwyNTYyNHx8fHwuMFB8VVNE&ei=GOOGLE&ac=WFM2YVdYQTl2bjpYU2YwU29uZW43fDB8MHxFVVI7&js=0&ob=0&ccw=SUFCMSMwLjQxMzUyMjg0fElBQjE5IzAuMTYyOTAzNTV8SUFCMTktMTcjMC4xNjI5MDM1NXxJQUI5LTI4IzAuMTYyOTAzNTV8SUFCMS01IzAuMTYyOTAzNTV8SUFCOSMwLjE2MjkwMzU1&ci=Xm5m1vekkx&psid=NTkzOTA4MTEyNTc&s=https%3A%2F%2Fwww.xgcartoon.com&ts=1705944295768&c=DE&r=G-BE&epid=R0wxMDA5Ng&mi=d2Vi&wp_exchange=NWP
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046724&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944295163&bpp=150&bdt=98&idt=367&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1589409296&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759876%2C44759927%2C95320376%2C95320869%2C95321627%2C95322163%2C31080557&oid=2&pvsid=3922862885230430&tmod=1233601255&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.qttsmmwwhph4&fsb=1&dtd=373
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:4e00:1b:f040:3600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b4e0a8238ea0b4d0caaef64f7f9d3b45ce79d90ec3a6b4210ee26ef9f7527ba2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: gHnmJOBGnqj4hbZkMc6ipiPNnxoVP9GN
date: Mon, 22 Jan 2024 07:42:33 GMT
via: 1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 34943
x-amz-server-side-encryption: AES256
x-amz-meta-width: 728
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-meta-filesize: 67964
x-amz-meta-height: 90
content-length: 67964
last-modified: Mon, 08 Jan 2024 17:27:02 GMT
server: AmazonS3
etag: "2daaadc6c0bafcfcb8426c32186ec4d4"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: zE4S6iYbod9GfthYRYyn7eZCKVKcwjqjJ8wQq2a4h0ESRSzy473P0Q==

GET
H/1.1 200
OK pixel.php
t.hspvst.com/ Frame 3965 95 B
929 B 61ms
60ms Image
image/png 154.58.197.185
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.hspvst.com/pixel.php?id=2677&t=P&cb=8481249440094351
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046724&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944295163&bpp=150&bdt=98&idt=367&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1589409296&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759876%2C44759927%2C95320376%2C95320869%2C95321627%2C95322163%2C31080557&oid=2&pvsid=3922862885230430&tmod=1233601255&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.qttsmmwwhph4&fsb=1&dtd=373
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.58.197.185 , Spain, ASN174 (COGENT-174, US),
Reverse DNS: staticip-hv4m185.hispavista.com
Software: Apache / PHP/5.4.45-1~dotdeb+7.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 17:24:56 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-1~dotdeb+7.1
Transfer-Encoding: chunked
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type: image/png
Cache-Control: max-age=315360000
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Keep-Alive: timeout=3, max=999
Expires: Thu, 19 Jan 2034 17:24:56 GMT

GET
H2 200 creative_add_on.js Show response
cti.w55c.net/ct/ Frame 3965 5 KB
2 KB 36ms
35ms Script
application/javascript 2600:9000:25a2:a800:3:4706:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cti.w55c.net/ct/creative_add_on.js?w=728&h=90&zindex=0&ci=Xm5m1vekkx&ei=GOOGLE&ob=0&ai=0DaDXCcU00&epid=R0wxMDA5Ng&fiu=WG1KVFAyNDVlMA&s=https%3A%2F%2Fwww.xgcartoon.com&ciu=XR9MKJElW0&btid=RUJDMEJCRjA3Mjg2NTM3NTVBNjU5QTkzM0I2MEU2NDV8R0YxVmRNcm01Y3wxNzA1OTQ0Mjk1NzY2fDF8WG1KVFAyNDVlMHxYUjlNS0pFbFcwfDM0NjkwODc2M19FWHwyNTYyNHx8fHwuMFB8VVNE&c=DE&dt=2dt0005&sd=xgcartoon.com&cip=1&uidu=CAESEBtxA-D3p6bdgLIhzXDeN3s&spidu=GOOGLE&pidu=10096&hmpvu=9b30ae23-5986-4fbb-b131-e87b816f51db&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XR9MKJElW0&

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046724&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944295163&bpp=150&bdt=98&idt=367&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1589409296&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759876%2C44759927%2C95320376%2C95320869%2C95321627%2C95322163%2C31080557&oid=2&pvsid=3922862885230430&tmod=1233601255&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.qttsmmwwhph4&fsb=1&dtd=373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25a2:a800:3:4706:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 0IYa12QvFdrNK.CC2JhaeEJAYjkhUjCe
content-encoding: br
via: 1.1 179ba4c3ce59451c080c2ed7517bcb96.cloudfront.net (CloudFront)
date: Thu, 18 Jan 2024 07:01:55 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-amz-cf-pop: ZRH55-P1
age: 382982
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 17 Sep 2021 21:17:39 GMT
server: AmazonS3
etag: W/"a6c8a5bdec77729759b220b95bf503f9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: must-revalidate
x-amz-cf-id: 54PqLHNRzss-GQ8sQK5Aoi4QK4FWGyJuj76xwOBa8T0mPO-99LJRzg==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 3965 3 KB
1 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046724&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944295163&bpp=150&bdt=98&idt=367&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1589409296&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759876%2C44759927%2C95320376%2C95320869%2C95321627%2C95322163%2C31080557&oid=2&pvsid=3922862885230430&tmod=1233601255&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.qttsmmwwhph4&fsb=1&dtd=373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 10:08:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Feb 2024 10:08:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 3965 20 KB
8 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046724&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944295163&bpp=150&bdt=98&idt=367&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1589409296&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759876%2C44759927%2C95320376%2C95320869%2C95321627%2C95322163%2C31080557&oid=2&pvsid=3922862885230430&tmod=1233601255&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.qttsmmwwhph4&fsb=1&dtd=373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:28:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82557
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:28:59 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3965 0
0 63ms
63ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSFBug0yrlkBiyAqNV9CP2_vURcXfzntHf8WNAFwfZshEsaexmSO0wqnkoTZKKEHDx-UfJ5KRLTlItLnxttK7BKPxM8bA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046724&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944295163&bpp=150&bdt=98&idt=367&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1589409296&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759876%2C44759927%2C95320376%2C95320869%2C95321627%2C95322163%2C31080557&oid=2&pvsid=3922862885230430&tmod=1233601255&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.qttsmmwwhph4&fsb=1&dtd=373
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3965 206 KB
65 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046724&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944295163&bpp=150&bdt=98&idt=367&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1589409296&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759876%2C44759927%2C95320376%2C95320869%2C95321627%2C95322163%2C31080557&oid=2&pvsid=3922862885230430&tmod=1233601255&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.qttsmmwwhph4&fsb=1&dtd=373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 17:24:56 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 91F5 0
0 202ms
202ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240118&jk=2447506523472180&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 00AC 39 KB
15 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 09:54:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Jan 2025 09:54:39 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9C2B 0
10 B 56ms
55ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ak3uDg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame E15A 39 KB
15 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 09:54:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Jan 2025 09:54:39 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 646E 1 KB
649 B 57ms
56ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046724&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944295163&bpp=150&bdt=98&idt=367&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1589409296&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759876%2C44759927%2C95320376%2C95320869%2C95321627%2C95322163%2C31080557&oid=2&pvsid=3922862885230430&tmod=1233601255&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.qttsmmwwhph4&fsb=1&dtd=373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29486
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Tue, 23 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 881A 0
0 202ms
202ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240118&jk=1046948045195996&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 2504 54 KB
19 KB 133ms
37ms Script
application/javascript 13.224.103.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&wgprogramid=286305&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hkkqsr4v1d1pyj2hpmpj74xa3azzbf74qmgz5eba7emjgk9se3tmzdrcpss7r6ja23mnpzs7rz9me2asxgkxf8gna2t6yhryz5gb7eeahe25xz3zdm2ga7fkt701e0znye9yfkxkz5jjjyvy4mzp31sefdj9e3c6v1p9x7mzxay575stf81cwvh6ks1z7p6bj6xpms1d14zyvh3nhwwbygjnjqe2thrahy6kzh0vcsacmx5sxe6xnyd9f0qz3vzx0msc%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kfy24v0cnz41h3mrrw4xc666b59a35b91ss0fbbxtny7reqzkms7h663qrdhga9jphyw5261ne4e81bfktravk2getcr4w3krj9qcv3da2g7ca1dtn7xesz42jn2ky0fhx2n37tc9vjrqgcqv03zcefh80t14gq7tfc050ct79wrt733azwjc32qschnvxcfyk27aemej67vx98vjp1q10g4ha6f40atnaen36zcxq2k4thae0vxb8g4ndq5an6hqxe89dq1mz2f7s0aa21dnba%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCy3H95qSuZeaHNp7sn88P_vSL-AuQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEzAFP0FfU1Xh-RLhb93SFEgyWuRhk06kvnDHHQ5bHTne0qheFxAwPDwf6ouBhH8rHGG3XJFGelrZD8Vv8or3PbZ0g2Pvob40qa8hAnl9r7f_LIfTfuGPc1zw1u2O4WfI0XSMDqjrU_s8Mxe53yXobj3hDkyagqx-TCApuaG-05sHYS-0T8KoaXQ2b4L_9FXtkH3elcEYBd6syL-0rjbrMRCiDiwlBlo-vQPgBxEgnG9qq22gfQrObPgxt2aTf_TZzsNH38RQrklZI2JfLl4qABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliarMvdwfGDA_oLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1Yz3mf4LaAWe-ukvWeiU62pyuBGA%252526client%25253Dca-pub-5884294479391638%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-78.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5ca4b5260e5b7a45b242e3c117e96451cb1d43563baee057f0d609548a112db7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 05:23:26 GMT
content-encoding: gzip
via: 1.1 03b8fedec120c9a0833a57a86eae03ae.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jan 2024 16:01:13 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
age: 43291
x-amz-server-side-encryption: AES256
etag: W/"1885e2f5560c2347761a6db4984ea717"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: jaDK0gb6T7wlGXGrBp4uJaz11ci_GGQ6bz-GUJvVBA-ujCCjhsd1tQ==

GET
H2 200 1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 2504 15 KB
15 KB 128ms
38ms Image
image/png 18.165.183.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1705944596&Signature=k~UjCWfikVzTs6j0wHrSXlFko9xKAdUN3ocYWjitSH-kMitfxmcZM406dwiUHOrs4V7~c2e-IY1vSXGyori3JA4swLY~esvkbpa08P3PWYMm72Pohi0pqDAzjgXZ-7B0ChEsvCkP2H9M-vX3WfuCGE3vHPJe23DzE5ZWGWVs89LbSZJHnSXCHi2oMGLpUeQGOD4b7UxtkvXMFGJ7FXHV~4zN67ljYny2iAtfzuQTQI1Vuc-QKzcmfbwVPhDHSNTQDzdrdiTgCbvwa~Z7NBxmrK0x3-7WsCMK~uw9oXKtmxyFexPTHylRYubA~bb0FjjW45EVotpbGZAYHWRYfaw4nA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C765%2C537178&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2C7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1j%2CEjgSDfEfARG7szHAHjt4t4AQTKSVTYr3hBgQ5&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CEjgSDfEfgVhzHAHjt6Cq6daKSVTYr3hBgQ5%2CADYaYfqfbZr3UAHRH4tMCM7duRS4TRrAH3JMm&c=120&d=600&e=&g=13291a614db78136b0d985e7953fed26%2F17624810589492035411&i=71725%2C1676%2C21596&j=21%2C4%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705944295695&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfy24v0cnz41h3mrrw4xc666b59a35b91ss0fbbxtny7reqzkms7h663qrdhga9jphyw5261ne4e81bfktravk2getcr4w3krj9qcv3da2g7ca1dtn7xesz42jn2ky0fhx2n37tc9vjrqgcqv03zcefh80t14gq7tfc050ct79wrt733azwjc32qschnvxcfyk27aemej67vx98vjp1q10g4ha6f40atnaen36zcxq2k4thae0vxb8g4ndq5an6hqxe89dq1mz2f7s0aa21dnba%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCy3H95qSuZeaHNp7sn88P_vSL-AuQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEzAFP0FfU1Xh-RLhb93SFEgyWuRhk06kvnDHHQ5bHTne0qheFxAwPDwf6ouBhH8rHGG3XJFGelrZD8Vv8or3PbZ0g2Pvob40qa8hAnl9r7f_LIfTfuGPc1zw1u2O4WfI0XSMDqjrU_s8Mxe53yXobj3hDkyagqx-TCApuaG-05sHYS-0T8KoaXQ2b4L_9FXtkH3elcEYBd6syL-0rjbrMRCiDiwlBlo-vQPgBxEgnG9qq22gfQrObPgxt2aTf_TZzsNH38RQrklZI2JfLl4qABunliPTnivbzeaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliarMvdwfGDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Yz3mf4LaAWe-ukvWeiU62pyuBGA%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.183.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-183-89.zrh55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 22 Jan 2024 06:58:32 GMT
via: 1.1 6ea1443d3dc39c2be7c23883fb0bd3e0.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:41:35 GMT
server: AmazonS3
x-amz-cf-pop: ZRH55-P1
age: 37585
etag: "d4e8f970f24f6d19b53aa92b1907c1ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15054
x-amz-cf-id: MupAJhC2ABVQdMTCY1Y7cm393Ey0i2hH75aqlDaP51nqZK3kXZg84Q==

GET
DATA 200
OK truncated
/ Frame 3965 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24b7f24e696c2ce4e5a02661aa40c8ca837d4f40c5c4fd26cd788fea68719364

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3965 0
19 B 96ms
95ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CP7lW56SuZcjQJ7en2OMP4OOIiAG6iLSPXJzX7u6pCMCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqAMByAMCqgTIAU_QtdXaUil4tIX4FYKeSQkUiBj8oQpmZzlkrAE7aL2ZmOJNfsJF7ArKBuvRkze65fbRS12q5BA79cU3Gu9_SVwTj39uV8bVyEGwaORNwCmgO9T2ZFiLSf5TB9R3jNbr55THmMlc64xQuCaQu5SJo9k8pGE7EwuMdy2ua8WgUQLuCzlRhBz_WPV8TcVT8nPPceWP8C1BtGW-asMYxK9uEhPfcuKtCUas7MbZ3-GTra1XG_HLJ7qFsjizUYVN-PuX9GawvGwMAkFvgAaG9JX58dK_-MEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNj--d3B8YMDgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU4ODQyOTQ0NzkzOTE2MzgYmdIh&sigh=voFvTY031xs&uach_m=%5BUACH%5D&cid=CAQSKQAvHhf_L-bOc1ENPOZNh59lumZ9UHRk0ZKGOBabH63FC4Mesf-zD_qtGAE&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046724&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944295163&bpp=150&bdt=98&idt=367&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1589409296&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759876%2C44759927%2C95320376%2C95320869%2C95321627%2C95322163%2C31080557&oid=2&pvsid=3922862885230430&tmod=1233601255&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.qttsmmwwhph4&fsb=1&dtd=373

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046724&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944295163&bpp=150&bdt=98&idt=367&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1589409296&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759876%2C44759927%2C95320376%2C95320869%2C95321627%2C95322163%2C31080557&oid=2&pvsid=3922862885230430&tmod=1233601255&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.qttsmmwwhph4&fsb=1&dtd=373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 22 Jan 2024 17:24:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200 a.gif
i.w55c.net/ Frame 3965 42 B
582 B 29ms
29ms Image
image/gif 3.76.149.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.w55c.net/a.gif?t=0&rtbhost=conf01-europe-west1.rtb.roku.com&rts=1&btid=RUJDMEJCRjA3Mjg2NTM3NTVBNjU5QTkzM0I2MEU2NDV8R0YxVmRNcm01Y3wxNzA1OTQ0Mjk1NzY2fDF8WG1KVFAyNDVlMHxYUjlNS0pFbFcwfDM0NjkwODc2M19FWHwyNTYyNHx8fHwuMFB8VVNE&ei=GOOGLE&wp_exchange=Za6k5wAJ6EgGdhO3AAIx4Kbwsszdoox_S2HVqw&ac=WFM2YVdYQTl2bjpYU2YwU29uZW43fDB8MHxFVVI7&psid=NTkzOTA4MTEyNTc&js=0&ob=0&ccw=SUFCMSMwLjQxMzUyMjg0fElBQjE5IzAuMTYyOTAzNTV8SUFCMTktMTcjMC4xNjI5MDM1NXxJQUI5LTI4IzAuMTYyOTAzNTV8SUFCMS01IzAuMTYyOTAzNTV8SUFCOSMwLjE2MjkwMzU1&ci=Xm5m1vekkx&fiu=WG1KVFAyNDVlMA&fid=XmJTP245e0&sd=xgcartoon.com&s=https%3A%2F%2Fwww.xgcartoon.com&ts=1705944295768&dvdp=i.w55c.net/dv.jpg&ai=0DaDXCcU00&c=DE&r=G-BE&rnd=8481249440094351&epid=R0wxMDA5Ng&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=NzI4NWEyMmNjZmE2NGM1Y2JmMzBmYzExNmQzNGFhNGU&dm=MU0xd3l4WkxMdg&l=emh8fA&ri=2rxtlU&cip=1&alg=TGcwMDA4&v=2&euid=Q0FFU0VCdHhBLUQzcDZiZGdMSWh6WERlTjNz&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=RXVyb3BlL0Jlcmxpbg&sg=Av0V3PW6h8CUVRc-hrbcIA&buid=Xdb4DXiaK1Q&dv=MUxWSXJn&dip=0.0.0.0&az=europe-west1-b&hmdp=i.w55c.net/h.gif&hmtiu=9484611643830741015000&uidu=CAESEBtxA-D3p6bdgLIhzXDeN3s&spidu=GOOGLE&pidu=10096&hmpvu=9b30ae23-5986-4fbb-b131-e87b816f51db&hmtsu=3&odtu=2&mtfu=1&crdmu=728x90&cridu=XR9MKJElW0&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046724&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944295163&bpp=150&bdt=98&idt=367&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1589409296&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759876%2C44759927%2C95320376%2C95320869%2C95321627%2C95322163%2C31080557&oid=2&pvsid=3922862885230430&tmod=1233601255&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.qttsmmwwhph4&fsb=1&dtd=373

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.76.149.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-76-149-124.eu-central-1.compute.amazonaws.com

Software

PixelTracking/v2.0.30-799-g9c6cd74#rel-ec2-master i-05a941aeab12055fa@eu-central-1b@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Jan 2024 17:24:55 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PixelTracking/v2.0.30-799-g9c6cd74#rel-ec2-master i-05a941aeab12055fa@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 646E
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEKQTrt8oT-lvbn_uswhF0BA&google_cver=1&google_push=AXcoOmRlGelFocHjDxR2slFN9dcIVLNWF0kzwW6eMT8v7xHACyclyFLivCRLDEJhY31fAEPDFkv8fzW3E-Q0lH5pEOKST3LzDLuoNP...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DAC58519139E48E396CCEA28229A73B9&google_push=AXcoOmRlGelFocHjDxR2slFN9dcIVLNWF0kzwW6eMT8v7xHACyclyFLivCRLDEJhY31fAEPDFkv8fzW3E-Q0lH5...

170 B
188 B

56ms
56ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DAC58519139E48E396CCEA28229A73B9&google_push=AXcoOmRlGelFocHjDxR2slFN9dcIVLNWF0kzwW6eMT8v7xHACyclyFLivCRLDEJhY31fAEPDFkv8fzW3E-Q0lH5pEOKST3LzDLuoNPDn5yxI7aW2RZfCsk3H3cYgOro62AR1tWFaeyxoiNUTa4IwUCrjKP4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046724&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944295163&bpp=150&bdt=98&idt=367&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1589409296&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759876%2C44759927%2C95320376%2C95320869%2C95321627%2C95322163%2C31080557&oid=2&pvsid=3922862885230430&tmod=1233601255&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.qttsmmwwhph4&fsb=1&dtd=373

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Jan 2024 17:24:56 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DAC58519139E48E396CCEA28229A73B9&google_push=AXcoOmRlGelFocHjDxR2slFN9dcIVLNWF0kzwW6eMT8v7xHACyclyFLivCRLDEJhY31fAEPDFkv8fzW3E-Q0lH5pEOKST3LzDLuoNPDn5yxI7aW2RZfCsk3H3cYgOro62AR1tWFaeyxoiNUTa4IwUCrjKP4
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 21 Jan 2024 17:24:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 646E
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELTVjcqFzuf5vwMqRTT79ro&google_cver=1&google_push=AXcoOmQTa7jGw-uUYbp_0Yrnnz8nRo2_cs1AhY95osSVuSss3i6-nTk4Ds0cV846is0uQe6ovTK01YTrm_IQoTyhtl2sZ75...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQTa7jGw-uUYbp_0Yrnnz8nRo2_cs1AhY95osSVuSss3i6-nTk4Ds0cV846is0uQe6ovTK01YTrm_IQoTyhtl2sZ75clwvS9aDyyXlIz2BY_cuvSfgkZy42SWFUPVgLB...

170 B
188 B

56ms
56ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQTa7jGw-uUYbp_0Yrnnz8nRo2_cs1AhY95osSVuSss3i6-nTk4Ds0cV846is0uQe6ovTK01YTrm_IQoTyhtl2sZ75clwvS9aDyyXlIz2BY_cuvSfgkZy42SWFUPVgLBsvEk03ghTE_Ue8QPWcT8RH0&google_hm=eS1mMW9Ca2NSRTJwRXRFc2dYWHpRcG05cHA0Y2tBZ1NSMn5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046724&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944295163&bpp=150&bdt=98&idt=367&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1589409296&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759876%2C44759927%2C95320376%2C95320869%2C95321627%2C95322163%2C31080557&oid=2&pvsid=3922862885230430&tmod=1233601255&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.qttsmmwwhph4&fsb=1&dtd=373

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 22 Jan 2024 17:24:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQTa7jGw-uUYbp_0Yrnnz8nRo2_cs1AhY95osSVuSss3i6-nTk4Ds0cV846is0uQe6ovTK01YTrm_IQoTyhtl2sZ75clwvS9aDyyXlIz2BY_cuvSfgkZy42SWFUPVgLBsvEk03ghTE_Ue8QPWcT8RH0&google_hm=eS1mMW9Ca2NSRTJwRXRFc2dYWHpRcG05cHA0Y2tBZ1NSMn5B
content-length: 0

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 646E 0
41 B 37ms
36ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFbxTzMURcFvCd6fsoXfmpk&google_cver=1&google_push=AXcoOmQ32XtMrrhB5XTZTPYXi4F-faklwCsJBHGOnIhNckFF7YqN3REooHiOvyIFjbEI8ZNG6y5H_aKAXGYNZKKAwJkeFYW73Qfl0Extut3snvRX7i6aZr8GX_zRDePu1EjsJ21MI2vHoqOOLvZiSiZaqckt
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046724&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944295163&bpp=150&bdt=98&idt=367&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1589409296&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759876%2C44759927%2C95320376%2C95320869%2C95321627%2C95322163%2C31080557&oid=2&pvsid=3922862885230430&tmod=1233601255&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.qttsmmwwhph4&fsb=1&dtd=373
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Mon, 22 Jan 2024 17:24:56 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 646E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDTY1-5GUnoVZDbS3A9dCWE&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDTY1-5GUnoVZDbS3A9dCWE&google_hm=Za6k5sWz-7988uYhe8qJJQAAFHsAAAAB&google_nid=index&google_push=AXcoOmTuF_Yo7HNsjITZ0JZniXMDiqwuc80nT...

170 B
188 B

56ms
56ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDTY1-5GUnoVZDbS3A9dCWE&google_hm=Za6k5sWz-7988uYhe8qJJQAAFHsAAAAB&google_nid=index&google_push=AXcoOmTuF_Yo7HNsjITZ0JZniXMDiqwuc80nTLJTf5HgPFGg3Sebq3GyWKw2IKIo3A7TqJSQKFls0zuZAMQAF-HgiFYy6WHm9cB8uaa2-zlybiZ8i3sKd-WtJ8WTuIPtxm_Uoi_b1bwRfKth_EPRcr3JSa5C

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046724&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944295163&bpp=150&bdt=98&idt=367&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1589409296&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759876%2C44759927%2C95320376%2C95320869%2C95321627%2C95322163%2C31080557&oid=2&pvsid=3922862885230430&tmod=1233601255&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.qttsmmwwhph4&fsb=1&dtd=373

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=321dS3qCszjRb4U9pjSLZgHkwZEbgI89DQB12Nb%2BsvVVdoBG6XN%2BEbB8b7TxbgMO%2Bz5AjWyMqCj1rThdwaG5v1JnFLH8KMMlr9zvUBZVEA%2B60qDp2M892w8V%2F7wusCGaPmGnClsOtekNxA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDTY1-5GUnoVZDbS3A9dCWE&google_hm=Za6k5sWz-7988uYhe8qJJQAAFHsAAAAB&google_nid=index&google_push=AXcoOmTuF_Yo7HNsjITZ0JZniXMDiqwuc80nTLJTf5HgPFGg3Sebq3GyWKw2IKIo3A7TqJSQKFls0zuZAMQAF-HgiFYy6WHm9cB8uaa2-zlybiZ8i3sKd-WtJ8WTuIPtxm_Uoi_b1bwRfKth_EPRcr3JSa5C
cache-control: no-cache
cf-ray: 84997e4acbd54480-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame 646E 0
240 B 35ms
34ms Image
text/plain 2600:9000:2190:b800:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEL4t98437sMsdDUmj0VrZpU&google_cver=1&google_push=AXcoOmRnWMemu_3g1Ls56C3d1ST5iav7ksuePF2vMNdDsIkoJZqyhZHX7nEu9lEZGps2468L_9KjqdpEvJnbpCZOoM5TcY2_WwRiq4Y1VvK_q2U4TRrIEyLiC0J-pyPr97wsv4VvMdsBuihpdJaBhet9Lzez
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046724&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944295163&bpp=150&bdt=98&idt=367&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1589409296&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759876%2C44759927%2C95320376%2C95320869%2C95321627%2C95322163%2C31080557&oid=2&pvsid=3922862885230430&tmod=1233601255&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.qttsmmwwhph4&fsb=1&dtd=373
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:b800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:55 GMT
via: 1.1 449f2b51e83bf8ba5fa5e65ce60bc276.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: ZRH50-C1
age: 1
x-cache: Hit from cloudfront
cache-control: no-cache, must-revalidate
x-amz-cf-id: m1WHRGaMsjdQzlNqme2s_BdEA7rkEsv0oEqr7tnyyl_g4aPx_63KBw==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 646E
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENFiA6_gd-RKskG1tI0uIDE&google_cver=1&google_push=AXcoOmQnYmiRieet_UW5g8_JKkwJO6ZJQSRmu70QOlCOelP-9CUP0YkxE4gyxWJPi0nc1cK9msl9rEzKcHzUzodvf980o41tPz...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQnYmiRieet_UW5g8_JKkwJO6ZJQSRmu70QOlCOelP-9CUP0YkxE4gyxWJPi0nc1cK9msl9rEzKcHzUzodvf980o41tPz1...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5NTE0MjU0NDQ4OTE3MDMzODU1Mw%3D%3D&google_push=AXcoOmQnYmiRieet_UW5g8_JKkwJO6ZJQSRmu70QOlCOelP-9CUP0Ykx...

170 B
188 B

57ms
57ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5NTE0MjU0NDQ4OTE3MDMzODU1Mw%3D%3D&google_push=AXcoOmQnYmiRieet_UW5g8_JKkwJO6ZJQSRmu70QOlCOelP-9CUP0YkxE4gyxWJPi0nc1cK9msl9rEzKcHzUzodvf980o41tPz1_sBq5VMY72m2AL3ywr2oPTkRP9b3nKgJpauqGuKQz3xgsYU36OMDNtzU

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5NTE0MjU0NDQ4OTE3MDMzODU1Mw%3D%3D&google_push=AXcoOmQnYmiRieet_UW5g8_JKkwJO6ZJQSRmu70QOlCOelP-9CUP0YkxE4gyxWJPi0nc1cK9msl9rEzKcHzUzodvf980o41tPz1_sBq5VMY72m2AL3ywr2oPTkRP9b3nKgJpauqGuKQz3xgsYU36OMDNtzU
date: Mon, 22 Jan 2024 17:24:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
onetag-sys.com/match/ Frame 646E
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMe6B575U3VPEJOVjcPIfAM&google_cver=1&google_push=AXcoOmRSHvB9i1ElBJWFP0QlyyLNRjvwtzXrKnoGnAMju9Yn9Axx2M-Q5vRS8I_jkJQ2Q4TePKtDUmP1vcv...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRSHvB9i1ElBJWFP0QlyyLNRjvwtzXrKnoGnAMju9Yn9Axx2M-Q5vRS8I_jkJQ2Q4TePKtDUmP1vcvtr06Dy5ZZUDdC2SRllCcFMkfKpri_l35H6A7m...
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

40ms
40ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 17:24:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 646E 0
12 B 54ms
54ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IXqlS6awBv6m3Li8d1QDeZpo1WHNZiB5tWfyJDwaM7IyqAyUK2RuIaQWN918yt6iTLQCed8A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046724&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705944295163&bpp=150&bdt=98&idt=367&shv=r20240118&mjsv=m202401160101&ptt=5&saldr=sd&is_amp=1&correlator=3177&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1589409296&scr_x=-12245933&scr_y=-12245933&eid=95320239%2C44759876%2C44759927%2C95320376%2C95320869%2C95321627%2C95322163%2C31080557&oid=2&pvsid=3922862885230430&tmod=1233601255&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.qttsmmwwhph4&fsb=1&dtd=373

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:56 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 00AC 0
10 B 56ms
55ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?JAsFFQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E15A 0
10 B 56ms
55ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?CjL9gQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F08B 0
0 90ms
90ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnA8_bcpWRaU85tI_hv6clatJ1LC5XAF8RJTsSCL8EmBT4gCSvd94Yf4Db_j0TQfm47mx43XrrxnnPdJJLr7pRRg-gZ9Ltghic60dDMpe0Il6bFAPWawjYLqQ0hp-IMNlm-xoXkA-1L9FaamD4qPLhhGvfKQsgM3xtn3bES40-JK5iSeHSYGaZ7yz9-leHqK8615684sDp-J6e_oIJ4CnbREY4bUEWHyPjDz_-gqNU2-1EWITTPlrHnp-RNViZhYWCdRlU0fQlEjekajPlto_b7aqp69ILshEIwVbqd4zHx39zGY9hsKQ93xHdTPv3MKfiv8uv671pe1hhtjE97T5mNRTRuUK9bbwpBY6k2pkAQ9m8Hd2nfNTYLrOI7Ksph06RXjQd2SLn6zOOavwCxB0&sai=AMfl-YQTxQQZS7Tx8G95QW21YDZcoVaTDgo0Gzwc_traov3G8hb2Z2fnvo0-BxSwwJotoObZ1eEB4dgDEFCB8m4&sig=Cg0ArKJSzEAJC8WhOXqwEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 22 Jan 2024 17:24:56 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F08B 16 KB
12 KB 104ms
104ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240118&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

591c4f9292957b93ab9f9b251d99c1a3217d0ed4cb7d34a6be5b7b0619e547ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12148
x-xss-protection: 0

GET
H2 200 postview Show response
www.eprimo.de/ Frame 5367 334 B
462 B 101ms
29ms Document
text/html 18.196.137.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eprimo.de/postview?hp=8000001991&pvid=65aea4e8141e30d18a34f733&gdpr=0&gdpr_consent=&gdpr_pd=0

Requested by

Host: netzwerk.uppr.de
URL: https://netzwerk.uppr.de/trck/epv/af4ff75e9ff0f691fd8dd53e639ddaad?subid=oneid13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7droneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.196.137.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-137-47.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

4803fb9ad425e3d59451441ac6a7c901a4392f78f7732f07aa2a5292503460bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 22 Jan 2024 17:24:56 GMT
etag: W/"65a4fd24-14e"
last-modified: Mon, 15 Jan 2024 09:38:44 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 88x31.png
ht.uppr.de/campaign_118_eprimo/20210714_Logos/ Frame B282 4 KB
4 KB 97ms
28ms Image
image/png 54.37.204.178
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ht.uppr.de/campaign_118_eprimo/20210714_Logos/88x31.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=12798&b=13mUbfKf2Ama9HdH9tAt2zmS2SKTGRWHx7dr&f=wAjudfjfZk3SEHRH2tEC4m9hzSATmrZTKJQ1&c=300&d=50&e=&g=4236919d0fe064802313eda6aa248b3c%2F3756930811364068977&i=20363&j=24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1705944295748&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hzfsn4hex4gd46jr363bd6pn63dhmwkvj1ttqxnnt8g40h07tmgp1wj1xd77x1wb2qn4x4ptnjvztxwhkm1qg2t820xv5cxj48kh9gndsxevegeze0jdarg2gpqrcs1rea84ynffzd0vdnqe28gm9jpek5xcknxj76s6m8sep9knnksr84f6jk75cfqmw8c241na7ad56wfzhy0141ndt6x11bs2aed20jbtmkagy6vg48hjg4fh0zybdrtczdjbn275ys0e1f756fgy8k095je%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC88op56SuZbbiBtqB2OMPraGbqASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQK0zQMzmEWyPqgDAcgDAqoEywFP0CLwbcVPhywP0kqjbdckMsufEgxLJUvhALU1EiAauMzhctzW9K2JcdMD9XgxPvQKpxa3rwogLSs1jUPny4TpILPGwzwmhGCqEIe4R29nXz-gd3RkxMgLJRkoNnuLkdb_lN9Eeci9kV6i9MeI7ePfSz55-pJ43AZr-v4m6JKC_PnyMWLH8gFDawgfK04njizOzKe2LDWqOwBtDBZ_BYqzXEnFTEK0dzXQ8I86tdwZYh4aHiXoer9i10zsXoDSYb-er-23rgejLo8NnYAGt9Cqy9m0z6FNoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WOX82N3B8YMD-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2rU2olbqdwuMKnBEpy3AxoiKz0Ug%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.37.204.178 , France, ASN16276 (OVH, FR),
Reverse DNS: 178.ip-54-37-204.eu
Software: nginx/1.24.0 /
Resource Hash: b5cbed9147f88e081848cdd63a0791004ad19c85d075033508db726df783c558

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:56 GMT
last-modified: Wed, 14 Jul 2021 10:35:04 GMT
server: nginx/1.24.0
accept-ranges: bytes
etag: "60eebdd8-116b"
content-length: 4459
content-type: image/png

GET
DATA 200
OK truncated
/ Frame C8F3 25 KB
25 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3be09dc0c3a62f0a8397706bf1d6fc53d4dbcadf38863aaf6b87ceb0f1eb3d18

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ Frame C8F3 25 KB
25 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32ee695fc5354fb6448cbc5453ec1d15f01c7d5f74539da5f93126188b9fda22

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3 200 MadeOfSwitzerland.svg Show response
s0.2mdn.net/creatives/assets/4669666/ Frame C8F3 9 KB
3 KB 58ms
57ms Fetch
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4669666/MadeOfSwitzerland.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4672102/lx_970x250_default.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33db53c59f86658a2a1c5a8515a4332b2837162b2ec8c13af379f32f122ea18b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3073907470465951617/index.html?e=69&leftOffset=0&topOffset=0&c=dkS7Cy6bQQ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:16:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 521
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2792
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 10:19:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 Jan 2024 17:31:15 GMT

GET
H3 200 star_alliance.svg Show response
s0.2mdn.net/creatives/assets/4669666/ Frame C8F3 4 KB
2 KB 59ms
58ms Fetch
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4669666/star_alliance.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4672102/lx_970x250_default.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3117435f29e0de48ea6ed19bbe21500a39ac0901bb4962f6b65a938162f54b8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3073907470465951617/index.html?e=69&leftOffset=0&topOffset=0&c=dkS7Cy6bQQ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:16:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 521
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1838
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:06:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 Jan 2024 17:31:15 GMT

GET
H3 200 de_swiss_rgb.svg
s0.2mdn.net/creatives/assets/4669666/ Frame C8F3 2 KB
877 B 65ms
65ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4669666/de_swiss_rgb.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

354a25f44878b2935ae4bb47c8c285c749b3d439526c270e69a0404d01050399

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3073907470465951617/index.html?e=69&leftOffset=0&topOffset=0&c=dkS7Cy6bQQ&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:17:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 15:45:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 Jan 2024 17:32:38 GMT

GET
H3 200 Abendstimmung_Offer_970x250.jpg
s0.2mdn.net/creatives/assets/4669663/ Frame C8F3 45 KB
45 KB 60ms
59ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4669663/Abendstimmung_Offer_970x250.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9871a28da9d6c14618c73949c5bf29f914e8ef6e0a122f23010fb49073240a85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/3073907470465951617/index.html?e=69&leftOffset=0&topOffset=0&c=dkS7Cy6bQQ&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:13:37 GMT
x-content-type-options: nosniff
age: 679
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45896
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 12:16:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 Jan 2024 17:28:37 GMT

GET
H2 200 cookieFork.js Show response
www.eprimo.de/postview/ Frame 5367 9 KB
3 KB 30ms
30ms Script
application/javascript 18.196.137.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eprimo.de/postview/cookieFork.js

Requested by

Host: www.eprimo.de
URL: https://www.eprimo.de/postview?hp=8000001991&pvid=65aea4e8141e30d18a34f733&gdpr=0&gdpr_consent=&gdpr_pd=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.196.137.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-137-47.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

48c851642ddc61a2093c2445e17251c1b7465d979185267312ddc5b496828813

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eprimo.de/postview?hp=8000001991&pvid=65aea4e8141e30d18a34f733&gdpr=0&gdpr_consent=&gdpr_pd=0
Origin: https://www.eprimo.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Mon, 15 Jan 2024 09:38:44 GMT
server: nginx
content-encoding: gzip
etag: W/"65a4fd24-24ea"
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F08B 17 KB
6 KB 105ms
105ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 17:24:56 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 345D 0
0 208ms
208ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240118&jk=3736950477463667&bg=!p6SlpOvNAAa8BdJLnAU7ADQBe5WfOLSc4SMa6v4Lo5Tdir85uJfvJocDE1VJDLCf8zVyRLzvxCeN2vbzfKJmZ5GD49dSAgAAAE1SAAAAAmgBB5kDDkMbcV96eYF8JWRNEmPMI9-v8h36BtV7YQgE1M-pd7-vBuRzEgDP6mjEGwiiiTRevAb9It3rGFYbk6250Q7fLxSbhF0elCKoABHmk3JGWP8vgEfaHu7aZdJ-SVUAFf9bRxLJH3zk5RQA0sEEqIKukWfhaVQVLwjhQBY9sl6XFaIGB_y7BB4YWSEzNt3nHxe7YFwbVpvh4vNXbsHIzmZdhKCzlafzTBTifnBA8vsG1w-sT8m9U7viWR7Jfr7rBLaBXB4oN2jVbJjV7ilHD-L2qznbHNpdRnv8zsN7-chJOKFdz1m0ZjkOr0TBbTDz-ip0J0WRMaudaNH4GNEQLfgBF6ZGYbexFoYOMbSjnHrydZLvhP6timZaUaWkJ-_KEHVnOMXPRFLzrz765nEa2RhJYVqetf6bhFwza_vi-7cpytl_KFz9agqVmnemWnN-0CkhxqHqDpOPBse7CDHXiqgwBL7M10iOTpH-kBAOsUHM6IHWixlariyFsSCj1fHhoPT-4V4FJAqf_0nsGiTPPtdKKJpJmKmagGba_OENV6IjSsX5Ct1hj7Uiz_pJyFhMIA8jLWK7uLcqNzBu4PZqltfEytLuFh6tdsziPdMXWh1pc_ntHJ04dHiC0vj_jK3acJ-mPXwUonrj6fH1HH_2zlchQtq2vm6MT9YcB-t_kK1tuoYSQOVVP_LJJvdy9maVQlJdE0m9KfwWw2nJpXWsesY7F-j3APArd0xfNu0ybLebpo5RKCnuNg3T_uAWDwZJMeSbbq4mXOdlnY7c75RXJ0Kj3Ht5np2JXugjhCa-QRCW2yPhIACqhaQni4ancfalFiwglaQS0KV4WDwtuHZFSlCrsqOjQRPds5tQH7Wuu9M7gamEThuAflAygJpjLDywNnBXfHCQSJB6Kl0xqVxsnjNzHXlvyQcno6Gfe5b-lRUVrhVqtlAW7HoRnLu-6xtZS1ct3X73AV0G9ZyhQLrA4UBgyo6NL2rWWa65zvbjWg3qGaOUrx64BpirDCqTaKGoP9GBwtL9r0M6fHgmds4mFw3N
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9A46 13 KB
5 KB 56ms
56ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 26109
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 10:09:47 GMT
expires: Tue, 21 Jan 2025 10:09:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 94AA 829 B
562 B 66ms
66ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0f53617902a4994ee75b7cff7797fdbb76deadfa433fbd7c905279ff23c9ea43

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OgdNk2X8w2kLOzViCFHYWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-OgdNk2X8w2kLOzViCFHYWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 17:24:56 GMT
expires: Mon, 22 Jan 2024 17:24:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1DC7 0
0 208ms
208ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240118&jk=2422972194057826&bg=!eXqlejXNAAa8BdJLnAU7ADQBe5WfOJz96dOvBlgZGGmM0bk1c2FwrxeTMlEtStHoHp_dCfanJPY5i1_s7ndqmp9wTx1bAgAAADNSAAAAAmgBB5kDB3QO6hDEKSuXHbEez53sZEVaEgRZg72BsD09QOn3-X7J0ScK55gebqwy9fYUVsLBpvfslxgdpEGZJOlApo7uvVdGcTornMD91HkbCFYzqlpFHDUcaclwmtpFo2Dqe36VoafTUrFuOHX3sWmROtskfHPx01LdHQ5oouzLhb9NHkjKKss2A-ZTPCOpKLzZ5mZbeQK8MVpi4gLi_2ncgRX4baeSmPCs0pnj0oAAoJXKlxcc0KSeBtbPqx3RPfdY28QPf7zmh0cxsW99LJQzlST1BiLHVpzn1x1YXwvWAHAdqw-0Vwse1b9fLq9ZqfvYOs_qz12YS79XKuR9mpRcrLIOy05a_cb8i5UMIVjHQy3BngPigncafEpa_YrirMj51TgyyxXKYTEL9hYD4YU4JaizQVg5Q1lxKn4gxdV_Umbu5yJMzGjuAZDbabkX5cDScelgOko9FJcZs8Ok6f2Ma7KWUTi6TfAfNecwEb7oomiRHNbHuaupEkkK0KC50jy5Rf8ZPB6BrOGeNz4ifz4lpTdIESQU02mqLLnOsuYymVEsaLc8h3_R43_HuPCRYwi3ggmS3GfPZ34IQS9_0zgY7VydUtxNSHl3gKvlOxbE8CRns5zKNkrkE-BkqNx1tkt_ZSDxUybLRm2HmW4guio4aVJhcXNwoFLTHU8My1NRuS1y-c2b3mcvKurdIQzI1ZmfPyRXR6hITVxeis9IWVCLVc0pLY31_0u7e1HAh7YwnVnNZqgIJ19HPe_g2Tq_Vf_183idYqnU6xAR5BryVygs891isGduel7iq8eQPrnUYtX-SOlO5MbbLx6J-0ElshRAR35aPvmOb5g3vf5p5MpUUGMVY_SMObJY8jl9rN1QSLOKM1W_qXr6uY9jSW60e8kdlJHqwj_jiiu0h5WjIpdz1FhbjrQnDX78_aq2UWFdM-Lnh_fOCsAGCLXzuOGG0qdxLMOtVJJIaPkyEXLBY3FqR-qVMaoL2rmmw4mLVUJXHyLwJDSjO4ZHCyCj_xDlDq9gDlCgO2CHXn9Yb4o
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 9A46 39 KB
15 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 09:54:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Jan 2025 09:54:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 94AA 0
0 201ms
201ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240118&jk=3922862885230430&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3F10 0
0 208ms
208ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240118&jk=798554487245127&bg=!Q0ClQA_NAAa8BdJLnAU7ADQBe5WfOMLCZTlYrY6E0_fPrnkwo8qW481I9B74iBVA1SipjeFW4-swJjSNU3_TTxTWzUR1AgAAADhSAAAAAWgBB5kDCpUhz3eU6shQXd1-nr4He03gkCzKEY0rNmv1AFAx4r3r0cFuF41a2w1ePn9nZX8_i0CuvciSx3CexK5gOfmN3PVyETDx1E5KKmaZusoUfef4hLRgy8U9fZp1SDG_j22HQXX3HgawBjq5qTuaPOzaBUuTdRhpA3SHwEJsFY8PLoiWFmHJYePgrrQLtXbSK5b-keJ-kryFR7hVudlhoDTrvtI3c4IMczPj_-ip8aMx6fd-5vibi9gqumI6nibYhddMJPFC3ym8sQ81cNvZEDKaXUffcbGFwYbhUYKF-JyusMoXNc3Vw7-F4UfHblOlJo9HAhwm1EWgjf14yAXhs0mebkk-VWjWojy_61MGHgQJBc1sBUHO6HJ3NOCMZPXi6w_7aPf6065kjvjYLTlaZMywJYl3ilFPNQi1vBnbfQnDAFrvHLEVp2w68B73AUb8n74MmrwT2zVcfz0WtsdIbsJPcIcb7Qez13kR8NUL2fSdop4renG50rcSksKchtMnrJi1KL-HBHoNkU0n1G9lt9wg7os7m4Bf1y93_2xlWbi73TajBnS5sYMzVc8SvKIVRDav65XesaPrZ9O6b7PEWnh-GoHmPWUM-qBmB2QQgNE9PI4sDVQVReRp--fBnVbZI-dsSQtUcn54QGBP5AIOO_6DQv_K3oKXK5hrpQd_67AhmjJGwJWZnLXKz-y2rvVE52z0MGYzzsW0vq97JI42uXplfKzoE_iA0aYPLoHKU9tdLv4Y8ZD7v9PZWkEzeyfZQ8V0erGIMQOQNqe_9e3M3CywIsNwio8nYIf_x6y7EcD_Nim4uxq32Qb1IPst-gG19knrxL5to94OmcHmLJHD7G1UFXGKxCH9bcEKSsmFedYrDBsA9Vt56bX7D4DbN9ofdTFxSbntfoTQsBvER-f-FBMYa9FHI8TL_ENpWVBt2zHFMTMKKt6v9xW1A9LQ_gX8cT1uVWMUL8AWXgEGHL82UdNMa-LziuV43u_JYRSKq2EM_lS8r1Qu5zy9fXJUUGS-95rNqprNG0rpMqsy0mY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9A46 0
10 B 56ms
55ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?TJQcWg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3F06 0
0 208ms
208ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240118&jk=2447506523472180&bg=!EBOlE1zNAAa8BdJLnAU7ADQBe5WfOKJSCdqdmORdzzr7GH1Jiu-7R3IsRyuQIPShhHZUkB7KWGuKCTNCc1g4HzhJjl5JAgAAAEZSAAAAAWgBB5kDGL9TwoMVwqc6kRHeXa3aO3_Rzea5YugmWNiE0Grd2Cqyob_X-fDxBKqKceELKI335RLuoLrRkbtNdlDLpdqmd0ewFGa_Ako7I9rAmPkuXeBZ__54WF7fPWGQ6LzAP02FLit7PhIZ9_8Hckwr6yl4ntEJ9qDXygTJ_kMwaANqJuyyG-nPLktaBsmHd07OzFRCqQeg-pCPbuYB1jkqzYkzgi56aoOH8GHYhhd6sUTPfiw582J1R-e9_2kKSbPbOLfk1-8OjFki2R79fGvmQK66Gs9urL9ZWyi90zuUlMK9WG3XoqF0nTT4HHKCY-2CHqBY7c0LAiV961m5rmhdv0QgVgBG0iz18fxs552UzIWNtxxm9GMmTYHvgjm3ZeZJPTqXa-nibjbUycsUWpP0W-mWV_TtDorgaKOHDdRfXwaOxkrPV7BWT7v26cLh25VuNzIiSjItiQwFat2cciHUMBSIK_usNZiAT5e5cr3R472EIxIBrka3aXmcHiyCt7sYgHXGGF2HqBdkeeotiRA0WFRyidcqHAA0MZ731XKn2URr3_X_gUPv0QZAOhCm8BeICqIVbd1WnELrEhZUq05YaXvkshEM10tzo9cuaX2nLHXJhbflEgUxedYKcA3HQmQywrt7JhPV0pMilFFY8XUhfq5AvugVrB8TPafDkS2YdQsDv5GI-gOh4XxcstLDg6d3Re3Mrjr2E1JUt0KmsdjaIzAvMoTKsptQQEhepyqAWzR7KYvhQ-wdSn49m5v_ezevAY4lLi_8OmjHDbVRSn9TsBb8xLS90DCdy7e0NG5jfNFJlGB1MnjNQ1YD_vYa4HWYb-RC2wmWy1A79Xul2uzIiXOpKAnvhfkjFLOcd8XavgQCp5-G7y_NHwnzG38cB4VPJqvGd5w_0VCPA-bCa7AhzpPTd0jF-RTvaFseB4Gw9qVBZYUxbDf2H6EGMTdVjoxA9jk2pweNJk7e6dGnyiKwZxrS7upYo1zeJtxHDbnyctBmqucjI3tOP0FVXHlYbIzS3m-l42X7IKOEb2WpzUscsfO9NNmsGRU0gCfnGg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F56A 0
0 209ms
208ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240118&jk=1046948045195996&bg=!b2ylbCPNAAa8BdJLnAU7ADQBe5WfOAiUbM5_Bdm0wcF24uWKcKF3fOkLth7wEaGMGe-al9-jE6yzZSoO1sDAEjsHr6ooAgAAADFSAAAAAWgBBwoAed_EsRzpunN2jfR1gd848rBRNBpRrAYdY4UGUGi6RTajPZ82joysoral7woD6oW6K2MZ5OW_httceg5nfOHwdhsJBfIetXB8k3fGmbmHL9vMvgtVX_QwAmu_ltXe4uE-D8PmtvjCOnMGNvhOpLAsH8rbXUVDD4S6lmKZAw-MZ2wOxypivu43VnkdhAPCLKEkCGHLVgV6lWv_3Ovd9d6Nm90i168zccmWS4uzhzMqI7RUWbbcqRoT5_sHxZgNo872CevdTyI4AbicPPQtppvLKkkCP-JjsJr_xRNpOMD254emlbnsoKtWq98mpFJTkkMmYd_ahDQ8z3eR-ZCFmR3bcfegAL7BA7ji89u-gtgXDDcoVqJfTF_vPFvLXgLlTVFnsI-RyGDgZTDRWc_iIsPMuFn3tRZytuTro4RpHa0sH6R956EIE4vYvHGNs49wvTaWptZpsmD6_TYg5WCjw3W1raO5y8owgoYtig02jwBLYDI1L6cy5V8PxrYPuyR_LqARqARzMK-2VLPoHJo3_5hyELcegc3GojRKY2ccnUWDU3tJhq0MKCzAsDm7wDfJi1C4Alqfwd33YJTEbfmZM7-Yz81YRGe-TU5H9jWsY8zqeg-axHFeGOvYT0XKG63YCWbpq11ygnSAwAuSTlv3HJa_c1lYE1Az_ttaqpd7nN0GwnokczSgU2e9ciyAiqX8LEpD1BH0gIuWJV03Jyj2WP4d3VLzPyBZCGZJ9eFWy02Q9bo2kVHoLp71JSmp9HrgMzVdK823MMj1kHcGxX7kCLITirxqckhdYDAmfYlT8rq7YqnymU1PTEaaj0cbWJnbItDls-kBopfVGkmLQ8AhrIuu3W7CjY7cfYIYIYCBhe6YD8GdPB9_9ScWTT_j9rkTE67QYm7GulP_cFT9FOQRwo_WHl8vbvAgW8DnOCEk9Ge8SYWC-nv-FPlnvf8WkbD7I9gqoPPfSHUD5JEG7yWG-Okt4TI_Fk09Rvmlvsnf-MGYv5FmDlLwUGd9FJMrZmAVa1HEIsS8Y8BH_okybNsSlO27-e-ZIfUfzTYk6w_9J2yQcshIGNS1WExSgh0mZC0zBLdxJGtetHEjN4iaPcqn7iH78xJSAUPR3r5eoN1ZHIZE-bEGBrCl43Ca4CjVW8_MsD8yCE7ZS6n2Ao9W52EMZt7iyUtO5SzPaURGOpfb3SgEEye1_GHq3sbukuoxnZQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 141ms
36ms Preflight 18.171.41.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.171.41.162 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-171-41-162.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 22 Jan 2024 17:24:56 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 2504 16 B
209 B 86ms
86ms Fetch
application/json 18.171.41.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.171.41.162 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-171-41-162.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 22 Jan 2024 17:24:56 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F08B 0
0 208ms
208ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240118&jk=3922862885230430&bg=!KimlKWbNAAa8BdJLnAU7ADQBe5WfOFedswZ_jCZ3EED0RSa19yZO5TGE2LJKDOdXBdiyWc4CXWpMbgNlLMjv65uymfzRAgAAAD1SAAAAAmgBB5kDBkYSYxlUh4TfBCZ6Z_nJImuKH85Vy0L2DAcr6A-nkh3MSAMTUsYlEWR8pKsI5Uezy6ZahQpBGZaTbmeLdDxGhFEG7osNOkptYgj8pHNXGHJ1hsfv5BcVCAUSJFnNHJfGcc43aIXtUlT3vIovQgcdQ0NXmvGTFPpQ89jw8rpcb_n1OZ7BruazOJk9eYr1OOEgZnAgQ_IM4LINHKnM4DDn1H0bVzDBJ_FgvR7sF-0-ToDK683ohKQTBYGDvoGub-IQ_m9dOEN_ypdkxSDmMfJSMEoDbPrC-7iKmObrnxcYlZMd6DHYhUByzf6ma9aWZ0vcc1XchhMWb901wqhGcWR2kw15QETUzzAZAwsir5uOsZ6iTm-dH4XCDa06bdslu3HNKW_b8u2twctmg2nphXKY0cXSwjZwnssNFd_wM-AUDEBfgh30cQJzaoBELKwK0C6_6Q5n1NP9htGrhbj8xuf_1buNfCQFNN1-i2N28qVOytUc41GFKrhBhQ9wv9oEjRRtJc8s6oTUsAwjizuLLw6jS9PdyRxgtt0eXGB_ZXtek2CI2YDdJdhQEgqnZyeH01VY8jqVrbDrQ9dkTUoHzsUX9JsQB9IgJ0xHFrBTH4vya-N3_K455cpuUSaCpxgE26e5F-PBYt5uwN5TQpWaB2U588NaAWUo44W6KJWokO2zdK7kdBmWy__OajWHb8GNA6sYOgD88nZ4gwf3fLeXPBSAnVoYU1uL20VKH0OdcWW2xh1NvjR8XyxBFseQYGPEEXsd1U6cUgBv8jZcFlciDthaR2nDoXxvO2WyLV9Fd-2TvRrgzrXOIfp-TlGeQZBYZ-Q5YjkXw_fbPqd82yFhoEtNoiQLDswh6BcbNzbYAY9ju2to0OAccvv3iLtwYl3R_2ILl2qdAQK-od56khF4tCz_kcglGpzVyv92ADKjXcH2bpveIa9qb5NL9iYf9FmYU0s4Sym_JSiAAyHR5dIwqmntU9Y5HAyMuKWj3SmIxEeqa06Kf1MaRTdsFp8LbFHIZdS9s_cx7sEhDQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 qingzhiqumoshilansequmoshidi1-2jiriyu-jiatenghehui.jpg
static-a.xgcartoon.com/coverw/ 674 KB
675 KB 39ms
38ms Image
image/png 2606:4700:20::ac43:47bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/qingzhiqumoshilansequmoshidi1-2jiriyu-jiatenghehui.jpg?w=780&h=376&q=100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8874a1d7495f32542f85d01bc2640b04e703e73b1faf0f3083ae38f6657f821b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 17:24:57 GMT
cf-cache-status: HIT
last-modified: Thu, 18 Jan 2024 06:32:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 9997
etag: "077DEAE3C92ACCD11835C4B8A868E2B7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2FGKKVjb5viKR6nCB2C6QXFERcUK9nhNc3X5LFp1xAvo79azFkv4H7J6kDzAyX%2BYAWybBsAY0QRTNcnouLWjp5veWnpUgmlJyTJzuLe31%2BjO1MxJORO1Ugi%2F1lG6FMt6K1%2FWa5IkL1RWIdeTsmvEVzZXFek%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 84997e51fd7b3665-FRA
content-length: 690250
expires: Wed, 24 Jan 2024 06:48:19 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ad4m.at/cookie-frame.html	1970-01-20 18:35:36	Name: userId Value: zOlpsfhqSez3KOcGw2jl48r6TnYioQSL
.statcounter.com/	1970-01-21 03:28:24	Name: is_unique Value: sc12916097.1705944291.0
.statcounter.com/	1970-01-21 03:28:24	Name: is_visitor_unique Value: 1705944291397044416
.xgcartoon.com/	1970-01-21 02:38:00	Name: _ga Value: amp-tWaiPjBxdcsdN4P6xZQVcA
.doubleclick.net/	1970-01-21 03:14:00	Name: IDE Value: AHWqTUl4mHs6JcxuizNvmvG8xuzbt7gS1TboZfht2pQMWXA3T5RvMAPBSfE7b73uY8o
.quantserve.com/	1970-01-20 20:02:00	Name: d Value: EEkBCQH7KoEA
.quantserve.com/	1970-01-21 03:22:38	Name: mc Value: 65aea4e6-e9a46-c58ad-b153c
.doubleclick.net/	1970-01-20 17:52:25	Name: test_cookie Value: CheckForPermission
.travelaudience.com/	1970-01-21 03:24:05	Name: _tracker Value: %7B%22UUID%22%3A%22E635E5B8-E9A8-4066-2507-73CFFF77CFDB%22%7D
.csync.loopme.me/	1970-01-20 20:03:26	Name: viewer_token Value: 635d1957-318b-4352-b3b3-651b5a65c707
pixel.rubiconproject.com/	1970-01-20 20:02:00	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:02:00	Name: uuid2 Value: 8380598457219933264
.casalemedia.com/	1970-01-21 02:38:00	Name: CMID Value: Za6k5sWz.7988uYhe8qJJQAA
.casalemedia.com/	1970-01-20 20:02:00	Name: CMPS Value: 5243
.casalemedia.com/	1970-01-20 20:02:00	Name: CMPRO Value: 5243
.adnxs.com/	1970-01-20 20:02:00	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>?t'1+1!]tbPl1M>e)ZlrFUfJ+tGXxoPM]8Z-Ai7NATgK9pN_qZ(<sH`<b#ru%bDS<_3If)y3KL9D3I?+XLpx9r
m.exactag.com/	1970-01-20 20:02:00	Name: exactag_new_gk Value: c50d35154e0f48ac8dc4fc5b9bbec949%7C22.03.2024%2017%3A24%3A55
m.exactag.com/	1970-01-20 22:11:36	Name: exactag_new_uk Value: eaea3f923bcc4bcf8c5618d067abde2c%7C
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 19b5cc1cad5a40beb2b69255
ads.travelaudience.com/	1970-01-21 03:24:05	Name: _tracker Value: %7B%22UUID%22%3A%22E635E5B8-E9A8-4066-2507-73CFFF77CFDB%22%7D
.adform.net/	1970-01-20 18:37:02	Name: C Value: 1
.adform.net/	1970-01-20 19:18:48	Name: uid Value: 3034969284193304702
.lijit.com/	1970-01-21 02:38:00	Name: ljt_reader Value: ICPUsGZHfnjSXUhtQc2vAEnm
.simpli.fi/	1970-01-21 02:39:26	Name: suid Value: DAC58519139E48E396CCEA28229A73B9
.adnxs.com/	1970-01-21 03:28:24	Name: XANDR_PANID Value: RRpOvKlFARiWp8E0HnCOhdcp3I7vMYq9aLpTkyPb-yrRmS71OxFArfcccZqtuCU-CRuP3S1jchLv9egnnYkCiWJewM_MBQBIugIu4_cqxbo.
.yahoo.com/	1970-01-21 02:38:21	Name: A3 Value: d=AQABBOekrmUCEI8K6q5ixfk3fuV4oERdANoFEgEBAQH2r2W4ZQAAAAAA_eMAAA&S=AQAAAtzHMilkG4uuy3EnEMErv84
.hspvst.com/	1969-12-31 23:59:59	Name: VIP2677 Value: 1
.w55c.net/	1970-01-21 03:24:05	Name: wfivefivec Value: PRYzAoyg1RrY2z5
.turn.com/	1970-01-20 22:11:36	Name: uid Value: 7170041376022348646
.w55c.net/	1970-01-20 18:35:36	Name: matchgoogle Value: 5
t.adcell.com/	1970-01-20 17:56:43	Name: ADCELLvpid2945 Value: 164800-46690-oneid7QWSqfzf38crHXHgtAtBGMc4S1TQ8Eu2k1joneid__suite_Netmix_Reach118_EXTRAPUSH%23%23%23%23%40%40%40%401705944295
.awin1.com/	1970-01-20 17:56:43	Name: awpv11354 Value: 412871\|1705944295\|29280b41-b94b-11ee-9c4b-223173d2bc6e
.hspvst.com/	1969-12-31 23:59:59	Name: VI2677 Value: %7B%22time%22%3A1705944296%2C%22utid%22%3A%22873ddd951052bd07ecf531225af9e73f%22%2C%22t%22%3A%22P%22%2C%22s%22%3A%22%22%7D
.tribalfusion.com/	1970-01-20 20:02:00	Name: ANON_ID Value: acntuJr2PKdFuYnRXqnA6SZcA7kQWM6qbCKUwOOTbZbyZdGTZc3pC93EXqvtyJaHcLKrZdtZaOckuqD3SSU5pTYkM0YWYs
www.conrad.de/	1970-01-20 17:56:43	Name: HTLP_timestamp Value: 1705944296095
www.conrad.de/	1970-01-20 17:56:43	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 17:52:26	Name: __cf_bm Value: PvTXV6mecj.UmS6LI0dssjzhhnP1yQj9HXhtMHjMrZw-1705944296-1-AfY6HH4vIGt91SuaYkBKZBa1wMQhuUOz5mYkSdIa+aIu30PT0C1NkNAsim1EExGTBCuqe/CF9YSIdmB0uiWWScY=
.awin1.com/	1970-01-20 17:55:17	Name: awpv14702 Value: 412871\|1705944296\|293ea081-b94b-11ee-b3cc-2233d0695e79
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 365825:2531885
.3lift.com/	1970-01-20 20:02:00	Name: tluid Value: 1595142544489170338553
www.eprimo.de/	1970-01-20 17:56:43	Name: upprPostView Value: {"hp":"8000001991","em_source":null,"emid":null,"puid":null,"pvid":"65aea4e8141e30d18a34f733","lifetime":"2024-1-25 18:24:56"}

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
javascript	warning	URL: https://www.xgcartoon.com/ Message: The resource https://740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

31e17ad85f99f4ac8b6c23bc8d0d21dc.safeframe.googlesyndication.com
740abd7bd9e2060d659f77a10a2058bd.safeframe.googlesyndication.com
a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.eu.criteo.com
ads.travelaudience.com
ads.w55c.net
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
c.statcounter.com
c1.adform.net
cat.nl3.eu.criteo.com
cdn.ampproject.org
cdn.track.production.webgains.team
cm.g.doubleclick.net
cms.quantserve.com
csm.eu.criteo.net
csync.loopme.me
cti.w55c.net
dclk-match.dotomi.com
dsum-sec.casalemedia.com
eb2.3lift.com
googleads.g.doubleclick.net
ht.uppr.de
i.w55c.net
ib.adnxs.com
image6.pubmatic.com
imageproxy.eu.criteo.net
m.exactag.com
match.360yield.com
match.adsrvr.org
netzwerk.uppr.de
onetag-sys.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
r.turn.com
region1.google-analytics.com
rtb.nl3.eu.criteo.com
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-a.xgcartoon.com
static.criteo.net
t.adcell.com
t.hspvst.com
tpc.googlesyndication.com
track.webgains.com
um.simpli.fi
www.awin1.com
www.conrad.de
www.eprimo.de
www.google.com
www.googletagservices.com
www.xgcartoon.com
x.bidswitch.net
104.20.95.138
13.224.103.78
13.42.201.144
142.250.184.198
147.135.143.66
154.58.197.185
169.150.222.217
172.217.16.194
172.64.151.101
178.250.1.6
178.32.210.231
18.165.183.89
18.171.41.162
18.196.137.47
185.64.190.78
185.89.210.122
185.89.210.82
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
213.202.235.9
216.52.2.86
23.56.205.163
2600:1901:0:76b9::
2600:9000:2190:b800:1b:5138:8a40:93a1
2600:9000:2491:4e00:1b:f040:3600:93a1
2600:9000:25a2:a800:3:4706:a6c0:93a1
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:20::ac43:47bf
2606:4700::6810:c0cb
2606:4700::6812:19ad
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:828::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2006
2a00:1450:4001:831::2002
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:cb40:200::242
2a02:fa8:8806:13::1400
2a05:d018:d29:3602:5ae9:3b9c:4769:a477
3.76.149.124
34.255.141.62
34.91.62.186
35.190.0.66
35.214.149.91
35.214.205.187
35.227.252.103
37.157.2.230
51.89.9.251
52.223.40.198
52.57.164.72
54.37.204.178
69.173.144.138
76.223.111.18
010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58
01dac0a23f1ab1677d48fad923d2ba0cc16a00bb251f7cbd81fdc96be1a5dd41
01f787222e330c96bfbc61c7eaacb6b2a17a87a1050a20832203f612e074bc3e
042d45de7ef7ed8f7103277661aa777499ec2f4b5c029e9efecc4f9735735c02
05dc26f26011ab1dd2368169f3ceb19fb834eafdb3b69a31c4007571e6b7e544
0608f1a7ef6606a2cfffc069a4dbfac115530a028c34f41fdee74025a8e041ee
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
089858cb4c96d7fb7819671373a26aa8a92cc7acfaba7d90630c89f668ee1760
08ac32867dffd87cbe05daf8ebfa38078ffb6dac040eedb5acc0f8ff2194d601
08b9636b6775125253e8c852c70e1e86af7d3f18472e95ebcbd5213cf5da7a13
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
0dc8d4c8057500621917b3d88c33f534d917b03234c4716c04ca483e3dfdd69c
0f53617902a4994ee75b7cff7797fdbb76deadfa433fbd7c905279ff23c9ea43
1126261762db36bce53560ac36f5ede1954662d33a6d6eeb62d84b715070e7bc
13ab32b7ff4384d8b701b6fb8a8ea31cac46248995ef4baaa73d999ad980c9d5
13e6a7a86b66aec6cc0cf1441a042fa7beaedbab5dc996b0341301518a1f55af
14ab49460c47fdf815c70b7f64b44d3448cc900818109df37d872cf9bff5655d
1550cde0e7d219960e9cb08513b187557f36f8492494b8aa84722533baa675c4
1917b964380fc9d01d1e73a79c4d7cd4c0e9ae2a34ae63ddbcd65cea655e9a06
1a201693256ab028b08a1527c4c961d2e2c6bc2bd241261d1c414ca243a7298d
1d13cfeb68d1dd40526d00e29dfa3eaf1c163ad2ac341fe4dc61a3b01c5b1311
1e045322a9f6d9743ca64f11fd7f5675688351c103b4bdd6baf312aa4246e928
1f3c16cafdec670b7dcd7eea069fc0cc826f57bf45342db6192f22be33555437
1f8a9f8ae1b2b2ebb3064529d36814cd4cc7a2dcd7596cbab57c819b53f4e822
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
211fd5ed1d29657a3f4100fd99046fc5063a494ade908d45fbf1425f72d20ce7
24708f1809ac941959262a8d3bd627d92cc232d3aea08fad908275f4f58c82c7
24b7f24e696c2ce4e5a02661aa40c8ca837d4f40c5c4fd26cd788fea68719364
2661dcb6bfa9b71c39c54788bde5ea88003db9f7384c04e66d6f7926fdba8894
284ec65524e8704271d498a5f3f8f55934e047e6027f3b35458658c0d8bdc684
2886e27083578211913540635bb548c491e3c95ed5bd66f0559fb01f540abe58
29cddc3fe47e2d29b9a2f822602eceed6bb1d5bc51b6efb0a0c2ba2c1c3912b0
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669
2a9b3476f22286b7071932864798907739208b9ecbf4719182e313a75c45135a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f41cdc29fad9db0b0ff1c365d9cee36da396346538b001d566a66f261be39df
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
304638ab983010fc7ab83670c8d903bda6b473ee4d0381a15d41d41337e065af
3117435f29e0de48ea6ed19bbe21500a39ac0901bb4962f6b65a938162f54b8f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
326db4ba0a99427d55bb9b9c42decc77d1d07a925a3c0bede1ad8e1f511c82f3
32ee695fc5354fb6448cbc5453ec1d15f01c7d5f74539da5f93126188b9fda22
336711f9878edd62002f90a5278e419d89a355b81aaa7eed47c9aa2223af87d2
33db53c59f86658a2a1c5a8515a4332b2837162b2ec8c13af379f32f122ea18b
3523fe0bfc26b6aea6ba24d933045d533972c56d98371a9ad2f952afa3af4465
354a25f44878b2935ae4bb47c8c285c749b3d439526c270e69a0404d01050399
35b4879e99e37de528d52106843e2fe7429d4f13a3e4897c6be11d167ee75d69
381232d2c2abe63e0ab584724b576679821605344ee9e94b54269b09b3c39768
3bdb3d3ab34757c5e15e9d6c89c9ce38aeaea8d49e4861ab613d8ec81cb774e1
3be09dc0c3a62f0a8397706bf1d6fc53d4dbcadf38863aaf6b87ceb0f1eb3d18
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fb7ec6f047fb6fb6887ee3f4561e828c9cae980a040d85346d1805759756645
40803f6727061b25fdffeca62b391f51e86f4656ec71f6748e70adb24e4ef2a7
41060dd159c926287487f50a2d8e583c8c72e6121d1f5ffdc626dc6cf6bf4efa
41183135c8cf232f30ce4f7691f27ad90b5b83933071118ca5dcda57f0a2f64a
41299fba41f71ca08502042a20505807e595df9bf997248f4f4e2cc5ecc1cfc9
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44700b1233823163b275ef449b07416584e34fcfa84ea278add52634ea3cf4f7
44db555d2f4d1cb4fb8a1a9772763b469847888f9d5aa166919e51b18ef6b437
44dc02d6b1939e710d7d4988d9db69a9b0db3c988409396d66b83d86bbd7e937
45aff63862b7a85a48741e816ce3b9fdc7e2ea725e1f5989ceb47f502381a4d2
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4803fb9ad425e3d59451441ac6a7c901a4392f78f7732f07aa2a5292503460bb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c851642ddc61a2093c2445e17251c1b7465d979185267312ddc5b496828813
4a920ac8a357b492b991802b1d781790c9923a59d37c335f6b2d19cd39d100b0
4ad77e5720212532738f16bf5d23e1303d984d0d14b396da32f00018e70ab91d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c60ff586079ec640274f556fd715614b817b71e62289deaf53fd531bd691c18
4c80f1a8a826dede0f2b6778a3e89430b8d822eb08740d8851acd22387af49bd
4d7e3dba795cc58a5bedbef6783f9e5151f51447f01b9e85e54bd16fb762cc15
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
542067235850b4a820b4cde2e12986f55883ab054bc26eb99326891864a71ed6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54eda68a8d6e9cf6039971639882c4b78f652fd47545a11a66bffc39df959e40
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56f7c2192cfe88054e45b9e96a3a2a7e223cb152dd860c927a1da9a587c516b1
56f94ebd1c28cf9e916724e6292ad420c489fc29ea7fa07cd9cd0d790711d29e
576344e4303afb0331fc64176138c1e308271b5198032d20dccd114e7d81ad55
57c6f297f2dc5f2a32d51a397d7faeb827891d8747ab595895560f4dcedb6344
591c4f9292957b93ab9f9b251d99c1a3217d0ed4cb7d34a6be5b7b0619e547ae
5a0b8fa938af334bce5a350b66110d0b21be7630c46e6fe32fd0f00d877e1e6f
5af2b3c44d498d4ca737d2fbc0acdc882fc81ec81afc4c1b7d8548f9b52f64a2
5c6a31c295e712e8e9e0875189171f743c70a2da3d2b3f975ed577844698fc5f
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3
5ca4b5260e5b7a45b242e3c117e96451cb1d43563baee057f0d609548a112db7
5ccc894d9f9c7fc37246fa2358b042bfeaef3258473dab8c2db90c6d06d5b59b
5cf7e1c0ef1564cefd0cd347ea7eb6a2b676d41ff1235864971a882b8e3aa13f
5ed841005c6fd7c9bd183a289bb9e7bc9c7a85e90d370bfb9eb42f440b7ede73
5f222db50f8d69f3822c6a643699427a68a65912d57194d3258fbbf031cb7ac3
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
675b94eee8eaa34c60168c5a9260bc17f659ed4a889117242b4a2c9b7802a9fc
68065b3020de1762bac48d920b7950bfced5ee1005585ca3df3ee62d3d41218d
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
6a32a8e07e40821b1d8159dde25629da90adc8678205f8a07d023c73943199d9
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6ceb4554f50a9e5fee4f581667447650f8be0badeb70d4617184e3ff8e0d2e5c
6d956bf3a7670a172321d0146a2a2ef7e726cb1088e88da978c06cc0b0003ad0
702495022f43f0f097d93b0e5d85cbd7bdeb9ea8de4c0e9c10ef9c89eed83d1d
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
74d4bdf53948592ec60f4d551e63e2a0ded2ef5a357eaf7ea0a213d96cc17c30
753107f53fa7b6669aea9980a59cbbe59f0d21ded66bd2dabe9ddbc24ddcb2b6
7784163841e1391b845e917919d600f7ad2512057fa76c890f16cc5848858b96
79a4ee5fa6a15fbae55eea751a98c49c19bc62f20c2088918336cbcf6a21b178
7a5e8e47f8c822a6b6949d92a6ae8666a793ba1f1a208f19b9cc696d560852cc
7abe4ef543f967bd6fbc94fc40b81fd8a19428d105ba4d20d6f31783e81f74b7
7ad8f1977f03578b7a5822a6b9aea59d9a5c136dfb57ea1f6f720afbcb0b513e
7af0204489e6c7cff04f3ed405a6e34e7f9e80e68e13f123fe2d8fb7497ab7c5
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b
7efccc5b661a27c53a44650c315c3f3c73727c632afdcd874fd293bc5b5f022e
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2
807272e94eb1b184076d7d80da0dab8b5736885bcb3974f7c11045fe7f4cea59
813f45a3c07acc01cde57cc78e3366e42b84c2cce443db4f9bdcdbf1990a9e3e
847677e364f632a14b284e72e3b92d136e77486f4efccb0e81aa6d62432994cf
867f05b525e309e835db6f09dba939aa9462520f709fd32661e0d46c589b4380
8874a1d7495f32542f85d01bc2640b04e703e73b1faf0f3083ae38f6657f821b
89ece7b7919103193fd713f49c65147a7284af4523cd0e8a6333c8c5be3fa3f5
89f365a523630bea5ea3533ec5c06b7db2297d14ccf662fe90aeba69d9ac3158
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
933d9985002878b2cb83a602907207484151629455a23934ecc7c963cd36c3cf
94b0aa179f9950baa8375f953ee4a03b1606d0945ff3159dafa2c8bdcbb2d59f
9769820d10612f85cee19a81be43be3b11f1513f9b9bfecda37a6bcb47a5cf73
98472aca1751533477d796babf3f0280fa5535001795bba67124335dd0dc0d5b
9865a9052076efe13713c5c89072e117cab907d9be12fa324534c658d17d813c
9871a28da9d6c14618c73949c5bf29f914e8ef6e0a122f23010fb49073240a85
9919c8af4aeabfd58bf35790f51b3a60ce6166a92fe7e39f552507c8049c6ec3
9992624ddf4cb4ac773852fa5f19f10a876c437974a3748acd4499a738ec8dec
99f393936df9445c67079666fdc6d7f20321fb40c6560f58f311a19552878d38
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9be90927457a9b46975fe71fab4c6fbaed179c3b41895001ee998c602a5266a0
9c207450f3bc541b0c0bc2a7f4801fcdf104f94552c26dc0d17e0608c63bdb5d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1047f11a0a014218c64605637be39455d55f3fe0c66850eefbfed3bd9aaacd7
a124afe4b0d4ae663159812c98122288ba53adaa600b58447886d2ff2f09245f
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a343a1840f00a5db5891891069d57a2af26f4c1b80be9098252cadcca0b4e6bb
a381f999cc9e93014e711f4958dcecfc6d5c2531e706d332a6469875ca7e68a1
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a97d3325c01891167615327fef9cd173ac264f69bf526c15af006ad27f99eaf5
acad1a12850c7f0b5f1874f385a84f10539ad98a380784ef08df5eacb7d4b0c7
ace8633766e99eb003513d6aa7849739f840862bdd804de2f70e0ce612320b2b
ad8677457876f632db38d31886a4f65dfeb50037c421ed20a9918fe60293585c
ae06558e4b4f72de2a6008cb633ba3952e1a6ab05ede21c70b5bac8be060f130
ae5be78838b959fc4609bb19ebbce1e3b7b024382d4bf70076fc579e4e80bc2a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b2fef036a7a117cc6c136b3c78f82478ac0bb8142fc12ca09144eaf1af495357
b30c7585cffb26187b198ab10d4dced54f117b46767a3991eb7d74dd948fd44a
b3be69c4d77cd568b0c2d360918d62e86b33abfe1b08a2bb2c6993235a67d264
b497840fdc78d638af40eccc2c9fd9006670503964b7b8d7d84c5f8062ef25d4
b4e0a8238ea0b4d0caaef64f7f9d3b45ce79d90ec3a6b4210ee26ef9f7527ba2
b5cbed9147f88e081848cdd63a0791004ad19c85d075033508db726df783c558
b74d43eceb8c7cea965f066b96affd905a95e2ca7e82eef899391a61fd0461b4
b7a1f2d2b3af5842dc4b63539230c2fdfef285afd76c1304d327daa0b51cd575
b95179c7695d6f272190773fc0488184a5ddfc81e6727847cd4a54de9259f5e0
bb92aa26cc98e918f266d4ac25043175859c1cde5cd1a728b67d498a9525a5e9
bb9efc942fa519a05aa56162888dc43a5d7210e338414149ed8967e596afc669
bba374b80c5c038c1bbfda59f9fa82dd130325cebaf31e7bbad17b31cb9c0707
bc3ed4237446f48b7a1712e453c5b6e013a55b68e7fc55d38a86341783055fe6
be6a4eab2fb54460aae752e5de72db4c2a4f1d2bf69e94cb4435515c9609d1ee
beb41f5f31d4b2911ad91b5b7b05131f006837a6c2bba64dc0659266107431f3
beec0092a647ed9f2462b81eda57c12fce8913689315c5db8cf83d13bf3dc9cc
c016b3802aad222e73982d7c869e45f447c51e5475b91fc181d6c0cd81bb103e
c2cad61fe2e4155f3d2f862e29bb1c0a305c4ed49ca98a78bc082debc08a5a52
c39fb2af422acee96c73b86f265ecfbfc2d28b2a6190149cf70cf8a4406b1fd0
c4d51bd3b5d960b8c193cf3b6f064017afcddf2ac74ffec5f89135c36858ff5f
c59cff9a64bddf2deaea3effeb952babb3a012d05e7b1d3ecde5212f7c17b9a7
c7f7f5265aeb0202ce88e8a6dfcc0ca25a7b990bb9ffac2f9e430ae6af2b6154
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c967704e74422476af65ce38377f28ec65578934188ace0032afd938a8f62ff2
cbb41d948989c5c65e69966c145618e2db14c247ba6b92a6bb7bc62eb29ad634
cbc3cb92f5d82e2d4c4f2c84aeb2d53ecd27d56994c7d6c5cef6410afa487498
ceb8986819f631d3f8c553100e2946ba5b035379afb17d00113673ca128ef801
cf11cee75973dd8ce7ad29c194eece5505a9cbca0ea5efe108af6b0e8cf18098
d276da068fea1049fbb29d0aaeda5b9fa8a38e50b3f55741ffe2899cd52e6d5d
d39cab397988a01c2cc2e9576159cc1ebd9745b0e1ad8b2fce90614ea130ff1a
d3af23be82800e61856bc90632b5e54eddda4d159d289aa69cade2508e426215
d42553a5c5c21454807af7cec2bc459c0dcb08728f1175db01d196b2bdfc8bf0
d482e30a639dfadfd7666454ba4e274c9dfe3f0346a2e1508df1c73f84e6aa34
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
dd4c2ebbe912ff215c66daf2b4d552ae1836e7073ecfafaa005d8dcd1b7fe11b
dd9a89e56a84ff623e8b72c5e8c809bbcd8dfe823a55d113e9d044e72047dc06
df607f1f65672bc5e200998e0fed6422cff9bf053a7ee99348f9527906886fa5
e134abee98bbb1238b04b0e47c69c8d3b29dd33098e0816df2bb8f49bc55ba62
e19ff24b75696e9906de7e3fb216caa47f4587e16e2be5952d4ed621ddd7203b
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e34e4329732e0b62ea7754983d3d852f8382ea26412f8c91ce19d77a54fe4a50
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e1c3ddd971246777cf608f58b76b12c513b5cdcb104aa0aa70a17810aaa57a
e51caf5c4f4e84fbdb340685b602bea060d4d87fab53f01f6a6f7ccb80cc489e
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7c729b9db0f487890eaa69d83c307284bb418820a6ffc002e28b730950d3ea0
e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb
e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212
ead499b985ab8cb63e70f1ed19ddeb43666172a9c2bfd3c441e2aa4310fc4bc3
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebb17bb8f5671a90a39c16213579b003f988e5ca23b5ff2c26a7d064c09ebf4b
ec3fbdf7ea798484a4578356386dcc8f3668cc1ed1e89dc40ca380567f435af5
ed7963210a78a333d92b24b34534814443d69c7cf2ef37f07653f838ec3eef25
edbfe72f204ae3a3b80edac56d32a56fb201f2917e5b721b63a3198ae0892c4e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f05bfc1c8dfb9faa4041a02327c694fd5134896e214c39217c71eb4039b13e6a
f121a336589baa8e4e36ff8e08c70847b57ad8545b693a2e4e96a0fbda38e42a
f148de89d4d03108e6737d5e74eaf6092c6f20a0cb6fe15a712c71870297967f
f33a2f5f25c391fc75150a3034ebd6ac072945f97ecb572df2ba5ace685c023f
f4620eb8558321711185c5cf37ba11012a3d67617ab55060ce2ab0c7ebb1a5dc
f59a24724025aaa808fdcb5db803d2127feba310c2acf9acb0e5365b9a2b8809
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5c59127ba5fc1bee156517a8cfa5034f3b5cc76ff2ee316d14bfd44dd3f3e5f
f5ce0e16dc07e66387e8f20c1a890f31a0e244d8d9021fcec20bfd084418f1fb
f6e1cc877a10a8eb6972d29ff997fcba4280ce42b896f3909cd932ba02fd5bfb
f9482ef22ac0ff1fe12c7df21d2142a15aa40b0b58b746887ed7357324f26d9c
fa3ecba51fcbe3806a57d12638c9e2760902fef8faa7bfc5b4e0214ed36848b7
fe364619ca5af89c1517dc71bb790c4b2fc8ad68e40828b73d35c01a057f2820
ff146c82166afe0cf2e272fad7c1949b5cb6fbecffd3a5837d85a176f1759951

www.xgcartoon.com Open in urlscan Pro 169.150.222.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

446 Requests

92 %HTTPS

46 %IPv6

46 Domains

68 Subdomains

54 IPs

11 Countries

7748 kBTransfer

16012 kBSize

41 Cookies

1 Outgoing links

Page URL History

Redirected requests

446 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.xgcartoon.com Open in urlscan Pro
169.150.222.217 Public Scan

Screenshot
Live screenshot

Full Image

446
Requests

92 %
HTTPS

46 %
IPv6

46
Domains

68
Subdomains

54
IPs

11
Countries

7748 kB
Transfer

16012 kB
Size

41
Cookies

446 HTTP transactions
10 data transactions