urlscan.io logo urlscan.io
SecurityTrails logo

www.xgcartoon.com Open in urlscan Pro
169.150.222.217  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Submission: On December 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 6 countries across 14 domains to perform 157 HTTP transactions. The main IP is 169.150.222.217, located in Hong Kong, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.xgcartoon.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on September 24th 2023. Valid for: a year.
This is the only time www.xgcartoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 169.150.222.217 60068 (CDN77 ^_^)
12 2a00:1450:400... 15169 (GOOGLE)
1 104.20.95.138 13335 (CLOUDFLAR...)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
15 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
23 2a00:1450:400... 15169 (GOOGLE)
45 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
13 217.79.188.60 24961 (MYLOC-AS ...)
2 217.79.188.2 24961 (MYLOC-AS ...)
3 6 172.217.18.2 15169 (GOOGLE)
2 4 104.18.36.155 13335 (CLOUDFLAR...)
2 3 37.252.171.149 29990 (ASN-APPNEX)
1 172.217.16.198 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
1 1 35.204.74.118 396982 (GOOGLE-CL...)
1 178.250.1.9 44788 (ASN-CRITE...)
157 21
5    169.150.222.217 (Hong Kong, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-222-217.datapacket.com
www.xgcartoon.com
12    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    104.20.95.138 (None, )

ASN13335 (CLOUDFLARENET, US)
c.statcounter.com
5    2606:4700:20::681a:3f3 (United States)

ASN13335 (CLOUDFLARENET, US)
static-a.xgcartoon.com
15    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
6    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
23    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
45    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
8    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
6    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
13    217.79.188.60 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com
imagesrv.adition.com
2    217.79.188.2 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad1.adfarm1.adition.com
ad1.adfarm1.adition.com
6    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
cm.g.doubleclick.net
4    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
3    37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f6.1e100.net
ad.doubleclick.net
1    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
Apex Domain
Subdomains		 Transfer
74 googlesyndication.com
1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
1 MB
30 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
ad.doubleclick.net — Cisco Umbrella Rank: 139
108 KB
15 adition.com
imagesrv.adition.com — Cisco Umbrella Rank: 17335
ad1.adfarm1.adition.com — Cisco Umbrella Rank: 41384
105 KB
12 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 428
251 KB
10 xgcartoon.com
www.xgcartoon.com
static-a.xgcartoon.com
503 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
3 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
386 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
3 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
2 KB
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 550
363 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
756 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
464 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
256 B
1 statcounter.com
c.statcounter.com — Cisco Umbrella Rank: 10182
470 B
157 14
Domain Requested by
45 pagead2.googlesyndication.com 1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.xgcartoon.com
www.googletagservices.com
23 tpc.googlesyndication.com 1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.xgcartoon.com
15 securepubads.g.doubleclick.net cdn.ampproject.org
1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
www.googletagservices.com
13 imagesrv.adition.com googleads.g.doubleclick.net
www.xgcartoon.com
imagesrv.adition.com
12 cdn.ampproject.org www.xgcartoon.com
cdn.ampproject.org
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
6 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
6 www.google.com tpc.googlesyndication.com
googleads.g.doubleclick.net
6 www.googletagservices.com 1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
googleads.g.doubleclick.net
6 1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com cdn.ampproject.org
5 static-a.xgcartoon.com www.xgcartoon.com
5 www.xgcartoon.com www.xgcartoon.com
cdn.ampproject.org
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
2 ad1.adfarm1.adition.com googleads.g.doubleclick.net
ad1.adfarm1.adition.com
1 dis.criteo.com googleads.g.doubleclick.net
1 um.simpli.fi 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 ad.doubleclick.net googleads.g.doubleclick.net
1 region1.google-analytics.com cdn.ampproject.org
1 c.statcounter.com www.xgcartoon.com
157 21

This site contains links to these domains. Also see Links.

Domain
cn.xgcartoon.com
Subject Issuer Validity Valid
*.xgcartoon.com
AlphaSSL CA - SHA256 - G4		 2023-09-24 -
2024-10-25		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-05 -
2025-01-03		 a year crt.sh
xgcartoon.com
GTS CA 1P5		 2023-11-16 -
2024-02-14		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.adition.com
AlphaSSL CA - SHA256 - G4		 2023-05-08 -
2024-06-08		 a year crt.sh
*.adfarm1.adition.com
AlphaSSL CA - SHA256 - G4		 2023-05-08 -
2024-06-08		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh

This page contains 26 frames:

Primary Page: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Frame ID: 1292879E04C60650F029D0D3CE672B41
Requests: 38 HTTP requests in this frame

Frame: https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 46E1FC36A8E074E6AFAAF23D4DEE72DD
Requests: 13 HTTP requests in this frame

Frame: https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 2B4A8643EDEAD3EA73370E4AC1581C7E
Requests: 11 HTTP requests in this frame

Frame: https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: DE196EC4CA51566643F492714A88477E
Requests: 11 HTTP requests in this frame

Frame: https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: C9471B733BA2BA1B89EF3D2F64E40350
Requests: 11 HTTP requests in this frame

Frame: https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 60FFCABBD06DDFB1574E1212AFE49621
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 0C4BF5A832B37F4FFE297DEAC6EB101D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703243316591&bpp=162&bdt=135&idt=328&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7208&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2146587965&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079265%2C42532524%2C44795922%2C95320885&oid=2&pvsid=3110114821779197&tmod=108842617&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.yppubvru6v6s&fsb=1&dtd=337
Frame ID: 335A379BD042A53A825745B9E0B8CA8E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046730&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703243316653&bpp=134&bdt=180&idt=327&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7208&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=109242447&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44798934%2C44809004%2C95320868%2C95320884&oid=2&pvsid=1391495508145524&tmod=1166250086&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.hf97a5mxl3yp&fsb=1&dtd=336
Frame ID: 85D3C9E03B068955C9E69D8B221D2B9B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703243316695&bpp=170&bdt=212&idt=471&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7208&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=109242447&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531705%2C44809531%2C95320884&oid=2&pvsid=1177456641719290&tmod=2067988372&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6g4otq92cfrp&fsb=1&dtd=489
Frame ID: CCC5369EA693EEE682FEE127E93D9ACA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046731&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703243316670&bpp=219&bdt=213&idt=522&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7208&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=850761556&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079979%2C42531706%2C42532524%2C44809005%2C95320870%2C95320884&oid=2&pvsid=3790887298648475&tmod=1211358616&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9ypxgwe8hfv3&fsb=1&dtd=526
Frame ID: 3BEEDB17E17EE268AD5B90E98513705F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703243316674&bpp=204&bdt=190&idt=527&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7208&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=839628639&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079980%2C42531706%2C42532362%2C44809004%2C95320868%2C95320885&oid=2&pvsid=2843191572254011&tmod=468978039&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ppk80mik3f0l&fsb=1&dtd=531
Frame ID: EEEE27B42E6FE60B31B350DCA9B6F168
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6F7F045C02AAF5D618806DAEDF9A9D5C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 75E769B0FE7B16F72D61F76D759F1ABA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9AB0CC0D9A21F7BD89947FC173A0F97D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E5739A851DCBA280A6528249802D550D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhinu4KCAjAB&v=APEucNW8E4TWHNBUvmsHOBDGnmCrbcq3W_0-AHlZKeLiwUlHV0KbxL7keeN0jQh7_LxcAuF4TZ6C32X6bxPY9WnyQr3wnSFWac6JcK5-s5sUJrS3ysn0zgbbH5cF9xbARB5OVxI-Z6FSWqmosVRIg-gTrYAdUm54gucbP3vppILlUYpxvGLj-cI
Frame ID: F5B565EA231068F208622014AE495BE4
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 60BA92DD072D06D29BEF087682F668C0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 10DB0478AA3D7C29FA77EEED85DBAE0F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2192A8555BEF2FB6BB66B4F53E8A0F65
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0F7174165969C1F5B67085BCC02E9230
Requests: 2 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/3618/19094189/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC34q%2DNW6FZY2NEsHMtOUPjP%2Di0Abjkoj2dI7XsaqDEtCg1vesARABINPLzjBglYKAgLQHoAH0i5KgAcgBCakC1hwwsmp0sj6oAwHIA5sEqgT6AU%5FQZRP%2Dx2gJTbAjKWN%2DzvxBDYMMWADvfiSQS98mVFgCcNbY8St2GpGRxVF7f3g3Psx2tN1CGRXDIHGpuFuqHyme2bgDG27w%2DxssVYcTvlW7sx98bAEDPPlcXAt8aN9amMmtZv%5F00Fapr7HKchJaKmetlqiO3dmn5aAoXpRGYnqAdh2%5FxDbq1qGt3DCAOs54fd%2D6QjcXcueGcRbPoYrVMWqsMtH5wjeP0wvlyx6hFdUot97ZP4Eo4BPxSE%5FnVdEE6Up%5FaXTHNGO0mg4dx02iT%2Dcn%5FcdNW%5FKvO%5Fgevljnje%2DmP04CfBkOJDfP7RzUYwVUUSfphNjwtrGz8dDABPXGr6DIBOAEA4gFpMzL4U2QBgGgBk2AB%5FTz7d8CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiA4YAQEAEYXTICqgI6AoBASL39wTpYhMiO5%5FOigwOACgOYCwHICwGADAGiDCAqHgoc5LSxAu61sQK1uLECrLqxAuS0sQLutbECu7uxAqoNAkRFsBPl1oEW0BMA2BMN2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FC0c7ouaFTaZqKAaOZqn6PuOQM5q83AU4npRHnrBBh370Y8jBGAE%26sig%3DAOD64%5F3V9c2FJGEh6iL73y3Cgm7hGMAo9w%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DCWZJpcIW2qF4B%5FBqNrJqCNH9YdKZZgAPjyOiMq1jpLWp%2Dr2Y9uPbWHlIGX19HmmHCUkmEe1znMF6cjuMlncH%5Fa%2DPPQ5MGEZgqINHpOnbe0ntOGPBIhMUaQ6f%5F9yj2w4QKN%5F0lqImxgxKS6dNwN6eH3rxEARS23S7k8%2DWtXQMJnS0qL%5FJ8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DA9MM8o3YDDOXIF8jvXIWpJTkXjaKqZF4rjA4VUI5KpXPGNneFqEbHT16jQt%5FzcAtPZAOBQ69NIOoNIPN5FOD7O6PW14NEkOx9ijIchcIgQqo26%2Dg2c8nUyb%2D38b3VuYi3P%5FIldJWaD0gCaQYicxib2%5FD79fnmUucQNpp3Jd949yUlpxEPdhNl5tqfvWLmQHnHEycWt4lZ9E6xuFcpi95yHcNyLO40C707w%5FGBuCfbkNw3%2Dvtrl3tE%2D5y2P1dAn4%2DLG%5FBqLt0qj30o8Ke5R6kOKmCbX6LAdLnzHUDnWOJSfhV%2DkUzUCDOF0nXxAE280z50nvLOpLR6HnT8B3pX33O9v78UL3wMS4GVyyF%2DGSrV5A995jfS7wPleF%5FZ6dxle6nXEuUIESe6%2DLkhSOVTQYiiIgVjREkwIjLeEQ6kyo8dqw3cIXBqLG09cfMf0my%2DtqmR1F7QuEd2qGUWvyzpFPDnac3DJxsqHSd%5F%2DR%5FtBpvruhSeceAMX09NZJF066waqwQH8xOKhEAfkSs7rk8JY%2DQKSlnDgVPz4ghOzxCR1wjtK2%2DpmujeyKkgh0R9ap81LmdpOwga0%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7315374343724469259%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315374343692944594%2526sid%253D4745915%2526kid%253D6292687%2526bid%253D19094189%2526c%253D21110%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Frame ID: 8F3E07C235B9EEDC160938D0091D5B7B
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E87BBFBD27C99E524EC9224C9B31001F
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: AA7D821BA1252CE6AC886FC4085CFA5A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3C80BE2E2835956B2FA123CFF258899D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 24C55F9EB42E7F163B68FB15089AF0D0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

🍸光之美少女 第12季(Go!PRINCESS光之美少女!)【日語】 免費高清卡通動漫在線看 - 西瓜卡通

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Page Statistics

157
Requests

97 %
HTTPS

52 %
IPv6

14
Domains

21
Subdomains

21
IPs

6
Countries

2658 kB
Transfer

6813 kB
Size

16
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 108
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOB6X_aeJuUOfG9Onm0R3s0&google_cver=1
Request Chain 109
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYVuNdj6lz.BI-UQGyJDswAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOB6X_aeJuUOfG9Onm0R3s0&google_cver=1&google_hm=2
Request Chain 110
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBdUirdPfq_QMPzgANQqLLw&google_cver=1
Request Chain 111
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjUxNTIwODgyMTk2NDQzOTQzNw%3D%3D
Request Chain 139
  • https://um.simpli.fi/gp_match?google_gid=CAESEKTg5RICtG3ggeVhtir4BNU&google_cver=1&google_push=AXcoOmTZ_2yxgeKP2J98UWprM3-i_a0hkjF1xAhunpWH9Yu46L481D0ICxkiDVrCUsOhadr7lfqoy0pPIgOTYOcRKb3Xiyb4SGsHf8CAMCUcyAEU0BeRV5Lxi3BbK03PE4SZFpDkuhrnfHW9bNnfGTdZG0Iv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B78F9AFB69A9442280BDD00F76A82436&google_push=AXcoOmTZ_2yxgeKP2J98UWprM3-i_a0hkjF1xAhunpWH9Yu46L481D0ICxkiDVrCUsOhadr7lfqoy0pPIgOTYOcRKb3Xiyb4SGsHf8CAMCUcyAEU0BeRV5Lxi3BbK03PE4SZFpDkuhrnfHW9bNnfGTdZG0Iv

157 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
www.xgcartoon.com/detail/ 		97 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6131dc1f5f4917d39d60cc5a0acdf6cc86983144801036d6a6dfde7e265a1b00

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 22 Dec 2023 11:08:33 GMT
etag
"185c0-2Hx2wRUQtLI9BfquBbcMEeI0Sgs"
expires
Fri, 22 Dec 2023 11:09:33 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		278 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0435079f9a4a1280a9ccfbb593d29768c3f96b4cd7b0c6ee2134f820b5f65cf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 22 Dec 2023 11:08:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73141
x-xss-protection
0
server
sffe
etag
"20620290c9309704"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 22 Dec 2023 11:08:34 GMT
amp-ad-0.1.js
cdn.ampproject.org/v0/ 		82 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-ad-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb22b6f1eaa16879c8550599bc09f556bba897ecd3826a49db742558c1e0751a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 22 Dec 2023 11:08:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23125
x-xss-protection
0
server
sffe
etag
"03885caa855825de"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 22 Dec 2023 11:08:34 GMT
amp-autocomplete-0.1.js
cdn.ampproject.org/v0/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
878a2cd75957206fa5958be9c549e0b8f9adf16b6ae5aa305b1405649f2d84a5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 22 Dec 2023 11:08:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9459
x-xss-protection
0
server
sffe
etag
"8a483731af74fd28"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 22 Dec 2023 11:08:34 GMT
amp-form-0.1.js
cdn.ampproject.org/v0/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-form-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e40d97b983b5756bf934b6b97d8d3fbb7cd719406bf82fee6e8a2c1acced376d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 22 Dec 2023 11:08:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14979
x-xss-protection
0
server
sffe
etag
"5c37322451a9f07d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 22 Dec 2023 11:08:34 GMT
amp-mustache-0.2.js
cdn.ampproject.org/v0/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-mustache-0.2.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83af0c09a4f51158ec41f22995415aad509db6ef38d91c7feda2503acf5c49f6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 22 Dec 2023 11:08:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15383
x-xss-protection
0
server
sffe
etag
"10ecb1b2e6eeaabe"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 22 Dec 2023 11:08:34 GMT
amp-social-share-0.1.js
cdn.ampproject.org/v0/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-social-share-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dfc3120b346b740f323485e3711448804353c1c5c213ec822a6ff76e0c7b8ad
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 22 Dec 2023 11:08:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4740
x-xss-protection
0
server
sffe
etag
"e23d2a0d990fab56"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 22 Dec 2023 11:08:34 GMT
amp-sticky-ad-1.0.js
cdn.ampproject.org/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dca1a0dc1f2b52f18cf46789de016d2937b1829b3f2db9a19aa78f31a9694e5a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 22 Dec 2023 11:08:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10344
x-xss-protection
0
server
sffe
etag
"710c75735c511774"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 22 Dec 2023 11:08:34 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		110 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10a9496c968fb01e420759b953e1c683c7620261d4d04ae9a290d42dd63d4455
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 22 Dec 2023 11:08:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32187
x-xss-protection
0
server
sffe
etag
"f62e83b3b94bc414"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 22 Dec 2023 11:08:34 GMT
/
c.statcounter.com/12916097/0/c55d9f9f/1/ 		49 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.statcounter.com/12916097/0/c55d9f9f/1/
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:34 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
cf-ray
8397e85a3f8c2c6b-FRA
content-length
49
expires
Mon, 26 Jul 1997 05:00:00 GMT
logo.png
www.xgcartoon.com/img/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xgcartoon.com/img/logo.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:35 GMT
last-modified
Sun, 28 Aug 2022 14:10:33 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"3473-182e4ca3706"
content-type
image/png
cache-control
max-age=180
accept-ranges
bytes
content-length
13427
expires
Fri, 22 Dec 2023 11:11:35 GMT
guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan.jpg
static-a.xgcartoon.com/cover/ 		169 KB
170 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan.jpg?w=230&h=280&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de6f3845be49878afb5314dd5297e48423a4e952b0ad7fc367627de0338d49d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:35 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Sep 2023 01:35:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"86FC2EE28560ED1682496CF88EE9E17C"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ksMu7f91Ua6qX8VUClw6m4lnIgJwPSWiVXG7A8h2l2uXSFPZlMshmEUwDu61oy9HZrb7uTtcrUqkjLjCUgrF%2BWT4MuXGQ8CxRiPy2ctOk1CZkekssG6zDOTmnvhvBmMMEL9ziJg4sHPpXPP%2BwbANX%2FwelSc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
8397e85c4df8903d-FRA
content-length
173219
expires
Sun, 24 Dec 2023 12:02:29 GMT
play.png
www.xgcartoon.com/img/ 		470 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xgcartoon.com/img/play.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:35 GMT
last-modified
Wed, 17 Aug 2022 11:09:20 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"1d6-182ab7e5700"
content-type
image/png
cache-control
max-age=180
accept-ranges
bytes
content-length
470
expires
Fri, 22 Dec 2023 11:11:35 GMT
star.png
www.xgcartoon.com/img/ 		424 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xgcartoon.com/img/star.png
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:35 GMT
last-modified
Wed, 17 Aug 2022 11:09:12 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"1a8-182ab7e37c0"
content-type
image/png
cache-control
max-age=180
accept-ranges
bytes
content-length
424
expires
Fri, 22 Dec 2023 11:11:35 GMT
guangzhimeishaonvjuchangbanhejiriyu-dongtangquan.jpg
static-a.xgcartoon.com/cover/ 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/guangzhimeishaonvjuchangbanhejiriyu-dongtangquan.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8013407130f3d1c34679b5d4a3ca7d56ce95e0a656d501bf0920e8bd8732b6a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:36 GMT
cf-cache-status
HIT
last-modified
Tue, 19 Sep 2023 00:30:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"940062558EBFE44CF53ED01AE9AC1FEA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JgDNZpu7ph0epS2NEZiZaFHRTT%2B%2FgYmXfCpWBLDRhUlm8y9tdwMi%2FV388nmIEfpBRh3P1tmGH9u8gDl%2BoEfsMGGNjnCcsi7beF7xSekxcix9LPNvNCo59h5hpE%2FcZgH6fPNbZbK7IPmr7yOycEVjxKfBtWo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
8397e85c4dfa903d-FRA
content-length
93564
expires
Sat, 23 Dec 2023 05:39:09 GMT
youxiwang_di5ji_arc-vyouxiwanghuguang-wuriyu-gaoqiaohexi.jpg
static-a.xgcartoon.com/cover/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/youxiwang_di5ji_arc-vyouxiwanghuguang-wuriyu-gaoqiaohexi.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b8fd957271a7089ccbf728bf63e93fd5de3d78b076ad856a91bed46b09d5abf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:36 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Tue, 03 Jan 2023 09:34:10 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
"9D5579EF044E32A5D2AD4C4FAE6EEBDD"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U8oSPhCWpjpuqcQgww1cRISJFpjrojbiJxNSWymskE7cmYQIquMbZa1cQFJb%2FGQXo7ltL7Azi%2FgPqPc1pE1eznLlqW9BKii8fEpTY0WIY8UK96e94BL1C3ZhykRieY3OvWj%2FNZFQRyrHqdUtkQyumqHykA4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
8397e85c4dfd903d-FRA
content-length
25636
expires
Sat, 23 Dec 2023 14:05:50 GMT
guangzhimeishaonv_shishangtianxinkirakiraguangzhimeishaonv_a_la_modekirakirapretty_cure_a_la_moderiyu-tianzhongren.jpg
static-a.xgcartoon.com/cover/ 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/guangzhimeishaonv_shishangtianxinkirakiraguangzhimeishaonv_a_la_modekirakirapretty_cure_a_la_moderiyu-tianzhongren.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95f9669f86fe28fac80e3a754575893953ce4880b37490c44fb603257ccfd95b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:35 GMT
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 00:54:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"44B8FC9869B28AC50168C1C25FE7400B"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BiRJwBg8OIahreuz9Z7xmLLdpAQWAvQCz7aU%2BdK9jfrA3C9XRyeAzcd1%2BALAvm%2F14BCeid%2BqL%2BYESMLL%2BnK4OM4sCNpF45D%2B%2Bcn%2Bb%2F1Ykr9MrPxxTuBE7Op0rsMMruCdp4iaEvOoEZ42P4pIhtH8tgSS3f4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
8397e85c4dfb903d-FRA
content-length
97771
expires
Sat, 23 Dec 2023 07:30:27 GMT
xitongbiwozuohuanghou_dongtaimanhua-liuyuexuegongzuoshi.jpg
static-a.xgcartoon.com/cover/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-a.xgcartoon.com/cover/xitongbiwozuohuanghou_dongtaimanhua-liuyuexuegongzuoshi.jpg?w=280&h=120&q=100
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac79466527bbddc1f62ebc9439506bf48c8c6f19cfbb8e2bb71541c45e0e032d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:35 GMT
cf-cache-status
HIT
last-modified
Thu, 15 Dec 2022 12:57:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"E81F01E9640F73669094983EFA490030"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JgAMVZClNF9IxJ%2FnabQhO9bKnuKxAoc1kHSPsQ06UquVJocI5w7sT8IT4IwlLz4jQSk92o5WuWPbkBqiItDbFtlYAJGoYbI3%2Ff5GoW9M2f3HjVGEoS%2FOASriIPAN%2BZDcewBVNSze5JOwX0G84OOmdIYtQZs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
cf-ray
8397e85c4dfc903d-FRA
content-length
84563
expires
Mon, 25 Dec 2023 08:53:50 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012312012346000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312012346000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e2aa31ea0b4c14103915ba7d906536f68d021c22d3038b36c145bc2e6a2cc1d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 19 Dec 2023 17:16:01 GMT
age
237153
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2975
x-xss-protection
0
server
sffe
etag
"a9f93cfafa19b094"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 18 Dec 2024 17:16:01 GMT
amp-ad-network-doubleclick-impl-0.1.js
cdn.ampproject.org/rtv/012312012346000/v0/ 		237 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312012346000/v0/amp-ad-network-doubleclick-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d50653c6b567749e8af96b01371c0830a1ab0731ac3e13230bc12913e00c4f52
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 19 Dec 2023 17:16:24 GMT
age
237130
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63654
x-xss-protection
0
server
sffe
etag
"7d5e78ba8c7d5e5d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 18 Dec 2024 17:16:24 GMT
truncated
/ 		393 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		953 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		792 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		440 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		394 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		308 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		227 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		154 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
amp-loader-0.1.js
cdn.ampproject.org/rtv/012312012346000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312012346000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c54442f21c2cbd18f8e6e2508129e77dab00b67022621679202cfe3b9baa4e9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Origin
https://www.xgcartoon.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 18 Dec 2023 06:27:05 GMT
age
362489
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3942
x-xss-protection
0
server
sffe
etag
"4694a1430564add5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 17 Dec 2024 06:27:05 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		33 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_header&adk=1412529771&sz=728x90%7C728x90&output=html&impl=ifr&ifi=1&msz=1200x-1&psz=1200x-1&fws=4&adf=2815854195&nhd=0&adx=436&ady=120&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=9023007208&ga_cid=amp-p9Bt0_bstAkl23bHflv-sw&ga_hid=7208&dt=1703243314505&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan&bdt=282&dtd=7&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cfe355518d9fdd1c597500251c0b51aa4fa9d238f34cb3126acfd651edf4cfc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:34 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13683
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
CMvO7OXzooMDFaa2_QcdB_UDvQ
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
107027455233
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Fri, 22 Dec 2023 11:08:34 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		32 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_vrec_1&adk=3018598273&sz=320x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=2&fluid=height&msz=232x-1&psz=232x-1&fws=4&adf=1409058554&nhd=0&adx=350&ady=819&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=9023007208&ga_cid=amp-p9Bt0_bstAkl23bHflv-sw&ga_hid=7208&dt=1703243314505&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan&bdt=282&dtd=9&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84bef380e66d452d18f1d82afcd27fb5ef50bff2c21f2a208da7210f0bd6b560
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:34 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
x-creativesize
120x600
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13671
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
CLDO7OXzooMDFcbJuwgdYfcIog
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
138351399041
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Fri, 22 Dec 2023 11:08:34 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		33 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_hrec_1&adk=948107268&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=3&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=2674978360&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=9023007208&ga_cid=amp-p9Bt0_bstAkl23bHflv-sw&ga_hid=7208&dt=1703243314505&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan&bdt=282&dtd=10&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee1dd955bc7e9487b8a60093ff8ab4408e156718f83dc6fb686e23e686936f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:35 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
x-creativesize
336x280
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13709
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
CPnW7OXzooMDFY6x_QcddJgKgg
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
107027453553
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Fri, 22 Dec 2023 11:08:35 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		33 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_anime_vrec_1&adk=132656383&sz=320x50%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=4&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=1627611741&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=9023007208&ga_cid=amp-p9Bt0_bstAkl23bHflv-sw&ga_hid=7208&dt=1703243314505&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan&bdt=282&dtd=10&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
883d3027bf51be625957b794722a5129011fc51eb11311d0c06c0e96386ed8bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:35 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
x-creativesize
300x250
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13721
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
COXM7OXzooMDFVfFuwgdNC4Hsw
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
138324663397
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Fri, 22 Dec 2023 11:08:35 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		33 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_anime_hrec_1&adk=156774037&sz=320x50%7C728x90%7C468x60&output=html&impl=ifr&ifi=5&fluid=height&msz=892x-1&psz=892x-1&fws=4&adf=1662822972&nhd=0&adx=954&ady=1033&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=9023007208&ga_cid=amp-p9Bt0_bstAkl23bHflv-sw&ga_hid=7208&dt=1703243314505&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan&bdt=282&dtd=11&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
96ac482f16a2bd9b4d1e7c4ff468a4fc875968aa15fd9aa4df335435ffb74663
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:35 GMT
content-encoding
br
x-content-type-options
nosniff
x-ampsafeframeversion
1-0-40
observe-browsing-topics
?1
x-creativesize
728x90
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
x-ampadrender
safeframe
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13671
x-xss-protection
0
google-lineitem-id
208234953
x-qqid
CPXk7OXzooMDFfPPuwgd7cMGfw
amp-access-control-allow-source-origin
https://www.xgcartoon.com
server
cafe
google-mediationtag-id
-2
google-creative-id
138324260118
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.xgcartoon.com
access-control-expose-headers
Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
amp-ff-sandbox
true
expires
Fri, 22 Dec 2023 11:08:35 GMT
container.html
1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.xgcartoon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
googleanalytics.json
cdn.ampproject.org/rtv/012312012346000/v0/analytics-vendors/ 		2 KB
886 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012312012346000/v0/analytics-vendors/googleanalytics.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.xgcartoon.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 21 Dec 2023 16:06:47 GMT
age
68508
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
856
x-xss-protection
0
server
sffe
etag
"e666ca0e175b1b23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 20 Dec 2024 16:06:47 GMT
ga4.json
www.xgcartoon.com/js/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.xgcartoon.com/js/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-222-217.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2

Request headers

Accept
application/json
Referer
https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
AMP-Same-Origin
true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:35 GMT
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 10:49:40 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"11d8-187c255423d"
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
cache-control
max-age=180
accept-ranges
bytes
expires
Fri, 22 Dec 2023 11:11:35 GMT
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-8WE8LSVZQB&ds=AMP&_p=7208&cid=amp-p9Bt0_bstAkl23bHflv-sw&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.xgcartoon.com%2Fdetail%2Fguangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan&dr=&dt=%F0%9F%8D%B8%E5%85%89%E4%B9%8B%E7%BE%8E%E5%B0%91%E5%A5%B3%20%E7%AC%AC12%E5%AD%A3%EF%BC%88Go%EF%BC%81PRINCESS%E5%85%89%E4%B9%8B%E7%BE%8E%E5%B0%91%E5%A5%B3%EF%BC%81%EF%BC%89%E3%80%90%E6%97%A5%E8%AA%9E%E3%80%91%20%E5%85%8D%E8%B2%BB%E9%AB%98%E6%B8%85%E5%8D%A1%E9%80%9A%E5%8B%95%E6%BC%AB%E5%9C%A8%E7%B7%9A%E7%9C%8B%20-%20%E8%A5%BF%E7%93%9C%E5%8D%A1%E9%80%9A&_fv=1&_ss=1&__dbg=1&en=page_view&sid=1703243316&sct=1&seg=1&_et=1000&gcs=
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.xgcartoon.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:08:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.xgcartoon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 46E1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:08:36 GMT
expires
Sat, 21 Dec 2024 11:08:36 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2B4A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:08:36 GMT
expires
Sat, 21 Dec 2024 11:08:36 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DE19 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:08:36 GMT
expires
Sat, 21 Dec 2024 11:08:36 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C947 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:08:36 GMT
expires
Sat, 21 Dec 2024 11:08:36 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 60FF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.xgcartoon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:08:36 GMT
expires
Sat, 21 Dec 2024 11:08:36 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 46E1 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
URL: https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:58:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
267026
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 18 Dec 2024 08:58:10 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 46E1 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
URL: https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
94aea748a7ee24920e714e2e7f90b23d48298e7a79ae1c666308e020ab157a3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10281
x-xss-protection
0
server
cafe
etag
4475361942733572661
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:08:36 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 46E1 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
URL: https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:08:36 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 2B4A 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
URL: https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8d1dcfecd75072e5d920d31a9965c616a7a09d98ecd25071e3d62b2aff4329b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10281
x-xss-protection
0
server
cafe
etag
5813878685834827952
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:08:36 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2B4A 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
URL: https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:08:36 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2B4A 		0
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbzKT8m4s3Gr5gfp8_E9Nc4WblxKhYzXKsEwqvuBYG8WXADwyv5u29QXC4WJPBO-H2ESNxwkMxW2I_kdcu8Yx8JJTLO5e2CM2MjzTRZKYE7ChSFHcXJXS1RfJ9t0e2k0wHztIJhXDm0mDy3lykkIbq_mPJ-Azf2UNrQBJbF-IMoXpRjaTgZmSRMBBwnAl910xpMPCp-tM1EUnPWoeDasrztRS0hsbTJldlXeH_m6fIGwiA9wZbgqvDnBKBPNui5AVOSRQ1KAnIyfBA1HSLyxUrG2anV0o161fcvETYh3MAe27sYPKyo2baTx0eHkvYZhTWZEfYmHyBAcio354Mk_XJWmQqFe0K09mECLwNy-lYUed7dM0FlczguwSTV5MRQDz2kRubD7VIDEIlVeraBg&sai=AMfl-YQWUOlYz3r7kFHxfm-6hh-7nhHFHuIfEEz7SAH2tvHovCfABSaNKwZ0R67OA6dymCcUxXy8HW8DqOs1u9I&sig=Cg0ArKJSzJbaK2XRbfzDEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
URL: https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 22 Dec 2023 11:08:36 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame DE19 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
URL: https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:58:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
267026
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 18 Dec 2024 08:58:10 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame DE19 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
URL: https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c93dd298a227decbcbc5fcc458c787f081db10425e322950458c08e0656384d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10277
x-xss-protection
0
server
cafe
etag
8188157995017847591
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:08:36 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame DE19 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
URL: https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:08:36 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C947 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
URL: https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:58:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
267026
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 18 Dec 2024 08:58:10 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame C947 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
URL: https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
94aea748a7ee24920e714e2e7f90b23d48298e7a79ae1c666308e020ab157a3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10281
x-xss-protection
0
server
cafe
etag
4475361942733572661
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:08:36 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C947 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
URL: https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:08:36 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 60FF 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
URL: https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 08:58:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
267026
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 18 Dec 2024 08:58:10 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 60FF 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: 1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
URL: https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
235739cbea8365a26556687cf385c19607d671e4eff0ef00e0d7b7e185b12cb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10283
x-xss-protection
0
server
cafe
etag
11771847743670647711
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:08:36 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 60FF 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
URL: https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:08:36 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 46E1 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvU8yoR4-yLib5gSeY2fNC6yQ6T3NzUVwFA3gcCKj8YJUUZE8F-uRjNbjh4RMaX4p6Lssy76qIOFsDXeaMdmZ7Ke9rnC5LP2wrsgM_WzxAXlGebviudOWABct6WnpT0Ky-_dnjwdYerOW3fttaUZ7VEbl2obancxYnV0UvN-bXR0xyyOuZJgvn09PjZhc-UGHDQKt9xptsVaApq4Ne_0hgGYxU4as4JZCTmYLaoXgLhvhShuB44L6bZfGZhdgPVqNgRqL20DXFruLO0lHSz2zEcv_V7fbiJ0uC9OaYCNaH-tljfUGQG0yjE4aWUBW0ZBcIR__vOcojLbtO8hEhGYgGL4Hyoep1Sl1q8VNJ99D7wz1jxI1WsH5FMAaN9TXk7sOGG5FPlWSSc2AW_34Wuhw&sai=AMfl-YRbsOoh_sKu-PbtgbpMt8_VJqEK70DDM3KvZB1PCsWhK7iyi8c4MHWN_VWMzs9N0_8Kn0VcH-d0w72HXZo&sig=Cg0ArKJSzLZZBqoVDKgsEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
URL: https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 60FF 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsunK4bIANm3CkamYBL7bhEA5y9kZFZRJhgZB7RXs9PFVfRuvyvWoX9xQCyy8BzykUreXk-ctzC2AwwUps3EN9o6YH2AXAwKuHjbCwSn45IneAeg52EY6gc-A9uAEiJXJg35KBzBXwYh-jFEzXxlOj6ptbi3Bf6KDOFz5nbdTdJDh92UrPOBeEDFPMjPtwAV-9f9L347Vbp0rWkhOZ5WWXDGCzIDZsG_6lo6A13RZMDEHWsx1uwiBmsOUhTlZTuIjcF5y5inUivpC5wjJms2YCAuMpOPh0SsM6l8TaxvPBV65MQAOnzE9hRs6kUNuChg_dlvzzCM-DrsZjC7ZoRWLg4GUwvJp1JnlAhYITHlwz2WU56XO-y2GPpPZtm2O4QC_F6yNICHtdvi2kJN5_yJMw&sai=AMfl-YSMvbJiPXrLP-u8KrntCieFX_8_OPdfwhWv5c__AlarsdJ4PIg-QMHidHGD_uz3Ok3VlVXPbblrC-SJmmU&sig=Cg0ArKJSzJPl5Hyfjmp7EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
URL: https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame C947 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsteyz1u-kSyjVWQxBU4u5T8iP0Ys0suyMIubDD7A9XIwSwPM7LApaaB3D5vQQintegr1w4BcADiwO3sL_HgXotgCHa0ESighI_W7lTav5TPZKEDYok3dNR6hZ1JhlBSfvxiJYGCJrTnzNIT--dIIwLXgkGpG2RxeunwS3qMXERJPQWjHQTxMNAQ2sVend2SWUFIyw-hU04ihQ4sJxlcV-AZW0vve4-EFqGGU52vjVtOxVKvWv2fb2zFxwxz0695QET-vXd4R1O3L5aLfqzwRC1_TMhAFMiRONGqTDJJOiNtMpwWDeLDzeHNUiGDnkJYevzTcsIrEN0xcu37AW09o18TacHwL81hvux2X4SFGCtAluyVlsoBzAq_jRQaL-HdJ8ppUDCZi_cvbFLLWDRj&sai=AMfl-YTrn7IHsotEPWwMUEf_JPACZE7Aqw3Tf46WUO-Srjis3z7SRIHdeHhLbkuUIZc8sKQgBmatgB6EO2B3zSQ&sig=Cg0ArKJSzDEy9Hpw2KinEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
URL: https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame DE19 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssPdFNiLTf9lFqXT4JgNW8kihEX88vpEWosJqxIKr9scgIDNI036pqal88tn-91x0JJVZUmRFN4I5L0-4Bt8mBYN6oAG_OmMWC4gr0yQXKJYxZ8hiWtAh0NTZGhNfqGX2MJ7bzDWK1b5vlKTiFwuXN3NUgAWxCuzp8c5jytSmL3flFXVFUnJIHZEKecmpnPbKyVOK40RpORrZ-1CbHSGNxGz1FzAFxiA-2ZKKN4B0Md-P-gtboWAWyqr0gm2vV1BjqN605Qc_xVANg0AixFgpJbFNaOF438u6CnAj87rRcOq0G0VbNzPZOMMi6AOD3WnuIirhF4NRWAk5Um2yXLb7IxH0tnnp1DlEpn5HE8isATYCy6_i5w3wajH4W3WLJGhmZOfHd6rLGhSXx_smXp&sai=AMfl-YR3-hJtjDM6yolUZeQWiyB_-oqnWtYd-QY8CzLUGbEn-EQj3liNzeZUWdrQLXzX3k9PNfQyUmX_mf-4vMc&sig=Cg0ArKJSzDCUPGVyZ6-hEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
URL: https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 46E1 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
24dbca256a138921762e3d07a5b42889d44d97389a92de3154665f2a1687b53c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51247
x-xss-protection
0
server
cafe
etag
11670216104960178140
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:08:36 GMT
truncated
/ Frame 46E1 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3973d479148068d3d66f67b898c6f7fcf30e0e650581cf018c9f64bfff80fddb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame DE19 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff640cd32b6160f76fab858e13b05afd12bfc2e9327c01bd0c5e853afade68a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51252
x-xss-protection
0
server
cafe
etag
12753708926660390850
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:08:36 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 2B4A 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1797b36cd5ade208fada0195657eb7324024509d82af4bf9b5d6375b6134bc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51257
x-xss-protection
0
server
cafe
etag
2127626637266353891
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Fri, 22 Dec 2023 11:08:36 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 60FF 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64d54b3d080e4adca43d4efc5fbec23b872c5b69498c4bf3b5a41c662de8a00b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51251
x-xss-protection
0
server
cafe
etag
5359009069643231479
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:08:36 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame C947 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc5acef9da49afd9d14cf336a62e276cb4d4b38de50103868f9077d73f2ea410
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51250
x-xss-protection
0
server
cafe
etag
10855958269466019740
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:08:36 GMT
truncated
/ Frame 2B4A 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
843be4a90a54770262f21c295ee8e308db565183fe42cea5f09068e02d7568cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 60FF 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e6718089f292dc7eb38d1b174713320b730f682e810e0fce91b34b849eb00762

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame 46E1 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0cc4300a9fffaf77f0abe572bc905ccd085437d5f6511057f2078caecace10ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137955
x-xss-protection
0
server
cafe
etag
16351662608342944986
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:08:36 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 0C4B 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
42583
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 23:18:53 GMT
etag
5585625838579639069
expires
Thu, 04 Jan 2024 23:18:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame DE19 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
733f3312d0a6ea385c56131985cad375dd697cfb4a810621a33269e67ea2ede3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137959
x-xss-protection
0
server
cafe
etag
6598756706873975757
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:08:36 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame C947 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00ec1365c05b2843c4e57ff0b5006e9501b19c4138d7d1286a7d42ab133b0d03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137955
x-xss-protection
0
server
cafe
etag
8860941966186872456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:08:36 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame 60FF 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0cc4300a9fffaf77f0abe572bc905ccd085437d5f6511057f2078caecace10ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137955
x-xss-protection
0
server
cafe
etag
16351662608342944986
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:08:36 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame 2B4A 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0cc4300a9fffaf77f0abe572bc905ccd085437d5f6511057f2078caecace10ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137955
x-xss-protection
0
server
cafe
etag
16351662608342944986
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:08:37 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 335A 		603 B
112 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046732&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703243316591&bpp=162&bdt=135&idt=328&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7208&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=2146587965&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079265%2C42532524%2C44795922%2C95320885&oid=2&pvsid=3110114821779197&tmod=108842617&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.yppubvru6v6s&fsb=1&dtd=337
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:08:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 85D3 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=280&slotname=3654094576&adk=229048865&adf=3173046730&pi=t.ma~as.3654094576&w=336&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703243316653&bpp=134&bdt=180&idt=327&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7208&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=109242447&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C44798934%2C44809004%2C95320868%2C95320884&oid=2&pvsid=1391495508145524&tmod=1166250086&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.hf97a5mxl3yp&fsb=1&dtd=336
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:08:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CCC5 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046729&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703243316695&bpp=170&bdt=212&idt=471&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7208&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=109242447&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531705%2C44809531%2C95320884&oid=2&pvsid=1177456641719290&tmod=2067988372&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6g4otq92cfrp&fsb=1&dtd=489
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:08:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3BEE 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=3537124836&adf=3173046731&pi=t.ma~as.3654094576&w=120&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703243316670&bpp=219&bdt=213&idt=522&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7208&frm=24&ife=2&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=120&ish=0&ifk=850761556&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C95320239%2C31079979%2C42531706%2C42532524%2C44809005%2C95320870%2C95320884&oid=2&pvsid=3790887298648475&tmod=1211358616&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C120%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.9ypxgwe8hfv3&fsb=1&dtd=526
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:08:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame EEEE 		27 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703243316674&bpp=204&bdt=190&idt=527&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7208&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=839628639&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079980%2C42531706%2C42532362%2C44809004%2C95320868%2C95320885&oid=2&pvsid=2843191572254011&tmod=468978039&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ppk80mik3f0l&fsb=1&dtd=531
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a52c807b2276459872596299fb8852bc6c4bc89c77c206e69549e1ccd8cf56d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
12147
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:08:37 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 46E1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstU8EmbmC0e7AtntekmETI0GjQhk8MbY-u38xLHd03NIZ4sCk295DlwnsklFK_IvkSWXghCnrG1etlaAnY_Oo2tIAxBqUC95bQS1iJRftUlIiROBxrjsQ7IH749Leu_tlXjbHCHi80KMfbZAbXGKIT5Y5SrNBN_fCr4-V8cJRFayrX5LQ08buiw2qyYkIlvMasEMmDFKZiRqnxp6Dv_7SOqh9slRE5e7JbM0IKWaiNF8UqSAQBus10T1OpZs1XyBa8yhAAP6TNg61i0waDW8wq9rNbCJsKizTcmMXAVSKg2Q25jvJdxox6qcPOK3rNGvcp3hj5w1BC5u1giFfmv1U20slnKoozjaxu8ItbMFKQXThWkl4iBRrWpLnTgeU68Tk0AUu91DJwpytewmRpV1v5z&sai=AMfl-YQwouZUGc6eolM6ccVDif6YVSlxTXvHPGlaTveZ3vZUXQZeJ3V1GqVivjc3Z1ysPXuHs5-2heq2BkSg6fw&sig=Cg0ArKJSzL8jvl0nS56EEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 22 Dec 2023 11:08:37 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 46E1 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6861b8ab1210f276e500cd62b3f13f6790a92489e52e0ca26dfd4c794b9f6530
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12264
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame DE19 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst03RiKkczwPMw7qfSaS74WzNo1BQPdHwH_Xq-n3Zb5QGRQubsisG4PqbdpVfgIOCSr8Y8tLNW_26HxHLYrNxiVBKY8Ak_WO0mP_5tXEWa3IkWjvMBFk53hpHuQpNQ17610TxgsKxQ0UAxyBmtpA7BAKFvhyY4A1FmXlq3brhkXPtHONmU8QqL5KSkLpgHWwj2XkZYfD_OMoKaRiZwuot2JkOiYAjK5FOS3OCiGq1GqWWK89ED0jLPtSwPZaakrbuQeMub1w1g33IDYQ0Cbqhe2xqCQAZueO2k2yumq4_TWUcPKJJwgenD3qTZ_SwAmP3IOwkEfGx83Crzp0MtDsVmvc0gA1UW5U4zERVw2WT7-ADbuQpmrurCJxfuEF1TYJdlo_acllCQeaTd7NHwvLcw&sai=AMfl-YQQA7BiaRCF0CbDOIexEM4eowYD3xNqIo4ldfjSXCvPPxDP67RbkgWf7mgHR2wxSO-Wnzj8HXewXehCPdg&sig=Cg0ArKJSzN1Zu7vLbQLLEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 22 Dec 2023 11:08:37 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame DE19 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75d290c66435015b67ba38a991ef393c4989c543627feb54e046872285e07a6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12355
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 46E1 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 22 Dec 2023 11:08:37 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame DE19 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 22 Dec 2023 11:08:37 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6F7F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2140
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 10:32:57 GMT
expires
Sat, 21 Dec 2024 10:32:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 75E7 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6db2f055c71c15fde67c5b3bff49434f27ba7ea4261227a97b5f24cf4ea22dc7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KhyN73E3QwgLxDu_wpgQOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-KhyN73E3QwgLxDu_wpgQOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:08:37 GMT
expires
Fri, 22 Dec 2023 11:08:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9AB0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2140
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 10:32:57 GMT
expires
Sat, 21 Dec 2024 10:32:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E573 		829 B
770 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e7c872f016d4de45e603b00879e9b83d4d39228864a9df9431bec432a6343fcb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FR86PC3qeaCS_je7cJFCLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-FR86PC3qeaCS_je7cJFCLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:08:37 GMT
expires
Fri, 22 Dec 2023 11:08:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
view
securepubads.g.doubleclick.net/pcs/ Frame C947 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssxIbyjCn68XpE6Bt72eW1Jok7b4xhFQtA4dG8g_hEutiCryybjLRPe7vAHR8XdxH5xR-ZJft0WcGh09fKOo3kd1Gy6raO-9iYvSw98ccaHLWAPuOMcd67LUleYaEx89dNLCugDFbxqtnr4q6uQfH5IERh2F5sSFpbc518pAEaAf1xfkA9V8MulMcjJyl41-C702ZIWgU6wIZ-fBIBVEPFNQCDyFEhYNMbDfry9_xww5Rl52ZC4XmxWRNQ0RL4toLx1p_D4vmctUzdn5oRwqg33OY9mOhI9u2o7gF5pUsIO2SOiGRGSgBiTDYJZdlmqkmmeuamwJuUGxpC1rr_QsK0iOVIRg8DQuzT1zD4zu9fswLKrUqkuXDNSzIaDUziAvCZJczyZdWIRIFGVCq8r6F0&sai=AMfl-YTITW93tM46iNSzH2GXwC-uq32_1TMMkAn7l54FHT14_sNRPYxeU20VzIxN9ESSMQz7AYv0ES-4AYcsyjA&sig=Cg0ArKJSzGwwmWwNK93tEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 22 Dec 2023 11:08:37 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C947 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86d56b5e3f897dc34253a3f6ae7fa15eb35518c9888bd204fb8eb0e9dcdbfd09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12255
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame EEEE 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DgufZ4cAwUF6QezVEmxRCpYLtsecGBsGCwbdoJDChFv1XWukk7CvAFLdxaGyGcjdWoTi4GhfvlLNnDXy0sRfbxr3Te8EFtyV5QrCWPZE2evyiy_YE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703243316674&bpp=204&bdt=190&idt=527&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7208&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=839628639&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079980%2C42531706%2C42532362%2C44809004%2C95320868%2C95320885&oid=2&pvsid=2843191572254011&tmod=468978039&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ppk80mik3f0l&fsb=1&dtd=531
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:08:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame EEEE 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703243316674&bpp=204&bdt=190&idt=527&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7208&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=839628639&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079980%2C42531706%2C42532362%2C44809004%2C95320868%2C95320885&oid=2&pvsid=2843191572254011&tmod=468978039&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ppk80mik3f0l&fsb=1&dtd=531
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:08:37 GMT
adition.js
imagesrv.adition.com/js/ Frame EEEE 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/adition.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703243316674&bpp=204&bdt=190&idt=527&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7208&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=839628639&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079980%2C42531706%2C42532362%2C44809004%2C95320868%2C95320885&oid=2&pvsid=2843191572254011&tmod=468978039&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ppk80mik3f0l&fsb=1&dtd=531
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
6356dca74d480f9fe67e7a08ad460f342880cfb3004f3ef6d8df6db39edae277

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:37 GMT
content-encoding
br
last-modified
Wed, 22 Nov 2023 10:00:03 GMT
etag
"3305548861-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
8362
js
ad1.adfarm1.adition.com/ Frame EEEE 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad1.adfarm1.adition.com/js?wp_id=4745915&gdpr=&gdpr_consent=&kid=6292687&clickurl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DC34q-NW6FZY2NEsHMtOUPjP-i0Abjkoj2dI7XsaqDEtCg1vesARABINPLzjBglYKAgLQHoAH0i5KgAcgBCakC1hwwsmp0sj6oAwHIA5sEqgT6AU_QZRP-x2gJTbAjKWN-zvxBDYMMWADvfiSQS98mVFgCcNbY8St2GpGRxVF7f3g3Psx2tN1CGRXDIHGpuFuqHyme2bgDG27w-xssVYcTvlW7sx98bAEDPPlcXAt8aN9amMmtZv_00Fapr7HKchJaKmetlqiO3dmn5aAoXpRGYnqAdh2_xDbq1qGt3DCAOs54fd-6QjcXcueGcRbPoYrVMWqsMtH5wjeP0wvlyx6hFdUot97ZP4Eo4BPxSE_nVdEE6Up_aXTHNGO0mg4dx02iT-cn_cdNW_KvO_gevljnje-mP04CfBkOJDfP7RzUYwVUUSfphNjwtrGz8dDABPXGr6DIBOAEA4gFpMzL4U2QBgGgBk2AB_Tz7d8CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYXTICqgI6AoBASL39wTpYhMiO5_OigwOACgOYCwHICwGADAGiDCAqHgoc5LSxAu61sQK1uLECrLqxAuS0sQLutbECu7uxAqoNAkRFsBPl1oEW0BMA2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf_C0c7ouaFTaZqKAaOZqn6PuOQM5q83AU4npRHnrBBh370Y8jBGAE%26sig%3DAOD64_3V9c2FJGEh6iL73y3Cgm7hGMAo9w%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-CWZJpcIW2qF4B_BqNrJqCNH9YdKZZgAPjyOiMq1jpLWp-r2Y9uPbWHlIGX19HmmHCUkmEe1znMF6cjuMlncH_a-PPQ5MGEZgqINHpOnbe0ntOGPBIhMUaQ6f_9yj2w4QKN_0lqImxgxKS6dNwN6eH3rxEARS23S7k8-WtXQMJnS0qL_J8%26cry%3D1%26dbm_d%3DAKAmf-A9MM8o3YDDOXIF8jvXIWpJTkXjaKqZF4rjA4VUI5KpXPGNneFqEbHT16jQt_zcAtPZAOBQ69NIOoNIPN5FOD7O6PW14NEkOx9ijIchcIgQqo26-g2c8nUyb-38b3VuYi3P_IldJWaD0gCaQYicxib2_D79fnmUucQNpp3Jd949yUlpxEPdhNl5tqfvWLmQHnHEycWt4lZ9E6xuFcpi95yHcNyLO40C707w_GBuCfbkNw3-vtrl3tE-5y2P1dAn4-LG_BqLt0qj30o8Ke5R6kOKmCbX6LAdLnzHUDnWOJSfhV-kUzUCDOF0nXxAE280z50nvLOpLR6HnT8B3pX33O9v78UL3wMS4GVyyF-GSrV5A995jfS7wPleF_Z6dxle6nXEuUIESe6-LkhSOVTQYiiIgVjREkwIjLeEQ6kyo8dqw3cIXBqLG09cfMf0my-tqmR1F7QuEd2qGUWvyzpFPDnac3DJxsqHSd_-R_tBpvruhSeceAMX09NZJF066waqwQH8xOKhEAfkSs7rk8JY-QKSlnDgVPz4ghOzxCR1wjtK2-pmujeyKkgh0R9ap81LmdpOwga0%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703243316674&bpp=204&bdt=190&idt=527&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7208&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=839628639&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079980%2C42531706%2C42532362%2C44809004%2C95320868%2C95320885&oid=2&pvsid=2843191572254011&tmod=468978039&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ppk80mik3f0l&fsb=1&dtd=531
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.2 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad1.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
ffa0f66496acdc68d7616dc3302c9e7a30713143df54a5ff4f9824a243a538fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date
Fri, 22 Dec 2023 12:08:37 +0100
cache-control
max-age=600
content-encoding
gzip
content-type
application/x-javascript
server
ADITIONSERVER v1.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame EEEE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703243316674&bpp=204&bdt=190&idt=527&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7208&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=839628639&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079980%2C42531706%2C42532362%2C44809004%2C95320868%2C95320885&oid=2&pvsid=2843191572254011&tmod=468978039&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ppk80mik3f0l&fsb=1&dtd=531
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 13:10:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
79076
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 13:10:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame EEEE 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703243316674&bpp=204&bdt=190&idt=527&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7208&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=839628639&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079980%2C42531706%2C42532362%2C44809004%2C95320868%2C95320885&oid=2&pvsid=2843191572254011&tmod=468978039&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ppk80mik3f0l&fsb=1&dtd=531
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 09:13:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
6907
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 05 Jan 2024 09:13:30 GMT
l
www.google.com/ads/measurement/ Frame EEEE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSw0L4mfL4RAzjc5gXs-cE2gsa2Uxpwi_AAluwFKNayJtdsAlpEUJIF85MYfnjiA02FjVdoSOxOD_Y6KAjEt3HF970zAA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703243316674&bpp=204&bdt=190&idt=527&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7208&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=839628639&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079980%2C42531706%2C42532362%2C44809004%2C95320868%2C95320885&oid=2&pvsid=2843191572254011&tmod=468978039&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ppk80mik3f0l&fsb=1&dtd=531
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame EEEE 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703243316674&bpp=204&bdt=190&idt=527&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7208&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=839628639&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079980%2C42531706%2C42532362%2C44809004%2C95320868%2C95320885&oid=2&pvsid=2843191572254011&tmod=468978039&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ppk80mik3f0l&fsb=1&dtd=531
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 11:08:37 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 6F7F 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 13:10:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
79076
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Dec 2024 13:10:41 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame F5B5 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhinu4KCAjAB&v=APEucNW8E4TWHNBUvmsHOBDGnmCrbcq3W_0-AHlZKeLiwUlHV0KbxL7keeN0jQh7_LxcAuF4TZ6C32X6bxPY9WnyQr3wnSFWac6JcK5-s5sUJrS3ysn0zgbbH5cF9xbARB5OVxI-Z6FSWqmosVRIg-gTrYAdUm54gucbP3vppILlUYpxvGLj-cI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703243316674&bpp=204&bdt=190&idt=527&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7208&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=839628639&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079980%2C42531706%2C42532362%2C44809004%2C95320868%2C95320885&oid=2&pvsid=2843191572254011&tmod=468978039&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ppk80mik3f0l&fsb=1&dtd=531
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703243316674&bpp=204&bdt=190&idt=527&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7208&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=839628639&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079980%2C42531706%2C42532362%2C44809004%2C95320868%2C95320885&oid=2&pvsid=2843191572254011&tmod=468978039&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ppk80mik3f0l&fsb=1&dtd=531
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:08:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 2B4A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuck7V7IG_lhWPyK4xH9roP_vtoCH5JzLI0EZP5MEj-Ffp9xx0phv0i-ix-psQgI8kY0JpZUWGA6Cs-G8RNgbin78O_vdy3Y25jUT89JV0C3fKcgATCe0zauqFzUUhqHDxi0p2INsZJJXs2ByEm4I8JkFBUnlZfXGxW5pEIz8dbJTP2EIYxRDPjlIRNPOMvNPw-gS06GuhmpKP2Pf0nmlReQyuSXl-5l1-_xWGtKQcluyFZJfaNjBxqV5Upbro8GNg5Y6pYwZ4iQUr0UegVFMZnTWLGx4W25W2_9mjcD6o01kYKlqvVZbY_fuug4VrgRwVg2FOeAY4pfigdLFDtISQgli-S77Iif7Baf4DhUcSgsMcHB9ku7zxJalaCL1ze10B-ofMMtzVplbJ8u_fBEYl9&sai=AMfl-YSN6RgZ7n6Is48i6yU158601K65GByxU1H1ZsX71r6iU6GXq22lzq2-oKiEu7F_w5CQOVdNXh0wiY7DMCk&sig=Cg0ArKJSzJrK0xf32blNEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 22 Dec 2023 11:08:37 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2B4A 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c6eefbd6f1f1f64525a0f0e69c4b0c0a08e76c1c0ad63361a28f0b920f58b5b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12001
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 75E7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=3110114821779197&rc=
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame E573 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=1391495508145524&rc=
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C947 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 22 Dec 2023 11:08:37 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 9AB0 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 13:10:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
79076
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Dec 2024 13:10:41 GMT
rum
dsum-sec.casalemedia.com/ Frame F5B5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOB6X_aeJuUOfG9Onm0R3s0&google_cver=1
43 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOB6X_aeJuUOfG9Onm0R3s0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhinu4KCAjAB&v=APEucNW8E4TWHNBUvmsHOBDGnmCrbcq3W_0-AHlZKeLiwUlHV0KbxL7keeN0jQh7_LxcAuF4TZ6C32X6bxPY9WnyQr3wnSFWac6JcK5-s5sUJrS3ysn0zgbbH5cF9xbARB5OVxI-Z6FSWqmosVRIg-gTrYAdUm54gucbP3vppILlUYpxvGLj-cI
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:08:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M9LDD%2FBn23IvHQJhBf5JpNLLViOFdtmnza5UZ1BGw50rOiIM7MRmYodbHiwY8CUX6F3z%2FTjXvqcnsffha1a%2Bw7M39%2BOLnzNw3ukDldB%2BewbLsZk1XJ6xnzHpyjgr6aTOHRihYOJlcFSSWA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8397e8701f5539f1-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:08:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOB6X_aeJuUOfG9Onm0R3s0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F5B5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYVuNdj6lz.BI-UQGyJDswAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOB6X_aeJuUOfG9Onm0R3s0&google_cver=1&google_hm=2
43 B
820 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOB6X_aeJuUOfG9Onm0R3s0&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhinu4KCAjAB&v=APEucNW8E4TWHNBUvmsHOBDGnmCrbcq3W_0-AHlZKeLiwUlHV0KbxL7keeN0jQh7_LxcAuF4TZ6C32X6bxPY9WnyQr3wnSFWac6JcK5-s5sUJrS3ysn0zgbbH5cF9xbARB5OVxI-Z6FSWqmosVRIg-gTrYAdUm54gucbP3vppILlUYpxvGLj-cI
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:08:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7I9zYZh8fGMGnbUWqcq1g075aTInr5pWvhpfthVr1C4e9FrTDBgYu1GGxivx%2BrYiIsaUsclAeasWc%2BOh5JOO5NjUSpWAPjmLWmMPcS9fkaD6nEljUE1II3fasoyt0wBRvprrdTQiOb6LOw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8397e8706fb839f1-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:08:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOB6X_aeJuUOfG9Onm0R3s0&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame F5B5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBdUirdPfq_QMPzgANQqLLw&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEBdUirdPfq_QMPzgANQqLLw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhinu4KCAjAB&v=APEucNW8E4TWHNBUvmsHOBDGnmCrbcq3W_0-AHlZKeLiwUlHV0KbxL7keeN0jQh7_LxcAuF4TZ6C32X6bxPY9WnyQr3wnSFWac6JcK5-s5sUJrS3ysn0zgbbH5cF9xbARB5OVxI-Z6FSWqmosVRIg-gTrYAdUm54gucbP3vppILlUYpxvGLj-cI
Protocol
H2
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:08:37 GMT
an-x-request-uuid
01064532-8f80-40e2-a1b6-defc222a3550
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.136; 178.162.209.136; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:08:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEBdUirdPfq_QMPzgANQqLLw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F5B5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjUxNTIwODgyMTk2NDQzOTQzNw%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjUxNTIwODgyMTk2NDQzOTQzNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhinu4KCAjAB&v=APEucNW8E4TWHNBUvmsHOBDGnmCrbcq3W_0-AHlZKeLiwUlHV0KbxL7keeN0jQh7_LxcAuF4TZ6C32X6bxPY9WnyQr3wnSFWac6JcK5-s5sUJrS3ysn0zgbbH5cF9xbARB5OVxI-Z6FSWqmosVRIg-gTrYAdUm54gucbP3vppILlUYpxvGLj-cI
Protocol
H2
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:08:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:08:37 GMT
an-x-request-uuid
4f02e71d-ebe2-472b-b4cd-e912e4e77d1f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjUxNTIwODgyMTk2NDQzOTQzNw%3D%3D
x-proxy-origin
178.162.209.136; 178.162.209.136; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2B4A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 22 Dec 2023 11:08:37 GMT
generate_204
tpc.googlesyndication.com/ Frame 6F7F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?_HjZjw
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:37 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame EEEE 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5503367077075&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:08:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EEEE 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5503367077075&version=m202309260101&ct=77&x=1&cor=13968835423680377000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:08:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame EEEE 		34 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C2omtI7VSUUc2ica61ogEiCN7QAG6PE0Z16XVZRrzW_9ShY-rRNBdYENJvCwuF5pvRFk4DYkKe91ASd-ngTgzkPIh1mQYIfMqwbh8s0mMZDJCf32jUARSGOwAyJOGHGkhDCljF5foxRdJPG94PFCoNmS0FCv2CexPPGOmceeStqMMH7HU&cry=1&dbm_d=AKAmf-AICGgPuqiUSqPqyqVvH8PG5RzOgL-4Cqa1wW1qB5wfZxdHBEpFwgpxiG5i2ZoAQRg_Yq6s1th5X-WIcGk7dLo_FH7oYCK3xcnbmKwxNamfzK3G289dSq-Ns4tDR7mifp3BPUw7intM_W5MZw_cR6clTSSVh-w7iYsAY2NQ_jiLZ9TBlT9bP_G7BI_Elm6B6TryBRoZH5N_XxCrk_v9D6GqRH-j6l2UtKLmYZk9SAPSFs_f23RVOKAOjL7skLUXzV6nU7OmvVgB4tadrgMP0FbIeWnEce7ksfcZY72MilfUuxQRGREqAwEr6PsJK_wuZ6HKJmXTaR-NVJN-H032VK3sxEacTY9BjQGS55kjNdtYZxNs9kXqKK233Gd8Qlar-a-Ir2Ea05TiX74OtDmUR9h52VJzG9il5-0lnmuvxRCqR4FMrNTO4HoQkrXRIpqZpuf3fTXCwQRhKL1MEMJZWKLfQptfpTzqpbuT4Xaq4DL9DStfDbyuZ5-dnEbVbpX45Z0_znZhyeQETixA2r2oSEd_-_givcaIGA3TQ6ZEvoc5Ohenx9KzawEN-VytW1_dk9TOUeC7sjDgbJKBZmN8bh6iKNUjuDosLbAnj23gnV_kKableh9HDKISkC-GdHMJqqKS4MGlsw0tl9E28ad9qVjW7ci2Wcl2L7UhSR_3aeN23aoWnR0eX99X55wnp8fz8xCO3lvy0ojNds2cyQe6wvcop45RIn35eDPG7JLTT81uxWyrs4DEVXAWdnI9Op-k-kFw2K_242kVMEahokucK1ySCRo0F31duqK15d_4fJjQ56gI860Ietsq5A4iz4oQjNdUlVfB6etyH6oojvFm8YoPqVNOLz2u001DHRcdk4gYYGZjvu1tYmRwAvRsHtrV2irNnT0-gDgfBn6tI_lANGKucHrF10RVRK7cuiFkgCiegaxruPLvpw1Qe7ySIQbxuwiSjyp3kAIEgHrhjsZB23iHdJ22Q0yVmg8T7I5IhY7lcIygIQkvxhNAGEwx9w83VfX6Z-2Qgc5BqKxT5nNBO792ZxJs0ogHttDvS6wg0cZMp58iA70ZJwCY-hRPO2_cXCiNTq6cgOQaZX-jVrDcSNOG0JBNjxJ9RW3bCvDbUeXFnaIj0b_qLvzNvYrrJLc_bQxlSI8dq4-E6tmd_g6yoYIhzvYnsWv8ydMa6WK6qJVmBZUa6KbfQe1Av68LVU4wOkwOmhlqLnxJsEkmJ8D76pdeZDUIVoaV_Qf3sP49ULRUf4uJRsQa-RfF47KuvS8NrVRz1nacbSNwo1XjzX2SkTkAiZGsKbNwJapEu4Zas51ul9qxblCE9-cDnUHAW8FxnYaX7y2Q_6mzy-8EEOEJEirgzjInnglEtWYXcW39ZhuI7NBm7e5kEoz9M0deK_umYbZ4F3EarJbm_83qI1vSumyrCmEbviG5ImElnuBKJqSpIPXNqJwujKDIElyWr0g9sYeaSmj4MbqEwBAHWOXM_Ug-vfA6STTmy_3hmXgooS6x-iIfOyh6DklJ0wZw6Q1wB44yEPWdPjGFOkZfAe9t4Cg2XFNNcNDH913vI6WCkyqXV7AQ4PE5xDDRu93pzUODOQVV8cHh1H4PF4R2n-DDNCCqfyC3sWW9JW6-p_FCTW7bv9OZ2MJE3EiDSuRNKD67IJtC3rZ6qvTYmHc5wt24_BIrZtOBe6Fk2CFKFi1i-jq4eHeLAXFE6P_sCyYPEWYlzFmerCr_0K9tOgFlFCw5Z2STpVkTC3JwRlXp26SyH7qpHnuyHrwtafgWlSAoEmvEe8C2OAkzsd2Dz3OSrZrXQFOCFDTAEaxSclAg13bUpY8LflOXm7n6lERKhx9XWxzAtAQPs_pzfNnpw0_5t18GW7HBpyj1VgSzl1QOYu4168waL038tYzkPvRiG98hfTqeNh-WZUse_4h584g52DQdVSI_fmhlyG79cD2tC7kyqc-TQP2bDbqGEYTv_CpCfh7EdG1tpaYPu4Bko56h4Gz1Dllo7fFG6YBYy9UC3V8nu6RiWmXDdlX0Ecjcjgvz6EZSHkUUV6br8GyxQAm9j_0ZJMTtV0pjfIC2_PXraaFJlI4RSrItMlAzdb0kthNvy-hbWermEbS64ikICIq-wvhOxrhMYExfLgobqx0YqBMrw_5CeT5Up1vIzLWYPiTGGF_Dd7F6bOjoAQJ8vG10mNhwOepOAmXCJ4AM4S2prAt8SBfw9HDr4QXd56I6cfgvC5Isj0oMSr4kxDAzrW-9pDN4PVgMGRs9NeAZG58Gx_gz8doJtlGAJ8ftKBliqJrSM8WVJYACbYtlWJid-tWntyO5wEVad9DOkAxA5_b6qf_2Ufbj1giRmA4xdUatqwrkYfx1mFYVa8uHUzpVzDxM7z-Rtpb5fjWwkaTn11-l1WR8EWkFtgbKIoXBuHpA7i0eMjkHxrow5R4Gd80SYpAzH5xhCsWNO_zHDnwXZINt-IaeUcTfXkrvN8Zf6vq_-_ULAir7pY8BsYD6JpfO8fyY_-gpDeMOpxbdix6jsqXE3eoTNypcRDjODotMLfOh_do7eoQ7zY40mwJ9V7IG5stiV5KC5TMpVXFI6M3KlUYFmu8vCP3hPPeBgCW7_W7VJkthPmxa295RIQGJkO7Z0dSuwH13Hz-dZpOy3a0p1uQlOA_bhI01V18r1vm_fvnD8IiZEcNtIbCUnd2H_piMmpAD4M98rnzHlQbGP60ZF2rITQfzajRX7n3B-8NKCjdxM8FKAZ727RWhLTaXBfzVir7o9h9eabgPNSC03w_Kxbh4OrUp3dE5gfc-XWvL9xMSk01PgQBJLkA378EDbmim4coR0ea_DbZd2R8oq_ULAjvHTdOrRZ1K8-47F3QUctwDGDUiz1HAKs5wsge-kMb2aSawyNsCsbYYuvJt5lylH1MEK2Q659FV1LKWmRGZLW7q8A-I_aepw4XV7gp6uu5KAdEWz05bFAH2voTgZuvoeoOUkeeCvRKpfaTwYCJdc3-urBdRW3iwIjLyr9M-Hke3o5GZjx_WsrwgQZHJAkx7ga1pogRFsZb93iEBI3fMQ50LcRjXGsJiJZRB7WSrfYYbIx0cd9Xnd2CARAw83hlN3YGI1dmafwrk_1brgHcvRGDduKQhaH8AU2tRqhd45m5fX0rSwrq3vDozKh4Tyy6CBDMSfFY3MR2IgcDCEnMSFQLnJZIz6HMXRsWgjZMAefAUW6rLehG3ChjPgbVXZRH7qZ3Au1fbzNRCIMN19vtB-FNIw0LksLUbIe36PkEZZ6YwnKrTcv2f843bXMGgAVLScfHbEtvZIpAkBjfH_OCWfGI3UTlzCzfzOI-pSR0GxJwUJwpCFXECuIilRhggywTlH4j3m2i8ij4y-gEANFnhrstyEXdNiiyTX3AiOFz8anudp7aTXW8X4Q5XnnkCWC7n7jGJj55XvoyWpkB-ZomNXX3NodA0Mb8MMK2-5ImOo_t60c7oY6cxaA5NgdK0Z_i6KJR_tBFxosjszOtKiouOZRX1k88epmexCO_nASuJDEGeSImHIcOeRjeWpRJ_2JaQXxTU1oTBLZzOz7IpxGfsgka7mIto_vX0UCKyYX3Jhze9GjkPI8LVBxL5uk9PxgAouUy_z0H_TFehHg7OOS8vJhYWXB81cQqaN3cc1jKADEPv4p70CesAVcBtXrb7VldAwfpJFRojuUawTdBn9edcK-O1zg-5brpwymKrFF7-jUSQhaoXW2NwELZiIbhKlcx4LST-z0QHdUtuGEuG67g&cid=CAQSKQAvHhf_C0c7ouaFTaZqKAaOZqn6PuOQM5q83AU4npRHnrBBh370Y8jBGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=13968835423680377000&adk=1761367584&idt=134&cac=0&dtd=32
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a131fc01b268534108bfc3fd57f94b172a372eb49e1f2adc641947709770735
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703243316674&bpp=204&bdt=190&idt=527&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7208&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=839628639&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079980%2C42531706%2C42532362%2C44809004%2C95320868%2C95320885&oid=2&pvsid=2843191572254011&tmod=468978039&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ppk80mik3f0l&fsb=1&dtd=531
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:08:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19822
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 60BA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2140
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 10:32:57 GMT
expires
Sat, 21 Dec 2024 10:32:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 10DB 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
204fdb307e6f9f36d07bfbb9894e5077b99139be3781867d8b06e08e9c247824
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BxA6Yb7Aihf0mAE1RfxAdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-BxA6Yb7Aihf0mAE1RfxAdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:08:37 GMT
expires
Fri, 22 Dec 2023 11:08:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
generate_204
tpc.googlesyndication.com/ Frame 9AB0 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?HePXBw
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:37 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2192 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2140
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 10:32:57 GMT
expires
Sat, 21 Dec 2024 10:32:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0F71 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cae2bc80669a8710661c20b014851082bfb04dfb11b7a1e24aee2d45b1a09aeb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_zTq0iZupARRCoBIBTZFoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-_zTq0iZupARRCoBIBTZFoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:08:37 GMT
expires
Fri, 22 Dec 2023 11:08:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 10DB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=1177456641719290&rc=
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 60BA 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 13:10:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
79076
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Dec 2024 13:10:41 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 2192 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 13:10:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
79076
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Dec 2024 13:10:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0F71 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=3790887298648475&rc=
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 60BA 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ylbXzA
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:37 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 2192 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?U2XkKw
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:37 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame EEEE 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C2omtI7VSUUc2ica61ogEiCN7QAG6PE0Z16XVZRrzW_9ShY-rRNBdYENJvCwuF5pvRFk4DYkKe91ASd-ngTgzkPIh1mQYIfMqwbh8s0mMZDJCf32jUARSGOwAyJOGHGkhDCljF5foxRdJPG94PFCoNmS0FCv2CexPPGOmceeStqMMH7HU&cry=1&dbm_d=AKAmf-AICGgPuqiUSqPqyqVvH8PG5RzOgL-4Cqa1wW1qB5wfZxdHBEpFwgpxiG5i2ZoAQRg_Yq6s1th5X-WIcGk7dLo_FH7oYCK3xcnbmKwxNamfzK3G289dSq-Ns4tDR7mifp3BPUw7intM_W5MZw_cR6clTSSVh-w7iYsAY2NQ_jiLZ9TBlT9bP_G7BI_Elm6B6TryBRoZH5N_XxCrk_v9D6GqRH-j6l2UtKLmYZk9SAPSFs_f23RVOKAOjL7skLUXzV6nU7OmvVgB4tadrgMP0FbIeWnEce7ksfcZY72MilfUuxQRGREqAwEr6PsJK_wuZ6HKJmXTaR-NVJN-H032VK3sxEacTY9BjQGS55kjNdtYZxNs9kXqKK233Gd8Qlar-a-Ir2Ea05TiX74OtDmUR9h52VJzG9il5-0lnmuvxRCqR4FMrNTO4HoQkrXRIpqZpuf3fTXCwQRhKL1MEMJZWKLfQptfpTzqpbuT4Xaq4DL9DStfDbyuZ5-dnEbVbpX45Z0_znZhyeQETixA2r2oSEd_-_givcaIGA3TQ6ZEvoc5Ohenx9KzawEN-VytW1_dk9TOUeC7sjDgbJKBZmN8bh6iKNUjuDosLbAnj23gnV_kKableh9HDKISkC-GdHMJqqKS4MGlsw0tl9E28ad9qVjW7ci2Wcl2L7UhSR_3aeN23aoWnR0eX99X55wnp8fz8xCO3lvy0ojNds2cyQe6wvcop45RIn35eDPG7JLTT81uxWyrs4DEVXAWdnI9Op-k-kFw2K_242kVMEahokucK1ySCRo0F31duqK15d_4fJjQ56gI860Ietsq5A4iz4oQjNdUlVfB6etyH6oojvFm8YoPqVNOLz2u001DHRcdk4gYYGZjvu1tYmRwAvRsHtrV2irNnT0-gDgfBn6tI_lANGKucHrF10RVRK7cuiFkgCiegaxruPLvpw1Qe7ySIQbxuwiSjyp3kAIEgHrhjsZB23iHdJ22Q0yVmg8T7I5IhY7lcIygIQkvxhNAGEwx9w83VfX6Z-2Qgc5BqKxT5nNBO792ZxJs0ogHttDvS6wg0cZMp58iA70ZJwCY-hRPO2_cXCiNTq6cgOQaZX-jVrDcSNOG0JBNjxJ9RW3bCvDbUeXFnaIj0b_qLvzNvYrrJLc_bQxlSI8dq4-E6tmd_g6yoYIhzvYnsWv8ydMa6WK6qJVmBZUa6KbfQe1Av68LVU4wOkwOmhlqLnxJsEkmJ8D76pdeZDUIVoaV_Qf3sP49ULRUf4uJRsQa-RfF47KuvS8NrVRz1nacbSNwo1XjzX2SkTkAiZGsKbNwJapEu4Zas51ul9qxblCE9-cDnUHAW8FxnYaX7y2Q_6mzy-8EEOEJEirgzjInnglEtWYXcW39ZhuI7NBm7e5kEoz9M0deK_umYbZ4F3EarJbm_83qI1vSumyrCmEbviG5ImElnuBKJqSpIPXNqJwujKDIElyWr0g9sYeaSmj4MbqEwBAHWOXM_Ug-vfA6STTmy_3hmXgooS6x-iIfOyh6DklJ0wZw6Q1wB44yEPWdPjGFOkZfAe9t4Cg2XFNNcNDH913vI6WCkyqXV7AQ4PE5xDDRu93pzUODOQVV8cHh1H4PF4R2n-DDNCCqfyC3sWW9JW6-p_FCTW7bv9OZ2MJE3EiDSuRNKD67IJtC3rZ6qvTYmHc5wt24_BIrZtOBe6Fk2CFKFi1i-jq4eHeLAXFE6P_sCyYPEWYlzFmerCr_0K9tOgFlFCw5Z2STpVkTC3JwRlXp26SyH7qpHnuyHrwtafgWlSAoEmvEe8C2OAkzsd2Dz3OSrZrXQFOCFDTAEaxSclAg13bUpY8LflOXm7n6lERKhx9XWxzAtAQPs_pzfNnpw0_5t18GW7HBpyj1VgSzl1QOYu4168waL038tYzkPvRiG98hfTqeNh-WZUse_4h584g52DQdVSI_fmhlyG79cD2tC7kyqc-TQP2bDbqGEYTv_CpCfh7EdG1tpaYPu4Bko56h4Gz1Dllo7fFG6YBYy9UC3V8nu6RiWmXDdlX0Ecjcjgvz6EZSHkUUV6br8GyxQAm9j_0ZJMTtV0pjfIC2_PXraaFJlI4RSrItMlAzdb0kthNvy-hbWermEbS64ikICIq-wvhOxrhMYExfLgobqx0YqBMrw_5CeT5Up1vIzLWYPiTGGF_Dd7F6bOjoAQJ8vG10mNhwOepOAmXCJ4AM4S2prAt8SBfw9HDr4QXd56I6cfgvC5Isj0oMSr4kxDAzrW-9pDN4PVgMGRs9NeAZG58Gx_gz8doJtlGAJ8ftKBliqJrSM8WVJYACbYtlWJid-tWntyO5wEVad9DOkAxA5_b6qf_2Ufbj1giRmA4xdUatqwrkYfx1mFYVa8uHUzpVzDxM7z-Rtpb5fjWwkaTn11-l1WR8EWkFtgbKIoXBuHpA7i0eMjkHxrow5R4Gd80SYpAzH5xhCsWNO_zHDnwXZINt-IaeUcTfXkrvN8Zf6vq_-_ULAir7pY8BsYD6JpfO8fyY_-gpDeMOpxbdix6jsqXE3eoTNypcRDjODotMLfOh_do7eoQ7zY40mwJ9V7IG5stiV5KC5TMpVXFI6M3KlUYFmu8vCP3hPPeBgCW7_W7VJkthPmxa295RIQGJkO7Z0dSuwH13Hz-dZpOy3a0p1uQlOA_bhI01V18r1vm_fvnD8IiZEcNtIbCUnd2H_piMmpAD4M98rnzHlQbGP60ZF2rITQfzajRX7n3B-8NKCjdxM8FKAZ727RWhLTaXBfzVir7o9h9eabgPNSC03w_Kxbh4OrUp3dE5gfc-XWvL9xMSk01PgQBJLkA378EDbmim4coR0ea_DbZd2R8oq_ULAjvHTdOrRZ1K8-47F3QUctwDGDUiz1HAKs5wsge-kMb2aSawyNsCsbYYuvJt5lylH1MEK2Q659FV1LKWmRGZLW7q8A-I_aepw4XV7gp6uu5KAdEWz05bFAH2voTgZuvoeoOUkeeCvRKpfaTwYCJdc3-urBdRW3iwIjLyr9M-Hke3o5GZjx_WsrwgQZHJAkx7ga1pogRFsZb93iEBI3fMQ50LcRjXGsJiJZRB7WSrfYYbIx0cd9Xnd2CARAw83hlN3YGI1dmafwrk_1brgHcvRGDduKQhaH8AU2tRqhd45m5fX0rSwrq3vDozKh4Tyy6CBDMSfFY3MR2IgcDCEnMSFQLnJZIz6HMXRsWgjZMAefAUW6rLehG3ChjPgbVXZRH7qZ3Au1fbzNRCIMN19vtB-FNIw0LksLUbIe36PkEZZ6YwnKrTcv2f843bXMGgAVLScfHbEtvZIpAkBjfH_OCWfGI3UTlzCzfzOI-pSR0GxJwUJwpCFXECuIilRhggywTlH4j3m2i8ij4y-gEANFnhrstyEXdNiiyTX3AiOFz8anudp7aTXW8X4Q5XnnkCWC7n7jGJj55XvoyWpkB-ZomNXX3NodA0Mb8MMK2-5ImOo_t60c7oY6cxaA5NgdK0Z_i6KJR_tBFxosjszOtKiouOZRX1k88epmexCO_nASuJDEGeSImHIcOeRjeWpRJ_2JaQXxTU1oTBLZzOz7IpxGfsgka7mIto_vX0UCKyYX3Jhze9GjkPI8LVBxL5uk9PxgAouUy_z0H_TFehHg7OOS8vJhYWXB81cQqaN3cc1jKADEPv4p70CesAVcBtXrb7VldAwfpJFRojuUawTdBn9edcK-O1zg-5brpwymKrFF7-jUSQhaoXW2NwELZiIbhKlcx4LST-z0QHdUtuGEuG67g&cid=CAQSKQAvHhf_C0c7ouaFTaZqKAaOZqn6PuOQM5q83AU4npRHnrBBh370Y8jBGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=13968835423680377000&adk=1761367584&idt=134&cac=0&dtd=32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 20:42:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
51971
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
server
cafe
etag
16225921609732785849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 20:42:27 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame EEEE 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C2omtI7VSUUc2ica61ogEiCN7QAG6PE0Z16XVZRrzW_9ShY-rRNBdYENJvCwuF5pvRFk4DYkKe91ASd-ngTgzkPIh1mQYIfMqwbh8s0mMZDJCf32jUARSGOwAyJOGHGkhDCljF5foxRdJPG94PFCoNmS0FCv2CexPPGOmceeStqMMH7HU&cry=1&dbm_d=AKAmf-AICGgPuqiUSqPqyqVvH8PG5RzOgL-4Cqa1wW1qB5wfZxdHBEpFwgpxiG5i2ZoAQRg_Yq6s1th5X-WIcGk7dLo_FH7oYCK3xcnbmKwxNamfzK3G289dSq-Ns4tDR7mifp3BPUw7intM_W5MZw_cR6clTSSVh-w7iYsAY2NQ_jiLZ9TBlT9bP_G7BI_Elm6B6TryBRoZH5N_XxCrk_v9D6GqRH-j6l2UtKLmYZk9SAPSFs_f23RVOKAOjL7skLUXzV6nU7OmvVgB4tadrgMP0FbIeWnEce7ksfcZY72MilfUuxQRGREqAwEr6PsJK_wuZ6HKJmXTaR-NVJN-H032VK3sxEacTY9BjQGS55kjNdtYZxNs9kXqKK233Gd8Qlar-a-Ir2Ea05TiX74OtDmUR9h52VJzG9il5-0lnmuvxRCqR4FMrNTO4HoQkrXRIpqZpuf3fTXCwQRhKL1MEMJZWKLfQptfpTzqpbuT4Xaq4DL9DStfDbyuZ5-dnEbVbpX45Z0_znZhyeQETixA2r2oSEd_-_givcaIGA3TQ6ZEvoc5Ohenx9KzawEN-VytW1_dk9TOUeC7sjDgbJKBZmN8bh6iKNUjuDosLbAnj23gnV_kKableh9HDKISkC-GdHMJqqKS4MGlsw0tl9E28ad9qVjW7ci2Wcl2L7UhSR_3aeN23aoWnR0eX99X55wnp8fz8xCO3lvy0ojNds2cyQe6wvcop45RIn35eDPG7JLTT81uxWyrs4DEVXAWdnI9Op-k-kFw2K_242kVMEahokucK1ySCRo0F31duqK15d_4fJjQ56gI860Ietsq5A4iz4oQjNdUlVfB6etyH6oojvFm8YoPqVNOLz2u001DHRcdk4gYYGZjvu1tYmRwAvRsHtrV2irNnT0-gDgfBn6tI_lANGKucHrF10RVRK7cuiFkgCiegaxruPLvpw1Qe7ySIQbxuwiSjyp3kAIEgHrhjsZB23iHdJ22Q0yVmg8T7I5IhY7lcIygIQkvxhNAGEwx9w83VfX6Z-2Qgc5BqKxT5nNBO792ZxJs0ogHttDvS6wg0cZMp58iA70ZJwCY-hRPO2_cXCiNTq6cgOQaZX-jVrDcSNOG0JBNjxJ9RW3bCvDbUeXFnaIj0b_qLvzNvYrrJLc_bQxlSI8dq4-E6tmd_g6yoYIhzvYnsWv8ydMa6WK6qJVmBZUa6KbfQe1Av68LVU4wOkwOmhlqLnxJsEkmJ8D76pdeZDUIVoaV_Qf3sP49ULRUf4uJRsQa-RfF47KuvS8NrVRz1nacbSNwo1XjzX2SkTkAiZGsKbNwJapEu4Zas51ul9qxblCE9-cDnUHAW8FxnYaX7y2Q_6mzy-8EEOEJEirgzjInnglEtWYXcW39ZhuI7NBm7e5kEoz9M0deK_umYbZ4F3EarJbm_83qI1vSumyrCmEbviG5ImElnuBKJqSpIPXNqJwujKDIElyWr0g9sYeaSmj4MbqEwBAHWOXM_Ug-vfA6STTmy_3hmXgooS6x-iIfOyh6DklJ0wZw6Q1wB44yEPWdPjGFOkZfAe9t4Cg2XFNNcNDH913vI6WCkyqXV7AQ4PE5xDDRu93pzUODOQVV8cHh1H4PF4R2n-DDNCCqfyC3sWW9JW6-p_FCTW7bv9OZ2MJE3EiDSuRNKD67IJtC3rZ6qvTYmHc5wt24_BIrZtOBe6Fk2CFKFi1i-jq4eHeLAXFE6P_sCyYPEWYlzFmerCr_0K9tOgFlFCw5Z2STpVkTC3JwRlXp26SyH7qpHnuyHrwtafgWlSAoEmvEe8C2OAkzsd2Dz3OSrZrXQFOCFDTAEaxSclAg13bUpY8LflOXm7n6lERKhx9XWxzAtAQPs_pzfNnpw0_5t18GW7HBpyj1VgSzl1QOYu4168waL038tYzkPvRiG98hfTqeNh-WZUse_4h584g52DQdVSI_fmhlyG79cD2tC7kyqc-TQP2bDbqGEYTv_CpCfh7EdG1tpaYPu4Bko56h4Gz1Dllo7fFG6YBYy9UC3V8nu6RiWmXDdlX0Ecjcjgvz6EZSHkUUV6br8GyxQAm9j_0ZJMTtV0pjfIC2_PXraaFJlI4RSrItMlAzdb0kthNvy-hbWermEbS64ikICIq-wvhOxrhMYExfLgobqx0YqBMrw_5CeT5Up1vIzLWYPiTGGF_Dd7F6bOjoAQJ8vG10mNhwOepOAmXCJ4AM4S2prAt8SBfw9HDr4QXd56I6cfgvC5Isj0oMSr4kxDAzrW-9pDN4PVgMGRs9NeAZG58Gx_gz8doJtlGAJ8ftKBliqJrSM8WVJYACbYtlWJid-tWntyO5wEVad9DOkAxA5_b6qf_2Ufbj1giRmA4xdUatqwrkYfx1mFYVa8uHUzpVzDxM7z-Rtpb5fjWwkaTn11-l1WR8EWkFtgbKIoXBuHpA7i0eMjkHxrow5R4Gd80SYpAzH5xhCsWNO_zHDnwXZINt-IaeUcTfXkrvN8Zf6vq_-_ULAir7pY8BsYD6JpfO8fyY_-gpDeMOpxbdix6jsqXE3eoTNypcRDjODotMLfOh_do7eoQ7zY40mwJ9V7IG5stiV5KC5TMpVXFI6M3KlUYFmu8vCP3hPPeBgCW7_W7VJkthPmxa295RIQGJkO7Z0dSuwH13Hz-dZpOy3a0p1uQlOA_bhI01V18r1vm_fvnD8IiZEcNtIbCUnd2H_piMmpAD4M98rnzHlQbGP60ZF2rITQfzajRX7n3B-8NKCjdxM8FKAZ727RWhLTaXBfzVir7o9h9eabgPNSC03w_Kxbh4OrUp3dE5gfc-XWvL9xMSk01PgQBJLkA378EDbmim4coR0ea_DbZd2R8oq_ULAjvHTdOrRZ1K8-47F3QUctwDGDUiz1HAKs5wsge-kMb2aSawyNsCsbYYuvJt5lylH1MEK2Q659FV1LKWmRGZLW7q8A-I_aepw4XV7gp6uu5KAdEWz05bFAH2voTgZuvoeoOUkeeCvRKpfaTwYCJdc3-urBdRW3iwIjLyr9M-Hke3o5GZjx_WsrwgQZHJAkx7ga1pogRFsZb93iEBI3fMQ50LcRjXGsJiJZRB7WSrfYYbIx0cd9Xnd2CARAw83hlN3YGI1dmafwrk_1brgHcvRGDduKQhaH8AU2tRqhd45m5fX0rSwrq3vDozKh4Tyy6CBDMSfFY3MR2IgcDCEnMSFQLnJZIz6HMXRsWgjZMAefAUW6rLehG3ChjPgbVXZRH7qZ3Au1fbzNRCIMN19vtB-FNIw0LksLUbIe36PkEZZ6YwnKrTcv2f843bXMGgAVLScfHbEtvZIpAkBjfH_OCWfGI3UTlzCzfzOI-pSR0GxJwUJwpCFXECuIilRhggywTlH4j3m2i8ij4y-gEANFnhrstyEXdNiiyTX3AiOFz8anudp7aTXW8X4Q5XnnkCWC7n7jGJj55XvoyWpkB-ZomNXX3NodA0Mb8MMK2-5ImOo_t60c7oY6cxaA5NgdK0Z_i6KJR_tBFxosjszOtKiouOZRX1k88epmexCO_nASuJDEGeSImHIcOeRjeWpRJ_2JaQXxTU1oTBLZzOz7IpxGfsgka7mIto_vX0UCKyYX3Jhze9GjkPI8LVBxL5uk9PxgAouUy_z0H_TFehHg7OOS8vJhYWXB81cQqaN3cc1jKADEPv4p70CesAVcBtXrb7VldAwfpJFRojuUawTdBn9edcK-O1zg-5brpwymKrFF7-jUSQhaoXW2NwELZiIbhKlcx4LST-z0QHdUtuGEuG67g&cid=CAQSKQAvHhf_C0c7ouaFTaZqKAaOZqn6PuOQM5q83AU4npRHnrBBh370Y8jBGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xgcartoon.com&ds=l&xdt=1&iif=1&cor=13968835423680377000&adk=1761367584&idt=134&cac=0&dtd=32
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
249562
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Dec 2024 13:49:16 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMzI0MzMxNzg0MjYwOQogIHNlcnZlcl9pcDogMTI2MDY3NzA1CiAgcHJvY2Vzc19pZDogMjA2Mzc1NTc5Mwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTE0MDg3...
ad.doubleclick.net/ddm/activity/ Frame EEEE 		0
862 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMzI0MzMxNzg0MjYwOQogIHNlcnZlcl9pcDogMTI2MDY3NzA1CiAgcHJvY2Vzc19pZDogMjA2Mzc1NTc5Mwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTE0MDg3MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vYWxkaXRhbGsuZGUiCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMzAKZXZlbnRfaW1wcmVzc2lvbl9pZDogODI3MjkzNjU3MTYzMTQ2NDAzNApkZWJ1Z19rZXk6IDkxMDk0Nzc0Mzc1NDYyMjgyNjgKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTEyLTIyIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTExNDA4NzMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzODQzODA1MDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDczOTkyMDQ0MQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyMDg3NDE5MjQyMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDU0MTEwNTU3NQogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9hbGRpdGFsay5kZSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjEuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMi5jb20iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703243316674&bpp=204&bdt=190&idt=527&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7208&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=839628639&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079980%2C42531706%2C42532362%2C44809004%2C95320868%2C95320885&oid=2&pvsid=2843191572254011&tmod=468978039&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ppk80mik3f0l&fsb=1&dtd=531
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:08:38 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x725a8d6cbaab3e6d0000000000000000","13":"0xd267d4e6bc9f73f50000000000000000","14":"0xcf8811bbef8974fb0000000000000000","15":"0xc8b33b399ec7e3020000000000000000"},"debug_key":"9109477437546228268","debug_reporting":true,"destination":"https://alditalk.de","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11140873"]},"priority":"0","source_event_id":"8272936571631464034"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
banner
ad1.adfarm1.adition.com/ Frame EEEE 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad1.adfarm1.adition.com/banner?sid=4745915&adjsver=3&fvers=&iframe=1&ref=https%3A//1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/&ro=https%3A//googleads.g.doubleclick.net/pagead/ads%3Fclient%3Dca-pub-5884294479391638%26output%3Dhtml%26h%3D90%26slotname%3D3654094576%26adk%3D1418711512%26adf%3D3173046728%26pi%3Dt.ma%7Eas.3654094576%26w%3D728%26url%3Dhttps%253A%252F%252Fwww.xgcartoon.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1703243316674%26bpp%3D204%26bdt%3D190%26idt%3D527%26shv%3Dr20231207%26mjsv%3Dm202312070101%26ptt%3D5%26saldr%3Dsd%26is_amp%3D1%26correlator%3D7208%26frm%3D24%26ife%3D3%26pv%3D2%26nhd%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D728%26ish%3D0%26ifk%3D839628639%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759875%252C44759926%252C44759837%252C31079980%252C42531706%252C42532362%252C44809004%252C95320868%252C95320885%26oid%3D2%26pvsid%3D2843191572254011%26tmod%3D468978039%26uas%3D0%26nvt%3D1%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C728%252C0%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D1%26uci%3D1.ppk80mik3f0l%26fsb%3D1%26dtd%3D531&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/120.0.6099.109%20Safari/537.36&os=17&browser=11&userid=0&kid=6292687&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC34q%2DNW6FZY2NEsHMtOUPjP%2Di0Abjkoj2dI7XsaqDEtCg1vesARABINPLzjBglYKAgLQHoAH0i5KgAcgBCakC1hwwsmp0sj6oAwHIA5sEqgT6AU%5FQZRP%2Dx2gJTbAjKWN%2DzvxBDYMMWADvfiSQS98mVFgCcNbY8St2GpGRxVF7f3g3Psx2tN1CGRXDIHGpuFuqHyme2bgDG27w%2DxssVYcTvlW7sx98bAEDPPlcXAt8aN9amMmtZv%5F00Fapr7HKchJaKmetlqiO3dmn5aAoXpRGYnqAdh2%5FxDbq1qGt3DCAOs54fd%2D6QjcXcueGcRbPoYrVMWqsMtH5wjeP0wvlyx6hFdUot97ZP4Eo4BPxSE%5FnVdEE6Up%5FaXTHNGO0mg4dx02iT%2Dcn%5FcdNW%5FKvO%5Fgevljnje%2DmP04CfBkOJDfP7RzUYwVUUSfphNjwtrGz8dDABPXGr6DIBOAEA4gFpMzL4U2QBgGgBk2AB%5FTz7d8CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiA4YAQEAEYXTICqgI6AoBASL39wTpYhMiO5%5FOigwOACgOYCwHICwGADAGiDCAqHgoc5LSxAu61sQK1uLECrLqxAuS0sQLutbECu7uxAqoNAkRFsBPl1oEW0BMA2BMN2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FC0c7ouaFTaZqKAaOZqn6PuOQM5q83AU4npRHnrBBh370Y8jBGAE%26sig%3DAOD64%5F3V9c2FJGEh6iL73y3Cgm7hGMAo9w%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DCWZJpcIW2qF4B%5FBqNrJqCNH9YdKZZgAPjyOiMq1jpLWp%2Dr2Y9uPbWHlIGX19HmmHCUkmEe1znMF6cjuMlncH%5Fa%2DPPQ5MGEZgqINHpOnbe0ntOGPBIhMUaQ6f%5F9yj2w4QKN%5F0lqImxgxKS6dNwN6eH3rxEARS23S7k8%2DWtXQMJnS0qL%5FJ8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DA9MM8o3YDDOXIF8jvXIWpJTkXjaKqZF4rjA4VUI5KpXPGNneFqEbHT16jQt%5FzcAtPZAOBQ69NIOoNIPN5FOD7O6PW14NEkOx9ijIchcIgQqo26%2Dg2c8nUyb%2D38b3VuYi3P%5FIldJWaD0gCaQYicxib2%5FD79fnmUucQNpp3Jd949yUlpxEPdhNl5tqfvWLmQHnHEycWt4lZ9E6xuFcpi95yHcNyLO40C707w%5FGBuCfbkNw3%2Dvtrl3tE%2D5y2P1dAn4%2DLG%5FBqLt0qj30o8Ke5R6kOKmCbX6LAdLnzHUDnWOJSfhV%2DkUzUCDOF0nXxAE280z50nvLOpLR6HnT8B3pX33O9v78UL3wMS4GVyyF%2DGSrV5A995jfS7wPleF%5FZ6dxle6nXEuUIESe6%2DLkhSOVTQYiiIgVjREkwIjLeEQ6kyo8dqw3cIXBqLG09cfMf0my%2DtqmR1F7QuEd2qGUWvyzpFPDnac3DJxsqHSd%5F%2DR%5FtBpvruhSeceAMX09NZJF066waqwQH8xOKhEAfkSs7rk8JY%2DQKSlnDgVPz4ghOzxCR1wjtK2%2DpmujeyKkgh0R9ap81LmdpOwga0%26adurl%3D
Requested by
Host: ad1.adfarm1.adition.com
URL: https://ad1.adfarm1.adition.com/js?wp_id=4745915&gdpr=&gdpr_consent=&kid=6292687&clickurl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DC34q-NW6FZY2NEsHMtOUPjP-i0Abjkoj2dI7XsaqDEtCg1vesARABINPLzjBglYKAgLQHoAH0i5KgAcgBCakC1hwwsmp0sj6oAwHIA5sEqgT6AU_QZRP-x2gJTbAjKWN-zvxBDYMMWADvfiSQS98mVFgCcNbY8St2GpGRxVF7f3g3Psx2tN1CGRXDIHGpuFuqHyme2bgDG27w-xssVYcTvlW7sx98bAEDPPlcXAt8aN9amMmtZv_00Fapr7HKchJaKmetlqiO3dmn5aAoXpRGYnqAdh2_xDbq1qGt3DCAOs54fd-6QjcXcueGcRbPoYrVMWqsMtH5wjeP0wvlyx6hFdUot97ZP4Eo4BPxSE_nVdEE6Up_aXTHNGO0mg4dx02iT-cn_cdNW_KvO_gevljnje-mP04CfBkOJDfP7RzUYwVUUSfphNjwtrGz8dDABPXGr6DIBOAEA4gFpMzL4U2QBgGgBk2AB_Tz7d8CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYXTICqgI6AoBASL39wTpYhMiO5_OigwOACgOYCwHICwGADAGiDCAqHgoc5LSxAu61sQK1uLECrLqxAuS0sQLutbECu7uxAqoNAkRFsBPl1oEW0BMA2BMN2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf_C0c7ouaFTaZqKAaOZqn6PuOQM5q83AU4npRHnrBBh370Y8jBGAE%26sig%3DAOD64_3V9c2FJGEh6iL73y3Cgm7hGMAo9w%26client%3Dca-pub-5884294479391638%26dbm_c%3DAKAmf-CWZJpcIW2qF4B_BqNrJqCNH9YdKZZgAPjyOiMq1jpLWp-r2Y9uPbWHlIGX19HmmHCUkmEe1znMF6cjuMlncH_a-PPQ5MGEZgqINHpOnbe0ntOGPBIhMUaQ6f_9yj2w4QKN_0lqImxgxKS6dNwN6eH3rxEARS23S7k8-WtXQMJnS0qL_J8%26cry%3D1%26dbm_d%3DAKAmf-A9MM8o3YDDOXIF8jvXIWpJTkXjaKqZF4rjA4VUI5KpXPGNneFqEbHT16jQt_zcAtPZAOBQ69NIOoNIPN5FOD7O6PW14NEkOx9ijIchcIgQqo26-g2c8nUyb-38b3VuYi3P_IldJWaD0gCaQYicxib2_D79fnmUucQNpp3Jd949yUlpxEPdhNl5tqfvWLmQHnHEycWt4lZ9E6xuFcpi95yHcNyLO40C707w_GBuCfbkNw3-vtrl3tE-5y2P1dAn4-LG_BqLt0qj30o8Ke5R6kOKmCbX6LAdLnzHUDnWOJSfhV-kUzUCDOF0nXxAE280z50nvLOpLR6HnT8B3pX33O9v78UL3wMS4GVyyF-GSrV5A995jfS7wPleF_Z6dxle6nXEuUIESe6-LkhSOVTQYiiIgVjREkwIjLeEQ6kyo8dqw3cIXBqLG09cfMf0my-tqmR1F7QuEd2qGUWvyzpFPDnac3DJxsqHSd_-R_tBpvruhSeceAMX09NZJF066waqwQH8xOKhEAfkSs7rk8JY-QKSlnDgVPz4ghOzxCR1wjtK2-pmujeyKkgh0R9ap81LmdpOwga0%26adurl%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.79.188.2 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
ad1.adfarm1.adition.com
Software
ADITIONSERVER v1.0 /
Resource Hash
f3cabe65146cdf1ac4847908d22a66ef8e2163c1dbd812d7102ed939ea848287

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 12:08:38 +0100
content-encoding
gzip
server
ADITIONSERVER v1.0
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type
text/javascript
cache-control
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
index.html
imagesrv.adition.com/banners/3618/19094189/ Frame 8F3E 		39 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/3618/19094189/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC34q%2DNW6FZY2NEsHMtOUPjP%2Di0Abjkoj2dI7XsaqDEtCg1vesARABINPLzjBglYKAgLQHoAH0i5KgAcgBCakC1hwwsmp0sj6oAwHIA5sEqgT6AU%5FQZRP%2Dx2gJTbAjKWN%2DzvxBDYMMWADvfiSQS98mVFgCcNbY8St2GpGRxVF7f3g3Psx2tN1CGRXDIHGpuFuqHyme2bgDG27w%2DxssVYcTvlW7sx98bAEDPPlcXAt8aN9amMmtZv%5F00Fapr7HKchJaKmetlqiO3dmn5aAoXpRGYnqAdh2%5FxDbq1qGt3DCAOs54fd%2D6QjcXcueGcRbPoYrVMWqsMtH5wjeP0wvlyx6hFdUot97ZP4Eo4BPxSE%5FnVdEE6Up%5FaXTHNGO0mg4dx02iT%2Dcn%5FcdNW%5FKvO%5Fgevljnje%2DmP04CfBkOJDfP7RzUYwVUUSfphNjwtrGz8dDABPXGr6DIBOAEA4gFpMzL4U2QBgGgBk2AB%5FTz7d8CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiA4YAQEAEYXTICqgI6AoBASL39wTpYhMiO5%5FOigwOACgOYCwHICwGADAGiDCAqHgoc5LSxAu61sQK1uLECrLqxAuS0sQLutbECu7uxAqoNAkRFsBPl1oEW0BMA2BMN2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FC0c7ouaFTaZqKAaOZqn6PuOQM5q83AU4npRHnrBBh370Y8jBGAE%26sig%3DAOD64%5F3V9c2FJGEh6iL73y3Cgm7hGMAo9w%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DCWZJpcIW2qF4B%5FBqNrJqCNH9YdKZZgAPjyOiMq1jpLWp%2Dr2Y9uPbWHlIGX19HmmHCUkmEe1znMF6cjuMlncH%5Fa%2DPPQ5MGEZgqINHpOnbe0ntOGPBIhMUaQ6f%5F9yj2w4QKN%5F0lqImxgxKS6dNwN6eH3rxEARS23S7k8%2DWtXQMJnS0qL%5FJ8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DA9MM8o3YDDOXIF8jvXIWpJTkXjaKqZF4rjA4VUI5KpXPGNneFqEbHT16jQt%5FzcAtPZAOBQ69NIOoNIPN5FOD7O6PW14NEkOx9ijIchcIgQqo26%2Dg2c8nUyb%2D38b3VuYi3P%5FIldJWaD0gCaQYicxib2%5FD79fnmUucQNpp3Jd949yUlpxEPdhNl5tqfvWLmQHnHEycWt4lZ9E6xuFcpi95yHcNyLO40C707w%5FGBuCfbkNw3%2Dvtrl3tE%2D5y2P1dAn4%2DLG%5FBqLt0qj30o8Ke5R6kOKmCbX6LAdLnzHUDnWOJSfhV%2DkUzUCDOF0nXxAE280z50nvLOpLR6HnT8B3pX33O9v78UL3wMS4GVyyF%2DGSrV5A995jfS7wPleF%5FZ6dxle6nXEuUIESe6%2DLkhSOVTQYiiIgVjREkwIjLeEQ6kyo8dqw3cIXBqLG09cfMf0my%2DtqmR1F7QuEd2qGUWvyzpFPDnac3DJxsqHSd%5F%2DR%5FtBpvruhSeceAMX09NZJF066waqwQH8xOKhEAfkSs7rk8JY%2DQKSlnDgVPz4ghOzxCR1wjtK2%2DpmujeyKkgh0R9ap81LmdpOwga0%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7315374343724469259%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315374343692944594%2526sid%253D4745915%2526kid%253D6292687%2526bid%253D19094189%2526c%253D21110%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Requested by
Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/detail/guangzhimeishaonv_di12jigoprincessguangzhimeishaonvriyu-dongtangquan
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
261b798a0deb97b6a88669eca66323e4ca9566fdeae94febf6ab862088119822

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
content-encoding
br
content-length
3976
content-type
text/html
date
Fri, 22 Dec 2023 11:08:38 GMT
etag
"3319167897-br"
last-modified
Wed, 20 Dec 2023 08:30:18 GMT
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E87B 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703243316674&bpp=204&bdt=190&idt=527&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7208&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=839628639&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079980%2C42531706%2C42532362%2C44809004%2C95320868%2C95320885&oid=2&pvsid=2843191572254011&tmod=468978039&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ppk80mik3f0l&fsb=1&dtd=531
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
52124
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Dec 2023 20:39:54 GMT
etag
48472445140208031
expires
Fri, 22 Dec 2023 20:39:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame EEEE 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5fbd85c9c9c9ff7edb84dcbfb3d6722575878d4fd275792bc721a37e257f9d9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame AA7D 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
247679
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Dec 2023 14:20:39 GMT
expires
Wed, 18 Dec 2024 14:20:39 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AditionH5_ClickTags.js
imagesrv.adition.com/js/ Frame 8F3E 		753 B
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/js/AditionH5_ClickTags.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/3618/19094189/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC34q%2DNW6FZY2NEsHMtOUPjP%2Di0Abjkoj2dI7XsaqDEtCg1vesARABINPLzjBglYKAgLQHoAH0i5KgAcgBCakC1hwwsmp0sj6oAwHIA5sEqgT6AU%5FQZRP%2Dx2gJTbAjKWN%2DzvxBDYMMWADvfiSQS98mVFgCcNbY8St2GpGRxVF7f3g3Psx2tN1CGRXDIHGpuFuqHyme2bgDG27w%2DxssVYcTvlW7sx98bAEDPPlcXAt8aN9amMmtZv%5F00Fapr7HKchJaKmetlqiO3dmn5aAoXpRGYnqAdh2%5FxDbq1qGt3DCAOs54fd%2D6QjcXcueGcRbPoYrVMWqsMtH5wjeP0wvlyx6hFdUot97ZP4Eo4BPxSE%5FnVdEE6Up%5FaXTHNGO0mg4dx02iT%2Dcn%5FcdNW%5FKvO%5Fgevljnje%2DmP04CfBkOJDfP7RzUYwVUUSfphNjwtrGz8dDABPXGr6DIBOAEA4gFpMzL4U2QBgGgBk2AB%5FTz7d8CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiA4YAQEAEYXTICqgI6AoBASL39wTpYhMiO5%5FOigwOACgOYCwHICwGADAGiDCAqHgoc5LSxAu61sQK1uLECrLqxAuS0sQLutbECu7uxAqoNAkRFsBPl1oEW0BMA2BMN2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FC0c7ouaFTaZqKAaOZqn6PuOQM5q83AU4npRHnrBBh370Y8jBGAE%26sig%3DAOD64%5F3V9c2FJGEh6iL73y3Cgm7hGMAo9w%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DCWZJpcIW2qF4B%5FBqNrJqCNH9YdKZZgAPjyOiMq1jpLWp%2Dr2Y9uPbWHlIGX19HmmHCUkmEe1znMF6cjuMlncH%5Fa%2DPPQ5MGEZgqINHpOnbe0ntOGPBIhMUaQ6f%5F9yj2w4QKN%5F0lqImxgxKS6dNwN6eH3rxEARS23S7k8%2DWtXQMJnS0qL%5FJ8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DA9MM8o3YDDOXIF8jvXIWpJTkXjaKqZF4rjA4VUI5KpXPGNneFqEbHT16jQt%5FzcAtPZAOBQ69NIOoNIPN5FOD7O6PW14NEkOx9ijIchcIgQqo26%2Dg2c8nUyb%2D38b3VuYi3P%5FIldJWaD0gCaQYicxib2%5FD79fnmUucQNpp3Jd949yUlpxEPdhNl5tqfvWLmQHnHEycWt4lZ9E6xuFcpi95yHcNyLO40C707w%5FGBuCfbkNw3%2Dvtrl3tE%2D5y2P1dAn4%2DLG%5FBqLt0qj30o8Ke5R6kOKmCbX6LAdLnzHUDnWOJSfhV%2DkUzUCDOF0nXxAE280z50nvLOpLR6HnT8B3pX33O9v78UL3wMS4GVyyF%2DGSrV5A995jfS7wPleF%5FZ6dxle6nXEuUIESe6%2DLkhSOVTQYiiIgVjREkwIjLeEQ6kyo8dqw3cIXBqLG09cfMf0my%2DtqmR1F7QuEd2qGUWvyzpFPDnac3DJxsqHSd%5F%2DR%5FtBpvruhSeceAMX09NZJF066waqwQH8xOKhEAfkSs7rk8JY%2DQKSlnDgVPz4ghOzxCR1wjtK2%2DpmujeyKkgh0R9ap81LmdpOwga0%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7315374343724469259%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315374343692944594%2526sid%253D4745915%2526kid%253D6292687%2526bid%253D19094189%2526c%253D21110%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/3618/19094189/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC34q%2DNW6FZY2NEsHMtOUPjP%2Di0Abjkoj2dI7XsaqDEtCg1vesARABINPLzjBglYKAgLQHoAH0i5KgAcgBCakC1hwwsmp0sj6oAwHIA5sEqgT6AU%5FQZRP%2Dx2gJTbAjKWN%2DzvxBDYMMWADvfiSQS98mVFgCcNbY8St2GpGRxVF7f3g3Psx2tN1CGRXDIHGpuFuqHyme2bgDG27w%2DxssVYcTvlW7sx98bAEDPPlcXAt8aN9amMmtZv%5F00Fapr7HKchJaKmetlqiO3dmn5aAoXpRGYnqAdh2%5FxDbq1qGt3DCAOs54fd%2D6QjcXcueGcRbPoYrVMWqsMtH5wjeP0wvlyx6hFdUot97ZP4Eo4BPxSE%5FnVdEE6Up%5FaXTHNGO0mg4dx02iT%2Dcn%5FcdNW%5FKvO%5Fgevljnje%2DmP04CfBkOJDfP7RzUYwVUUSfphNjwtrGz8dDABPXGr6DIBOAEA4gFpMzL4U2QBgGgBk2AB%5FTz7d8CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiA4YAQEAEYXTICqgI6AoBASL39wTpYhMiO5%5FOigwOACgOYCwHICwGADAGiDCAqHgoc5LSxAu61sQK1uLECrLqxAuS0sQLutbECu7uxAqoNAkRFsBPl1oEW0BMA2BMN2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FC0c7ouaFTaZqKAaOZqn6PuOQM5q83AU4npRHnrBBh370Y8jBGAE%26sig%3DAOD64%5F3V9c2FJGEh6iL73y3Cgm7hGMAo9w%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DCWZJpcIW2qF4B%5FBqNrJqCNH9YdKZZgAPjyOiMq1jpLWp%2Dr2Y9uPbWHlIGX19HmmHCUkmEe1znMF6cjuMlncH%5Fa%2DPPQ5MGEZgqINHpOnbe0ntOGPBIhMUaQ6f%5F9yj2w4QKN%5F0lqImxgxKS6dNwN6eH3rxEARS23S7k8%2DWtXQMJnS0qL%5FJ8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DA9MM8o3YDDOXIF8jvXIWpJTkXjaKqZF4rjA4VUI5KpXPGNneFqEbHT16jQt%5FzcAtPZAOBQ69NIOoNIPN5FOD7O6PW14NEkOx9ijIchcIgQqo26%2Dg2c8nUyb%2D38b3VuYi3P%5FIldJWaD0gCaQYicxib2%5FD79fnmUucQNpp3Jd949yUlpxEPdhNl5tqfvWLmQHnHEycWt4lZ9E6xuFcpi95yHcNyLO40C707w%5FGBuCfbkNw3%2Dvtrl3tE%2D5y2P1dAn4%2DLG%5FBqLt0qj30o8Ke5R6kOKmCbX6LAdLnzHUDnWOJSfhV%2DkUzUCDOF0nXxAE280z50nvLOpLR6HnT8B3pX33O9v78UL3wMS4GVyyF%2DGSrV5A995jfS7wPleF%5FZ6dxle6nXEuUIESe6%2DLkhSOVTQYiiIgVjREkwIjLeEQ6kyo8dqw3cIXBqLG09cfMf0my%2DtqmR1F7QuEd2qGUWvyzpFPDnac3DJxsqHSd%5F%2DR%5FtBpvruhSeceAMX09NZJF066waqwQH8xOKhEAfkSs7rk8JY%2DQKSlnDgVPz4ghOzxCR1wjtK2%2DpmujeyKkgh0R9ap81LmdpOwga0%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7315374343724469259%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315374343692944594%2526sid%253D4745915%2526kid%253D6292687%2526bid%253D19094189%2526c%253D21110%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:38 GMT
content-encoding
br
last-modified
Wed, 22 Nov 2023 10:01:14 GMT
etag
"597418985-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
330
7b21c690b6a9095a77348874fd18a51b.js
imagesrv.adition.com/banners/3618/19094189/ Frame 8F3E 		60 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imagesrv.adition.com/banners/3618/19094189/7b21c690b6a9095a77348874fd18a51b.js
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/3618/19094189/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC34q%2DNW6FZY2NEsHMtOUPjP%2Di0Abjkoj2dI7XsaqDEtCg1vesARABINPLzjBglYKAgLQHoAH0i5KgAcgBCakC1hwwsmp0sj6oAwHIA5sEqgT6AU%5FQZRP%2Dx2gJTbAjKWN%2DzvxBDYMMWADvfiSQS98mVFgCcNbY8St2GpGRxVF7f3g3Psx2tN1CGRXDIHGpuFuqHyme2bgDG27w%2DxssVYcTvlW7sx98bAEDPPlcXAt8aN9amMmtZv%5F00Fapr7HKchJaKmetlqiO3dmn5aAoXpRGYnqAdh2%5FxDbq1qGt3DCAOs54fd%2D6QjcXcueGcRbPoYrVMWqsMtH5wjeP0wvlyx6hFdUot97ZP4Eo4BPxSE%5FnVdEE6Up%5FaXTHNGO0mg4dx02iT%2Dcn%5FcdNW%5FKvO%5Fgevljnje%2DmP04CfBkOJDfP7RzUYwVUUSfphNjwtrGz8dDABPXGr6DIBOAEA4gFpMzL4U2QBgGgBk2AB%5FTz7d8CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiA4YAQEAEYXTICqgI6AoBASL39wTpYhMiO5%5FOigwOACgOYCwHICwGADAGiDCAqHgoc5LSxAu61sQK1uLECrLqxAuS0sQLutbECu7uxAqoNAkRFsBPl1oEW0BMA2BMN2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FC0c7ouaFTaZqKAaOZqn6PuOQM5q83AU4npRHnrBBh370Y8jBGAE%26sig%3DAOD64%5F3V9c2FJGEh6iL73y3Cgm7hGMAo9w%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DCWZJpcIW2qF4B%5FBqNrJqCNH9YdKZZgAPjyOiMq1jpLWp%2Dr2Y9uPbWHlIGX19HmmHCUkmEe1znMF6cjuMlncH%5Fa%2DPPQ5MGEZgqINHpOnbe0ntOGPBIhMUaQ6f%5F9yj2w4QKN%5F0lqImxgxKS6dNwN6eH3rxEARS23S7k8%2DWtXQMJnS0qL%5FJ8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DA9MM8o3YDDOXIF8jvXIWpJTkXjaKqZF4rjA4VUI5KpXPGNneFqEbHT16jQt%5FzcAtPZAOBQ69NIOoNIPN5FOD7O6PW14NEkOx9ijIchcIgQqo26%2Dg2c8nUyb%2D38b3VuYi3P%5FIldJWaD0gCaQYicxib2%5FD79fnmUucQNpp3Jd949yUlpxEPdhNl5tqfvWLmQHnHEycWt4lZ9E6xuFcpi95yHcNyLO40C707w%5FGBuCfbkNw3%2Dvtrl3tE%2D5y2P1dAn4%2DLG%5FBqLt0qj30o8Ke5R6kOKmCbX6LAdLnzHUDnWOJSfhV%2DkUzUCDOF0nXxAE280z50nvLOpLR6HnT8B3pX33O9v78UL3wMS4GVyyF%2DGSrV5A995jfS7wPleF%5FZ6dxle6nXEuUIESe6%2DLkhSOVTQYiiIgVjREkwIjLeEQ6kyo8dqw3cIXBqLG09cfMf0my%2DtqmR1F7QuEd2qGUWvyzpFPDnac3DJxsqHSd%5F%2DR%5FtBpvruhSeceAMX09NZJF066waqwQH8xOKhEAfkSs7rk8JY%2DQKSlnDgVPz4ghOzxCR1wjtK2%2DpmujeyKkgh0R9ap81LmdpOwga0%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7315374343724469259%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315374343692944594%2526sid%253D4745915%2526kid%253D6292687%2526bid%253D19094189%2526c%253D21110%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
f988c2da4f2109029d1265f2468e55b8f926a4095700ea8a2a9ac20b67396528

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/3618/19094189/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC34q%2DNW6FZY2NEsHMtOUPjP%2Di0Abjkoj2dI7XsaqDEtCg1vesARABINPLzjBglYKAgLQHoAH0i5KgAcgBCakC1hwwsmp0sj6oAwHIA5sEqgT6AU%5FQZRP%2Dx2gJTbAjKWN%2DzvxBDYMMWADvfiSQS98mVFgCcNbY8St2GpGRxVF7f3g3Psx2tN1CGRXDIHGpuFuqHyme2bgDG27w%2DxssVYcTvlW7sx98bAEDPPlcXAt8aN9amMmtZv%5F00Fapr7HKchJaKmetlqiO3dmn5aAoXpRGYnqAdh2%5FxDbq1qGt3DCAOs54fd%2D6QjcXcueGcRbPoYrVMWqsMtH5wjeP0wvlyx6hFdUot97ZP4Eo4BPxSE%5FnVdEE6Up%5FaXTHNGO0mg4dx02iT%2Dcn%5FcdNW%5FKvO%5Fgevljnje%2DmP04CfBkOJDfP7RzUYwVUUSfphNjwtrGz8dDABPXGr6DIBOAEA4gFpMzL4U2QBgGgBk2AB%5FTz7d8CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiA4YAQEAEYXTICqgI6AoBASL39wTpYhMiO5%5FOigwOACgOYCwHICwGADAGiDCAqHgoc5LSxAu61sQK1uLECrLqxAuS0sQLutbECu7uxAqoNAkRFsBPl1oEW0BMA2BMN2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FC0c7ouaFTaZqKAaOZqn6PuOQM5q83AU4npRHnrBBh370Y8jBGAE%26sig%3DAOD64%5F3V9c2FJGEh6iL73y3Cgm7hGMAo9w%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DCWZJpcIW2qF4B%5FBqNrJqCNH9YdKZZgAPjyOiMq1jpLWp%2Dr2Y9uPbWHlIGX19HmmHCUkmEe1znMF6cjuMlncH%5Fa%2DPPQ5MGEZgqINHpOnbe0ntOGPBIhMUaQ6f%5F9yj2w4QKN%5F0lqImxgxKS6dNwN6eH3rxEARS23S7k8%2DWtXQMJnS0qL%5FJ8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DA9MM8o3YDDOXIF8jvXIWpJTkXjaKqZF4rjA4VUI5KpXPGNneFqEbHT16jQt%5FzcAtPZAOBQ69NIOoNIPN5FOD7O6PW14NEkOx9ijIchcIgQqo26%2Dg2c8nUyb%2D38b3VuYi3P%5FIldJWaD0gCaQYicxib2%5FD79fnmUucQNpp3Jd949yUlpxEPdhNl5tqfvWLmQHnHEycWt4lZ9E6xuFcpi95yHcNyLO40C707w%5FGBuCfbkNw3%2Dvtrl3tE%2D5y2P1dAn4%2DLG%5FBqLt0qj30o8Ke5R6kOKmCbX6LAdLnzHUDnWOJSfhV%2DkUzUCDOF0nXxAE280z50nvLOpLR6HnT8B3pX33O9v78UL3wMS4GVyyF%2DGSrV5A995jfS7wPleF%5FZ6dxle6nXEuUIESe6%2DLkhSOVTQYiiIgVjREkwIjLeEQ6kyo8dqw3cIXBqLG09cfMf0my%2DtqmR1F7QuEd2qGUWvyzpFPDnac3DJxsqHSd%5F%2DR%5FtBpvruhSeceAMX09NZJF066waqwQH8xOKhEAfkSs7rk8JY%2DQKSlnDgVPz4ghOzxCR1wjtK2%2DpmujeyKkgh0R9ap81LmdpOwga0%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7315374343724469259%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315374343692944594%2526sid%253D4745915%2526kid%253D6292687%2526bid%253D19094189%2526c%253D21110%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:38 GMT
content-encoding
br
last-modified
Tue, 19 Dec 2023 16:46:17 GMT
etag
"3070408724-br"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
15716
dpixel
cms.quantserve.com/ Frame E87B 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDL7a37BJwR44kpeiInt_SI&google_cver=1&google_push=AXcoOmTKx97wysFPtoTpByA0HSl2YJ4gAYmfsjYj7lkaCO9gTUlHFNvL_eZ2M4tQrNTyjYT9dFQxEnAhWTRJgzrKvCNmvfL2Z1i_7cPc26rl0Ss5dpVAJtBA67k0rtXaE6RaAuA0sYEL2YNfwQquKf9xEeE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703243316674&bpp=204&bdt=190&idt=527&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7208&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=839628639&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079980%2C42531706%2C42532362%2C44809004%2C95320868%2C95320885&oid=2&pvsid=2843191572254011&tmod=468978039&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ppk80mik3f0l&fsb=1&dtd=531
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:08:38 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E87B
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEKTg5RICtG3ggeVhtir4BNU&google_cver=1&google_push=AXcoOmTZ_2yxgeKP2J98UWprM3-i_a0hkjF1xAhunpWH9Yu46L481D0ICxkiDVrCUsOhadr7lfqoy0pPIgOTYOcRKb3Xiyb4SGsHf8...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B78F9AFB69A9442280BDD00F76A82436&google_push=AXcoOmTZ_2yxgeKP2J98UWprM3-i_a0hkjF1xAhunpWH9Yu46L481D0ICxkiDVrCUsOhadr7lfqoy0pPIgOTYOc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B78F9AFB69A9442280BDD00F76A82436&google_push=AXcoOmTZ_2yxgeKP2J98UWprM3-i_a0hkjF1xAhunpWH9Yu46L481D0ICxkiDVrCUsOhadr7lfqoy0pPIgOTYOcRKb3Xiyb4SGsHf8CAMCUcyAEU0BeRV5Lxi3BbK03PE4SZFpDkuhrnfHW9bNnfGTdZG0Iv
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703243316674&bpp=204&bdt=190&idt=527&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7208&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=839628639&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079980%2C42531706%2C42532362%2C44809004%2C95320868%2C95320885&oid=2&pvsid=2843191572254011&tmod=468978039&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ppk80mik3f0l&fsb=1&dtd=531
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:08:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 22 Dec 2023 11:08:38 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B78F9AFB69A9442280BDD00F76A82436&google_push=AXcoOmTZ_2yxgeKP2J98UWprM3-i_a0hkjF1xAhunpWH9Yu46L481D0ICxkiDVrCUsOhadr7lfqoy0pPIgOTYOcRKb3Xiyb4SGsHf8CAMCUcyAEU0BeRV5Lxi3BbK03PE4SZFpDkuhrnfHW9bNnfGTdZG0Iv
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 21 Dec 2023 11:08:38 GMT
usersync.aspx
dis.criteo.com/dis/ Frame E87B 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQ9khCqs5m-GB7eUG3bjtE3MVyPwnr3pcz0zfxdwqdRV2BR5vFCvMiwCz7O9kNJyPT4n7YLPOkmA7od17XzVTOqddEZbKTMzouRIhHJ9esJj2aadibSBgaPbIWyPmeYiQs_XR6Qmhj74j0dr15Gj8Y&google_gid=CAESECnej0DpZi720Qt2y9B0EWw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703243316674&bpp=204&bdt=190&idt=527&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7208&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=839628639&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079980%2C42531706%2C42532362%2C44809004%2C95320868%2C95320885&oid=2&pvsid=2843191572254011&tmod=468978039&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ppk80mik3f0l&fsb=1&dtd=531
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:08:37 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
248235
expires
Fri, 22 Dec 2023 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame E87B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KUFjKo7vkKrZ2-7rRN3c-l1hd_bc4l5-bKN4DwWa4Oiw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046728&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703243316674&bpp=204&bdt=190&idt=527&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=7208&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=0&ifk=839628639&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079980%2C42531706%2C42532362%2C44809004%2C95320868%2C95320885&oid=2&pvsid=2843191572254011&tmod=468978039&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C0&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.ppk80mik3f0l&fsb=1&dtd=531
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
047148a6d45f8e5224b2bcb2c5fcfe6b.png
imagesrv.adition.com/banners/3618/19094189/media/ Frame 8F3E 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/3618/19094189/media/047148a6d45f8e5224b2bcb2c5fcfe6b.png
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/3618/19094189/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC34q%2DNW6FZY2NEsHMtOUPjP%2Di0Abjkoj2dI7XsaqDEtCg1vesARABINPLzjBglYKAgLQHoAH0i5KgAcgBCakC1hwwsmp0sj6oAwHIA5sEqgT6AU%5FQZRP%2Dx2gJTbAjKWN%2DzvxBDYMMWADvfiSQS98mVFgCcNbY8St2GpGRxVF7f3g3Psx2tN1CGRXDIHGpuFuqHyme2bgDG27w%2DxssVYcTvlW7sx98bAEDPPlcXAt8aN9amMmtZv%5F00Fapr7HKchJaKmetlqiO3dmn5aAoXpRGYnqAdh2%5FxDbq1qGt3DCAOs54fd%2D6QjcXcueGcRbPoYrVMWqsMtH5wjeP0wvlyx6hFdUot97ZP4Eo4BPxSE%5FnVdEE6Up%5FaXTHNGO0mg4dx02iT%2Dcn%5FcdNW%5FKvO%5Fgevljnje%2DmP04CfBkOJDfP7RzUYwVUUSfphNjwtrGz8dDABPXGr6DIBOAEA4gFpMzL4U2QBgGgBk2AB%5FTz7d8CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiA4YAQEAEYXTICqgI6AoBASL39wTpYhMiO5%5FOigwOACgOYCwHICwGADAGiDCAqHgoc5LSxAu61sQK1uLECrLqxAuS0sQLutbECu7uxAqoNAkRFsBPl1oEW0BMA2BMN2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FC0c7ouaFTaZqKAaOZqn6PuOQM5q83AU4npRHnrBBh370Y8jBGAE%26sig%3DAOD64%5F3V9c2FJGEh6iL73y3Cgm7hGMAo9w%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DCWZJpcIW2qF4B%5FBqNrJqCNH9YdKZZgAPjyOiMq1jpLWp%2Dr2Y9uPbWHlIGX19HmmHCUkmEe1znMF6cjuMlncH%5Fa%2DPPQ5MGEZgqINHpOnbe0ntOGPBIhMUaQ6f%5F9yj2w4QKN%5F0lqImxgxKS6dNwN6eH3rxEARS23S7k8%2DWtXQMJnS0qL%5FJ8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DA9MM8o3YDDOXIF8jvXIWpJTkXjaKqZF4rjA4VUI5KpXPGNneFqEbHT16jQt%5FzcAtPZAOBQ69NIOoNIPN5FOD7O6PW14NEkOx9ijIchcIgQqo26%2Dg2c8nUyb%2D38b3VuYi3P%5FIldJWaD0gCaQYicxib2%5FD79fnmUucQNpp3Jd949yUlpxEPdhNl5tqfvWLmQHnHEycWt4lZ9E6xuFcpi95yHcNyLO40C707w%5FGBuCfbkNw3%2Dvtrl3tE%2D5y2P1dAn4%2DLG%5FBqLt0qj30o8Ke5R6kOKmCbX6LAdLnzHUDnWOJSfhV%2DkUzUCDOF0nXxAE280z50nvLOpLR6HnT8B3pX33O9v78UL3wMS4GVyyF%2DGSrV5A995jfS7wPleF%5FZ6dxle6nXEuUIESe6%2DLkhSOVTQYiiIgVjREkwIjLeEQ6kyo8dqw3cIXBqLG09cfMf0my%2DtqmR1F7QuEd2qGUWvyzpFPDnac3DJxsqHSd%5F%2DR%5FtBpvruhSeceAMX09NZJF066waqwQH8xOKhEAfkSs7rk8JY%2DQKSlnDgVPz4ghOzxCR1wjtK2%2DpmujeyKkgh0R9ap81LmdpOwga0%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7315374343724469259%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315374343692944594%2526sid%253D4745915%2526kid%253D6292687%2526bid%253D19094189%2526c%253D21110%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
d62865bdb3303a0067669d76aa4d3a0edbc3ae79008cf2b8d15e2f203457e3c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/3618/19094189/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC34q%2DNW6FZY2NEsHMtOUPjP%2Di0Abjkoj2dI7XsaqDEtCg1vesARABINPLzjBglYKAgLQHoAH0i5KgAcgBCakC1hwwsmp0sj6oAwHIA5sEqgT6AU%5FQZRP%2Dx2gJTbAjKWN%2DzvxBDYMMWADvfiSQS98mVFgCcNbY8St2GpGRxVF7f3g3Psx2tN1CGRXDIHGpuFuqHyme2bgDG27w%2DxssVYcTvlW7sx98bAEDPPlcXAt8aN9amMmtZv%5F00Fapr7HKchJaKmetlqiO3dmn5aAoXpRGYnqAdh2%5FxDbq1qGt3DCAOs54fd%2D6QjcXcueGcRbPoYrVMWqsMtH5wjeP0wvlyx6hFdUot97ZP4Eo4BPxSE%5FnVdEE6Up%5FaXTHNGO0mg4dx02iT%2Dcn%5FcdNW%5FKvO%5Fgevljnje%2DmP04CfBkOJDfP7RzUYwVUUSfphNjwtrGz8dDABPXGr6DIBOAEA4gFpMzL4U2QBgGgBk2AB%5FTz7d8CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiA4YAQEAEYXTICqgI6AoBASL39wTpYhMiO5%5FOigwOACgOYCwHICwGADAGiDCAqHgoc5LSxAu61sQK1uLECrLqxAuS0sQLutbECu7uxAqoNAkRFsBPl1oEW0BMA2BMN2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FC0c7ouaFTaZqKAaOZqn6PuOQM5q83AU4npRHnrBBh370Y8jBGAE%26sig%3DAOD64%5F3V9c2FJGEh6iL73y3Cgm7hGMAo9w%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DCWZJpcIW2qF4B%5FBqNrJqCNH9YdKZZgAPjyOiMq1jpLWp%2Dr2Y9uPbWHlIGX19HmmHCUkmEe1znMF6cjuMlncH%5Fa%2DPPQ5MGEZgqINHpOnbe0ntOGPBIhMUaQ6f%5F9yj2w4QKN%5F0lqImxgxKS6dNwN6eH3rxEARS23S7k8%2DWtXQMJnS0qL%5FJ8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DA9MM8o3YDDOXIF8jvXIWpJTkXjaKqZF4rjA4VUI5KpXPGNneFqEbHT16jQt%5FzcAtPZAOBQ69NIOoNIPN5FOD7O6PW14NEkOx9ijIchcIgQqo26%2Dg2c8nUyb%2D38b3VuYi3P%5FIldJWaD0gCaQYicxib2%5FD79fnmUucQNpp3Jd949yUlpxEPdhNl5tqfvWLmQHnHEycWt4lZ9E6xuFcpi95yHcNyLO40C707w%5FGBuCfbkNw3%2Dvtrl3tE%2D5y2P1dAn4%2DLG%5FBqLt0qj30o8Ke5R6kOKmCbX6LAdLnzHUDnWOJSfhV%2DkUzUCDOF0nXxAE280z50nvLOpLR6HnT8B3pX33O9v78UL3wMS4GVyyF%2DGSrV5A995jfS7wPleF%5FZ6dxle6nXEuUIESe6%2DLkhSOVTQYiiIgVjREkwIjLeEQ6kyo8dqw3cIXBqLG09cfMf0my%2DtqmR1F7QuEd2qGUWvyzpFPDnac3DJxsqHSd%5F%2DR%5FtBpvruhSeceAMX09NZJF066waqwQH8xOKhEAfkSs7rk8JY%2DQKSlnDgVPz4ghOzxCR1wjtK2%2DpmujeyKkgh0R9ap81LmdpOwga0%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7315374343724469259%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315374343692944594%2526sid%253D4745915%2526kid%253D6292687%2526bid%253D19094189%2526c%253D21110%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 22 Dec 2023 11:08:38 GMT
last-modified
Tue, 19 Dec 2023 16:52:08 GMT
accept-ranges
bytes
etag
"939390421"
content-length
4189
content-type
image/png
95e657037c7b79c807c24025a70bf116.png
imagesrv.adition.com/banners/3618/19094189/media/ Frame 8F3E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/3618/19094189/media/95e657037c7b79c807c24025a70bf116.png
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/3618/19094189/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC34q%2DNW6FZY2NEsHMtOUPjP%2Di0Abjkoj2dI7XsaqDEtCg1vesARABINPLzjBglYKAgLQHoAH0i5KgAcgBCakC1hwwsmp0sj6oAwHIA5sEqgT6AU%5FQZRP%2Dx2gJTbAjKWN%2DzvxBDYMMWADvfiSQS98mVFgCcNbY8St2GpGRxVF7f3g3Psx2tN1CGRXDIHGpuFuqHyme2bgDG27w%2DxssVYcTvlW7sx98bAEDPPlcXAt8aN9amMmtZv%5F00Fapr7HKchJaKmetlqiO3dmn5aAoXpRGYnqAdh2%5FxDbq1qGt3DCAOs54fd%2D6QjcXcueGcRbPoYrVMWqsMtH5wjeP0wvlyx6hFdUot97ZP4Eo4BPxSE%5FnVdEE6Up%5FaXTHNGO0mg4dx02iT%2Dcn%5FcdNW%5FKvO%5Fgevljnje%2DmP04CfBkOJDfP7RzUYwVUUSfphNjwtrGz8dDABPXGr6DIBOAEA4gFpMzL4U2QBgGgBk2AB%5FTz7d8CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiA4YAQEAEYXTICqgI6AoBASL39wTpYhMiO5%5FOigwOACgOYCwHICwGADAGiDCAqHgoc5LSxAu61sQK1uLECrLqxAuS0sQLutbECu7uxAqoNAkRFsBPl1oEW0BMA2BMN2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FC0c7ouaFTaZqKAaOZqn6PuOQM5q83AU4npRHnrBBh370Y8jBGAE%26sig%3DAOD64%5F3V9c2FJGEh6iL73y3Cgm7hGMAo9w%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DCWZJpcIW2qF4B%5FBqNrJqCNH9YdKZZgAPjyOiMq1jpLWp%2Dr2Y9uPbWHlIGX19HmmHCUkmEe1znMF6cjuMlncH%5Fa%2DPPQ5MGEZgqINHpOnbe0ntOGPBIhMUaQ6f%5F9yj2w4QKN%5F0lqImxgxKS6dNwN6eH3rxEARS23S7k8%2DWtXQMJnS0qL%5FJ8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DA9MM8o3YDDOXIF8jvXIWpJTkXjaKqZF4rjA4VUI5KpXPGNneFqEbHT16jQt%5FzcAtPZAOBQ69NIOoNIPN5FOD7O6PW14NEkOx9ijIchcIgQqo26%2Dg2c8nUyb%2D38b3VuYi3P%5FIldJWaD0gCaQYicxib2%5FD79fnmUucQNpp3Jd949yUlpxEPdhNl5tqfvWLmQHnHEycWt4lZ9E6xuFcpi95yHcNyLO40C707w%5FGBuCfbkNw3%2Dvtrl3tE%2D5y2P1dAn4%2DLG%5FBqLt0qj30o8Ke5R6kOKmCbX6LAdLnzHUDnWOJSfhV%2DkUzUCDOF0nXxAE280z50nvLOpLR6HnT8B3pX33O9v78UL3wMS4GVyyF%2DGSrV5A995jfS7wPleF%5FZ6dxle6nXEuUIESe6%2DLkhSOVTQYiiIgVjREkwIjLeEQ6kyo8dqw3cIXBqLG09cfMf0my%2DtqmR1F7QuEd2qGUWvyzpFPDnac3DJxsqHSd%5F%2DR%5FtBpvruhSeceAMX09NZJF066waqwQH8xOKhEAfkSs7rk8JY%2DQKSlnDgVPz4ghOzxCR1wjtK2%2DpmujeyKkgh0R9ap81LmdpOwga0%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7315374343724469259%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315374343692944594%2526sid%253D4745915%2526kid%253D6292687%2526bid%253D19094189%2526c%253D21110%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
753ca84bd70fb1e841da1be2b4b7de6b807278bb6b4527f36eba859c3af420b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/3618/19094189/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC34q%2DNW6FZY2NEsHMtOUPjP%2Di0Abjkoj2dI7XsaqDEtCg1vesARABINPLzjBglYKAgLQHoAH0i5KgAcgBCakC1hwwsmp0sj6oAwHIA5sEqgT6AU%5FQZRP%2Dx2gJTbAjKWN%2DzvxBDYMMWADvfiSQS98mVFgCcNbY8St2GpGRxVF7f3g3Psx2tN1CGRXDIHGpuFuqHyme2bgDG27w%2DxssVYcTvlW7sx98bAEDPPlcXAt8aN9amMmtZv%5F00Fapr7HKchJaKmetlqiO3dmn5aAoXpRGYnqAdh2%5FxDbq1qGt3DCAOs54fd%2D6QjcXcueGcRbPoYrVMWqsMtH5wjeP0wvlyx6hFdUot97ZP4Eo4BPxSE%5FnVdEE6Up%5FaXTHNGO0mg4dx02iT%2Dcn%5FcdNW%5FKvO%5Fgevljnje%2DmP04CfBkOJDfP7RzUYwVUUSfphNjwtrGz8dDABPXGr6DIBOAEA4gFpMzL4U2QBgGgBk2AB%5FTz7d8CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiA4YAQEAEYXTICqgI6AoBASL39wTpYhMiO5%5FOigwOACgOYCwHICwGADAGiDCAqHgoc5LSxAu61sQK1uLECrLqxAuS0sQLutbECu7uxAqoNAkRFsBPl1oEW0BMA2BMN2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FC0c7ouaFTaZqKAaOZqn6PuOQM5q83AU4npRHnrBBh370Y8jBGAE%26sig%3DAOD64%5F3V9c2FJGEh6iL73y3Cgm7hGMAo9w%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DCWZJpcIW2qF4B%5FBqNrJqCNH9YdKZZgAPjyOiMq1jpLWp%2Dr2Y9uPbWHlIGX19HmmHCUkmEe1znMF6cjuMlncH%5Fa%2DPPQ5MGEZgqINHpOnbe0ntOGPBIhMUaQ6f%5F9yj2w4QKN%5F0lqImxgxKS6dNwN6eH3rxEARS23S7k8%2DWtXQMJnS0qL%5FJ8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DA9MM8o3YDDOXIF8jvXIWpJTkXjaKqZF4rjA4VUI5KpXPGNneFqEbHT16jQt%5FzcAtPZAOBQ69NIOoNIPN5FOD7O6PW14NEkOx9ijIchcIgQqo26%2Dg2c8nUyb%2D38b3VuYi3P%5FIldJWaD0gCaQYicxib2%5FD79fnmUucQNpp3Jd949yUlpxEPdhNl5tqfvWLmQHnHEycWt4lZ9E6xuFcpi95yHcNyLO40C707w%5FGBuCfbkNw3%2Dvtrl3tE%2D5y2P1dAn4%2DLG%5FBqLt0qj30o8Ke5R6kOKmCbX6LAdLnzHUDnWOJSfhV%2DkUzUCDOF0nXxAE280z50nvLOpLR6HnT8B3pX33O9v78UL3wMS4GVyyF%2DGSrV5A995jfS7wPleF%5FZ6dxle6nXEuUIESe6%2DLkhSOVTQYiiIgVjREkwIjLeEQ6kyo8dqw3cIXBqLG09cfMf0my%2DtqmR1F7QuEd2qGUWvyzpFPDnac3DJxsqHSd%5F%2DR%5FtBpvruhSeceAMX09NZJF066waqwQH8xOKhEAfkSs7rk8JY%2DQKSlnDgVPz4ghOzxCR1wjtK2%2DpmujeyKkgh0R9ap81LmdpOwga0%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7315374343724469259%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315374343692944594%2526sid%253D4745915%2526kid%253D6292687%2526bid%253D19094189%2526c%253D21110%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 22 Dec 2023 11:08:38 GMT
last-modified
Tue, 19 Dec 2023 16:52:08 GMT
accept-ranges
bytes
etag
"1666707622"
content-length
6176
content-type
image/png
a21e5b19a8659b84cddf576778861211.png
imagesrv.adition.com/banners/3618/19094189/media/ Frame 8F3E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/3618/19094189/media/a21e5b19a8659b84cddf576778861211.png
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/3618/19094189/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC34q%2DNW6FZY2NEsHMtOUPjP%2Di0Abjkoj2dI7XsaqDEtCg1vesARABINPLzjBglYKAgLQHoAH0i5KgAcgBCakC1hwwsmp0sj6oAwHIA5sEqgT6AU%5FQZRP%2Dx2gJTbAjKWN%2DzvxBDYMMWADvfiSQS98mVFgCcNbY8St2GpGRxVF7f3g3Psx2tN1CGRXDIHGpuFuqHyme2bgDG27w%2DxssVYcTvlW7sx98bAEDPPlcXAt8aN9amMmtZv%5F00Fapr7HKchJaKmetlqiO3dmn5aAoXpRGYnqAdh2%5FxDbq1qGt3DCAOs54fd%2D6QjcXcueGcRbPoYrVMWqsMtH5wjeP0wvlyx6hFdUot97ZP4Eo4BPxSE%5FnVdEE6Up%5FaXTHNGO0mg4dx02iT%2Dcn%5FcdNW%5FKvO%5Fgevljnje%2DmP04CfBkOJDfP7RzUYwVUUSfphNjwtrGz8dDABPXGr6DIBOAEA4gFpMzL4U2QBgGgBk2AB%5FTz7d8CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiA4YAQEAEYXTICqgI6AoBASL39wTpYhMiO5%5FOigwOACgOYCwHICwGADAGiDCAqHgoc5LSxAu61sQK1uLECrLqxAuS0sQLutbECu7uxAqoNAkRFsBPl1oEW0BMA2BMN2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FC0c7ouaFTaZqKAaOZqn6PuOQM5q83AU4npRHnrBBh370Y8jBGAE%26sig%3DAOD64%5F3V9c2FJGEh6iL73y3Cgm7hGMAo9w%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DCWZJpcIW2qF4B%5FBqNrJqCNH9YdKZZgAPjyOiMq1jpLWp%2Dr2Y9uPbWHlIGX19HmmHCUkmEe1znMF6cjuMlncH%5Fa%2DPPQ5MGEZgqINHpOnbe0ntOGPBIhMUaQ6f%5F9yj2w4QKN%5F0lqImxgxKS6dNwN6eH3rxEARS23S7k8%2DWtXQMJnS0qL%5FJ8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DA9MM8o3YDDOXIF8jvXIWpJTkXjaKqZF4rjA4VUI5KpXPGNneFqEbHT16jQt%5FzcAtPZAOBQ69NIOoNIPN5FOD7O6PW14NEkOx9ijIchcIgQqo26%2Dg2c8nUyb%2D38b3VuYi3P%5FIldJWaD0gCaQYicxib2%5FD79fnmUucQNpp3Jd949yUlpxEPdhNl5tqfvWLmQHnHEycWt4lZ9E6xuFcpi95yHcNyLO40C707w%5FGBuCfbkNw3%2Dvtrl3tE%2D5y2P1dAn4%2DLG%5FBqLt0qj30o8Ke5R6kOKmCbX6LAdLnzHUDnWOJSfhV%2DkUzUCDOF0nXxAE280z50nvLOpLR6HnT8B3pX33O9v78UL3wMS4GVyyF%2DGSrV5A995jfS7wPleF%5FZ6dxle6nXEuUIESe6%2DLkhSOVTQYiiIgVjREkwIjLeEQ6kyo8dqw3cIXBqLG09cfMf0my%2DtqmR1F7QuEd2qGUWvyzpFPDnac3DJxsqHSd%5F%2DR%5FtBpvruhSeceAMX09NZJF066waqwQH8xOKhEAfkSs7rk8JY%2DQKSlnDgVPz4ghOzxCR1wjtK2%2DpmujeyKkgh0R9ap81LmdpOwga0%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7315374343724469259%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315374343692944594%2526sid%253D4745915%2526kid%253D6292687%2526bid%253D19094189%2526c%253D21110%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
2c9c549b36b2d2d1698810a28e3e89c1b033bb3ed057886e7b4d26d4c6d76056

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/3618/19094189/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC34q%2DNW6FZY2NEsHMtOUPjP%2Di0Abjkoj2dI7XsaqDEtCg1vesARABINPLzjBglYKAgLQHoAH0i5KgAcgBCakC1hwwsmp0sj6oAwHIA5sEqgT6AU%5FQZRP%2Dx2gJTbAjKWN%2DzvxBDYMMWADvfiSQS98mVFgCcNbY8St2GpGRxVF7f3g3Psx2tN1CGRXDIHGpuFuqHyme2bgDG27w%2DxssVYcTvlW7sx98bAEDPPlcXAt8aN9amMmtZv%5F00Fapr7HKchJaKmetlqiO3dmn5aAoXpRGYnqAdh2%5FxDbq1qGt3DCAOs54fd%2D6QjcXcueGcRbPoYrVMWqsMtH5wjeP0wvlyx6hFdUot97ZP4Eo4BPxSE%5FnVdEE6Up%5FaXTHNGO0mg4dx02iT%2Dcn%5FcdNW%5FKvO%5Fgevljnje%2DmP04CfBkOJDfP7RzUYwVUUSfphNjwtrGz8dDABPXGr6DIBOAEA4gFpMzL4U2QBgGgBk2AB%5FTz7d8CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiA4YAQEAEYXTICqgI6AoBASL39wTpYhMiO5%5FOigwOACgOYCwHICwGADAGiDCAqHgoc5LSxAu61sQK1uLECrLqxAuS0sQLutbECu7uxAqoNAkRFsBPl1oEW0BMA2BMN2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FC0c7ouaFTaZqKAaOZqn6PuOQM5q83AU4npRHnrBBh370Y8jBGAE%26sig%3DAOD64%5F3V9c2FJGEh6iL73y3Cgm7hGMAo9w%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DCWZJpcIW2qF4B%5FBqNrJqCNH9YdKZZgAPjyOiMq1jpLWp%2Dr2Y9uPbWHlIGX19HmmHCUkmEe1znMF6cjuMlncH%5Fa%2DPPQ5MGEZgqINHpOnbe0ntOGPBIhMUaQ6f%5F9yj2w4QKN%5F0lqImxgxKS6dNwN6eH3rxEARS23S7k8%2DWtXQMJnS0qL%5FJ8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DA9MM8o3YDDOXIF8jvXIWpJTkXjaKqZF4rjA4VUI5KpXPGNneFqEbHT16jQt%5FzcAtPZAOBQ69NIOoNIPN5FOD7O6PW14NEkOx9ijIchcIgQqo26%2Dg2c8nUyb%2D38b3VuYi3P%5FIldJWaD0gCaQYicxib2%5FD79fnmUucQNpp3Jd949yUlpxEPdhNl5tqfvWLmQHnHEycWt4lZ9E6xuFcpi95yHcNyLO40C707w%5FGBuCfbkNw3%2Dvtrl3tE%2D5y2P1dAn4%2DLG%5FBqLt0qj30o8Ke5R6kOKmCbX6LAdLnzHUDnWOJSfhV%2DkUzUCDOF0nXxAE280z50nvLOpLR6HnT8B3pX33O9v78UL3wMS4GVyyF%2DGSrV5A995jfS7wPleF%5FZ6dxle6nXEuUIESe6%2DLkhSOVTQYiiIgVjREkwIjLeEQ6kyo8dqw3cIXBqLG09cfMf0my%2DtqmR1F7QuEd2qGUWvyzpFPDnac3DJxsqHSd%5F%2DR%5FtBpvruhSeceAMX09NZJF066waqwQH8xOKhEAfkSs7rk8JY%2DQKSlnDgVPz4ghOzxCR1wjtK2%2DpmujeyKkgh0R9ap81LmdpOwga0%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7315374343724469259%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315374343692944594%2526sid%253D4745915%2526kid%253D6292687%2526bid%253D19094189%2526c%253D21110%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 22 Dec 2023 11:08:38 GMT
last-modified
Tue, 19 Dec 2023 16:52:08 GMT
accept-ranges
bytes
etag
"2270360689"
content-length
3318
content-type
image/png
550f22d965635c309227c4f1e56cfd97.svg
imagesrv.adition.com/banners/3618/19094189/media/ Frame 8F3E 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/3618/19094189/media/550f22d965635c309227c4f1e56cfd97.svg
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/3618/19094189/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC34q%2DNW6FZY2NEsHMtOUPjP%2Di0Abjkoj2dI7XsaqDEtCg1vesARABINPLzjBglYKAgLQHoAH0i5KgAcgBCakC1hwwsmp0sj6oAwHIA5sEqgT6AU%5FQZRP%2Dx2gJTbAjKWN%2DzvxBDYMMWADvfiSQS98mVFgCcNbY8St2GpGRxVF7f3g3Psx2tN1CGRXDIHGpuFuqHyme2bgDG27w%2DxssVYcTvlW7sx98bAEDPPlcXAt8aN9amMmtZv%5F00Fapr7HKchJaKmetlqiO3dmn5aAoXpRGYnqAdh2%5FxDbq1qGt3DCAOs54fd%2D6QjcXcueGcRbPoYrVMWqsMtH5wjeP0wvlyx6hFdUot97ZP4Eo4BPxSE%5FnVdEE6Up%5FaXTHNGO0mg4dx02iT%2Dcn%5FcdNW%5FKvO%5Fgevljnje%2DmP04CfBkOJDfP7RzUYwVUUSfphNjwtrGz8dDABPXGr6DIBOAEA4gFpMzL4U2QBgGgBk2AB%5FTz7d8CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiA4YAQEAEYXTICqgI6AoBASL39wTpYhMiO5%5FOigwOACgOYCwHICwGADAGiDCAqHgoc5LSxAu61sQK1uLECrLqxAuS0sQLutbECu7uxAqoNAkRFsBPl1oEW0BMA2BMN2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FC0c7ouaFTaZqKAaOZqn6PuOQM5q83AU4npRHnrBBh370Y8jBGAE%26sig%3DAOD64%5F3V9c2FJGEh6iL73y3Cgm7hGMAo9w%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DCWZJpcIW2qF4B%5FBqNrJqCNH9YdKZZgAPjyOiMq1jpLWp%2Dr2Y9uPbWHlIGX19HmmHCUkmEe1znMF6cjuMlncH%5Fa%2DPPQ5MGEZgqINHpOnbe0ntOGPBIhMUaQ6f%5F9yj2w4QKN%5F0lqImxgxKS6dNwN6eH3rxEARS23S7k8%2DWtXQMJnS0qL%5FJ8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DA9MM8o3YDDOXIF8jvXIWpJTkXjaKqZF4rjA4VUI5KpXPGNneFqEbHT16jQt%5FzcAtPZAOBQ69NIOoNIPN5FOD7O6PW14NEkOx9ijIchcIgQqo26%2Dg2c8nUyb%2D38b3VuYi3P%5FIldJWaD0gCaQYicxib2%5FD79fnmUucQNpp3Jd949yUlpxEPdhNl5tqfvWLmQHnHEycWt4lZ9E6xuFcpi95yHcNyLO40C707w%5FGBuCfbkNw3%2Dvtrl3tE%2D5y2P1dAn4%2DLG%5FBqLt0qj30o8Ke5R6kOKmCbX6LAdLnzHUDnWOJSfhV%2DkUzUCDOF0nXxAE280z50nvLOpLR6HnT8B3pX33O9v78UL3wMS4GVyyF%2DGSrV5A995jfS7wPleF%5FZ6dxle6nXEuUIESe6%2DLkhSOVTQYiiIgVjREkwIjLeEQ6kyo8dqw3cIXBqLG09cfMf0my%2DtqmR1F7QuEd2qGUWvyzpFPDnac3DJxsqHSd%5F%2DR%5FtBpvruhSeceAMX09NZJF066waqwQH8xOKhEAfkSs7rk8JY%2DQKSlnDgVPz4ghOzxCR1wjtK2%2DpmujeyKkgh0R9ap81LmdpOwga0%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7315374343724469259%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315374343692944594%2526sid%253D4745915%2526kid%253D6292687%2526bid%253D19094189%2526c%253D21110%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
8164a9fd10bd783e275a7d359386f4a4eddb6423ec02b367cf9b0393a6a5efc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/3618/19094189/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC34q%2DNW6FZY2NEsHMtOUPjP%2Di0Abjkoj2dI7XsaqDEtCg1vesARABINPLzjBglYKAgLQHoAH0i5KgAcgBCakC1hwwsmp0sj6oAwHIA5sEqgT6AU%5FQZRP%2Dx2gJTbAjKWN%2DzvxBDYMMWADvfiSQS98mVFgCcNbY8St2GpGRxVF7f3g3Psx2tN1CGRXDIHGpuFuqHyme2bgDG27w%2DxssVYcTvlW7sx98bAEDPPlcXAt8aN9amMmtZv%5F00Fapr7HKchJaKmetlqiO3dmn5aAoXpRGYnqAdh2%5FxDbq1qGt3DCAOs54fd%2D6QjcXcueGcRbPoYrVMWqsMtH5wjeP0wvlyx6hFdUot97ZP4Eo4BPxSE%5FnVdEE6Up%5FaXTHNGO0mg4dx02iT%2Dcn%5FcdNW%5FKvO%5Fgevljnje%2DmP04CfBkOJDfP7RzUYwVUUSfphNjwtrGz8dDABPXGr6DIBOAEA4gFpMzL4U2QBgGgBk2AB%5FTz7d8CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiA4YAQEAEYXTICqgI6AoBASL39wTpYhMiO5%5FOigwOACgOYCwHICwGADAGiDCAqHgoc5LSxAu61sQK1uLECrLqxAuS0sQLutbECu7uxAqoNAkRFsBPl1oEW0BMA2BMN2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FC0c7ouaFTaZqKAaOZqn6PuOQM5q83AU4npRHnrBBh370Y8jBGAE%26sig%3DAOD64%5F3V9c2FJGEh6iL73y3Cgm7hGMAo9w%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DCWZJpcIW2qF4B%5FBqNrJqCNH9YdKZZgAPjyOiMq1jpLWp%2Dr2Y9uPbWHlIGX19HmmHCUkmEe1znMF6cjuMlncH%5Fa%2DPPQ5MGEZgqINHpOnbe0ntOGPBIhMUaQ6f%5F9yj2w4QKN%5F0lqImxgxKS6dNwN6eH3rxEARS23S7k8%2DWtXQMJnS0qL%5FJ8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DA9MM8o3YDDOXIF8jvXIWpJTkXjaKqZF4rjA4VUI5KpXPGNneFqEbHT16jQt%5FzcAtPZAOBQ69NIOoNIPN5FOD7O6PW14NEkOx9ijIchcIgQqo26%2Dg2c8nUyb%2D38b3VuYi3P%5FIldJWaD0gCaQYicxib2%5FD79fnmUucQNpp3Jd949yUlpxEPdhNl5tqfvWLmQHnHEycWt4lZ9E6xuFcpi95yHcNyLO40C707w%5FGBuCfbkNw3%2Dvtrl3tE%2D5y2P1dAn4%2DLG%5FBqLt0qj30o8Ke5R6kOKmCbX6LAdLnzHUDnWOJSfhV%2DkUzUCDOF0nXxAE280z50nvLOpLR6HnT8B3pX33O9v78UL3wMS4GVyyF%2DGSrV5A995jfS7wPleF%5FZ6dxle6nXEuUIESe6%2DLkhSOVTQYiiIgVjREkwIjLeEQ6kyo8dqw3cIXBqLG09cfMf0my%2DtqmR1F7QuEd2qGUWvyzpFPDnac3DJxsqHSd%5F%2DR%5FtBpvruhSeceAMX09NZJF066waqwQH8xOKhEAfkSs7rk8JY%2DQKSlnDgVPz4ghOzxCR1wjtK2%2DpmujeyKkgh0R9ap81LmdpOwga0%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7315374343724469259%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315374343692944594%2526sid%253D4745915%2526kid%253D6292687%2526bid%253D19094189%2526c%253D21110%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 22 Dec 2023 11:08:38 GMT
last-modified
Tue, 19 Dec 2023 16:52:08 GMT
accept-ranges
bytes
etag
"1582953270"
content-length
8268
content-type
image/svg+xml
578e3096730080a8af724f1a22450208.svg
imagesrv.adition.com/banners/3618/19094189/media/ Frame 8F3E 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/3618/19094189/media/578e3096730080a8af724f1a22450208.svg
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/3618/19094189/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC34q%2DNW6FZY2NEsHMtOUPjP%2Di0Abjkoj2dI7XsaqDEtCg1vesARABINPLzjBglYKAgLQHoAH0i5KgAcgBCakC1hwwsmp0sj6oAwHIA5sEqgT6AU%5FQZRP%2Dx2gJTbAjKWN%2DzvxBDYMMWADvfiSQS98mVFgCcNbY8St2GpGRxVF7f3g3Psx2tN1CGRXDIHGpuFuqHyme2bgDG27w%2DxssVYcTvlW7sx98bAEDPPlcXAt8aN9amMmtZv%5F00Fapr7HKchJaKmetlqiO3dmn5aAoXpRGYnqAdh2%5FxDbq1qGt3DCAOs54fd%2D6QjcXcueGcRbPoYrVMWqsMtH5wjeP0wvlyx6hFdUot97ZP4Eo4BPxSE%5FnVdEE6Up%5FaXTHNGO0mg4dx02iT%2Dcn%5FcdNW%5FKvO%5Fgevljnje%2DmP04CfBkOJDfP7RzUYwVUUSfphNjwtrGz8dDABPXGr6DIBOAEA4gFpMzL4U2QBgGgBk2AB%5FTz7d8CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiA4YAQEAEYXTICqgI6AoBASL39wTpYhMiO5%5FOigwOACgOYCwHICwGADAGiDCAqHgoc5LSxAu61sQK1uLECrLqxAuS0sQLutbECu7uxAqoNAkRFsBPl1oEW0BMA2BMN2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FC0c7ouaFTaZqKAaOZqn6PuOQM5q83AU4npRHnrBBh370Y8jBGAE%26sig%3DAOD64%5F3V9c2FJGEh6iL73y3Cgm7hGMAo9w%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DCWZJpcIW2qF4B%5FBqNrJqCNH9YdKZZgAPjyOiMq1jpLWp%2Dr2Y9uPbWHlIGX19HmmHCUkmEe1znMF6cjuMlncH%5Fa%2DPPQ5MGEZgqINHpOnbe0ntOGPBIhMUaQ6f%5F9yj2w4QKN%5F0lqImxgxKS6dNwN6eH3rxEARS23S7k8%2DWtXQMJnS0qL%5FJ8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DA9MM8o3YDDOXIF8jvXIWpJTkXjaKqZF4rjA4VUI5KpXPGNneFqEbHT16jQt%5FzcAtPZAOBQ69NIOoNIPN5FOD7O6PW14NEkOx9ijIchcIgQqo26%2Dg2c8nUyb%2D38b3VuYi3P%5FIldJWaD0gCaQYicxib2%5FD79fnmUucQNpp3Jd949yUlpxEPdhNl5tqfvWLmQHnHEycWt4lZ9E6xuFcpi95yHcNyLO40C707w%5FGBuCfbkNw3%2Dvtrl3tE%2D5y2P1dAn4%2DLG%5FBqLt0qj30o8Ke5R6kOKmCbX6LAdLnzHUDnWOJSfhV%2DkUzUCDOF0nXxAE280z50nvLOpLR6HnT8B3pX33O9v78UL3wMS4GVyyF%2DGSrV5A995jfS7wPleF%5FZ6dxle6nXEuUIESe6%2DLkhSOVTQYiiIgVjREkwIjLeEQ6kyo8dqw3cIXBqLG09cfMf0my%2DtqmR1F7QuEd2qGUWvyzpFPDnac3DJxsqHSd%5F%2DR%5FtBpvruhSeceAMX09NZJF066waqwQH8xOKhEAfkSs7rk8JY%2DQKSlnDgVPz4ghOzxCR1wjtK2%2DpmujeyKkgh0R9ap81LmdpOwga0%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7315374343724469259%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315374343692944594%2526sid%253D4745915%2526kid%253D6292687%2526bid%253D19094189%2526c%253D21110%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
c7211b35cb0e6403546377d7a25870102eb82d1b9f817bdc1d41844011e88a93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/3618/19094189/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC34q%2DNW6FZY2NEsHMtOUPjP%2Di0Abjkoj2dI7XsaqDEtCg1vesARABINPLzjBglYKAgLQHoAH0i5KgAcgBCakC1hwwsmp0sj6oAwHIA5sEqgT6AU%5FQZRP%2Dx2gJTbAjKWN%2DzvxBDYMMWADvfiSQS98mVFgCcNbY8St2GpGRxVF7f3g3Psx2tN1CGRXDIHGpuFuqHyme2bgDG27w%2DxssVYcTvlW7sx98bAEDPPlcXAt8aN9amMmtZv%5F00Fapr7HKchJaKmetlqiO3dmn5aAoXpRGYnqAdh2%5FxDbq1qGt3DCAOs54fd%2D6QjcXcueGcRbPoYrVMWqsMtH5wjeP0wvlyx6hFdUot97ZP4Eo4BPxSE%5FnVdEE6Up%5FaXTHNGO0mg4dx02iT%2Dcn%5FcdNW%5FKvO%5Fgevljnje%2DmP04CfBkOJDfP7RzUYwVUUSfphNjwtrGz8dDABPXGr6DIBOAEA4gFpMzL4U2QBgGgBk2AB%5FTz7d8CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiA4YAQEAEYXTICqgI6AoBASL39wTpYhMiO5%5FOigwOACgOYCwHICwGADAGiDCAqHgoc5LSxAu61sQK1uLECrLqxAuS0sQLutbECu7uxAqoNAkRFsBPl1oEW0BMA2BMN2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FC0c7ouaFTaZqKAaOZqn6PuOQM5q83AU4npRHnrBBh370Y8jBGAE%26sig%3DAOD64%5F3V9c2FJGEh6iL73y3Cgm7hGMAo9w%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DCWZJpcIW2qF4B%5FBqNrJqCNH9YdKZZgAPjyOiMq1jpLWp%2Dr2Y9uPbWHlIGX19HmmHCUkmEe1znMF6cjuMlncH%5Fa%2DPPQ5MGEZgqINHpOnbe0ntOGPBIhMUaQ6f%5F9yj2w4QKN%5F0lqImxgxKS6dNwN6eH3rxEARS23S7k8%2DWtXQMJnS0qL%5FJ8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DA9MM8o3YDDOXIF8jvXIWpJTkXjaKqZF4rjA4VUI5KpXPGNneFqEbHT16jQt%5FzcAtPZAOBQ69NIOoNIPN5FOD7O6PW14NEkOx9ijIchcIgQqo26%2Dg2c8nUyb%2D38b3VuYi3P%5FIldJWaD0gCaQYicxib2%5FD79fnmUucQNpp3Jd949yUlpxEPdhNl5tqfvWLmQHnHEycWt4lZ9E6xuFcpi95yHcNyLO40C707w%5FGBuCfbkNw3%2Dvtrl3tE%2D5y2P1dAn4%2DLG%5FBqLt0qj30o8Ke5R6kOKmCbX6LAdLnzHUDnWOJSfhV%2DkUzUCDOF0nXxAE280z50nvLOpLR6HnT8B3pX33O9v78UL3wMS4GVyyF%2DGSrV5A995jfS7wPleF%5FZ6dxle6nXEuUIESe6%2DLkhSOVTQYiiIgVjREkwIjLeEQ6kyo8dqw3cIXBqLG09cfMf0my%2DtqmR1F7QuEd2qGUWvyzpFPDnac3DJxsqHSd%5F%2DR%5FtBpvruhSeceAMX09NZJF066waqwQH8xOKhEAfkSs7rk8JY%2DQKSlnDgVPz4ghOzxCR1wjtK2%2DpmujeyKkgh0R9ap81LmdpOwga0%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7315374343724469259%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315374343692944594%2526sid%253D4745915%2526kid%253D6292687%2526bid%253D19094189%2526c%253D21110%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 22 Dec 2023 11:08:38 GMT
last-modified
Tue, 19 Dec 2023 16:32:36 GMT
accept-ranges
bytes
etag
"1411978719"
content-length
12384
content-type
image/svg+xml
de738ae4ccf34553321459da4b2a8f23.svg
imagesrv.adition.com/banners/3618/19094189/media/ Frame 8F3E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/3618/19094189/media/de738ae4ccf34553321459da4b2a8f23.svg
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/3618/19094189/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC34q%2DNW6FZY2NEsHMtOUPjP%2Di0Abjkoj2dI7XsaqDEtCg1vesARABINPLzjBglYKAgLQHoAH0i5KgAcgBCakC1hwwsmp0sj6oAwHIA5sEqgT6AU%5FQZRP%2Dx2gJTbAjKWN%2DzvxBDYMMWADvfiSQS98mVFgCcNbY8St2GpGRxVF7f3g3Psx2tN1CGRXDIHGpuFuqHyme2bgDG27w%2DxssVYcTvlW7sx98bAEDPPlcXAt8aN9amMmtZv%5F00Fapr7HKchJaKmetlqiO3dmn5aAoXpRGYnqAdh2%5FxDbq1qGt3DCAOs54fd%2D6QjcXcueGcRbPoYrVMWqsMtH5wjeP0wvlyx6hFdUot97ZP4Eo4BPxSE%5FnVdEE6Up%5FaXTHNGO0mg4dx02iT%2Dcn%5FcdNW%5FKvO%5Fgevljnje%2DmP04CfBkOJDfP7RzUYwVUUSfphNjwtrGz8dDABPXGr6DIBOAEA4gFpMzL4U2QBgGgBk2AB%5FTz7d8CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiA4YAQEAEYXTICqgI6AoBASL39wTpYhMiO5%5FOigwOACgOYCwHICwGADAGiDCAqHgoc5LSxAu61sQK1uLECrLqxAuS0sQLutbECu7uxAqoNAkRFsBPl1oEW0BMA2BMN2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FC0c7ouaFTaZqKAaOZqn6PuOQM5q83AU4npRHnrBBh370Y8jBGAE%26sig%3DAOD64%5F3V9c2FJGEh6iL73y3Cgm7hGMAo9w%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DCWZJpcIW2qF4B%5FBqNrJqCNH9YdKZZgAPjyOiMq1jpLWp%2Dr2Y9uPbWHlIGX19HmmHCUkmEe1znMF6cjuMlncH%5Fa%2DPPQ5MGEZgqINHpOnbe0ntOGPBIhMUaQ6f%5F9yj2w4QKN%5F0lqImxgxKS6dNwN6eH3rxEARS23S7k8%2DWtXQMJnS0qL%5FJ8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DA9MM8o3YDDOXIF8jvXIWpJTkXjaKqZF4rjA4VUI5KpXPGNneFqEbHT16jQt%5FzcAtPZAOBQ69NIOoNIPN5FOD7O6PW14NEkOx9ijIchcIgQqo26%2Dg2c8nUyb%2D38b3VuYi3P%5FIldJWaD0gCaQYicxib2%5FD79fnmUucQNpp3Jd949yUlpxEPdhNl5tqfvWLmQHnHEycWt4lZ9E6xuFcpi95yHcNyLO40C707w%5FGBuCfbkNw3%2Dvtrl3tE%2D5y2P1dAn4%2DLG%5FBqLt0qj30o8Ke5R6kOKmCbX6LAdLnzHUDnWOJSfhV%2DkUzUCDOF0nXxAE280z50nvLOpLR6HnT8B3pX33O9v78UL3wMS4GVyyF%2DGSrV5A995jfS7wPleF%5FZ6dxle6nXEuUIESe6%2DLkhSOVTQYiiIgVjREkwIjLeEQ6kyo8dqw3cIXBqLG09cfMf0my%2DtqmR1F7QuEd2qGUWvyzpFPDnac3DJxsqHSd%5F%2DR%5FtBpvruhSeceAMX09NZJF066waqwQH8xOKhEAfkSs7rk8JY%2DQKSlnDgVPz4ghOzxCR1wjtK2%2DpmujeyKkgh0R9ap81LmdpOwga0%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7315374343724469259%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315374343692944594%2526sid%253D4745915%2526kid%253D6292687%2526bid%253D19094189%2526c%253D21110%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
f530f6332f62e984dd2bce7c2eb33b915a130e79e0a0075bf250bb7a7e823fbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/3618/19094189/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC34q%2DNW6FZY2NEsHMtOUPjP%2Di0Abjkoj2dI7XsaqDEtCg1vesARABINPLzjBglYKAgLQHoAH0i5KgAcgBCakC1hwwsmp0sj6oAwHIA5sEqgT6AU%5FQZRP%2Dx2gJTbAjKWN%2DzvxBDYMMWADvfiSQS98mVFgCcNbY8St2GpGRxVF7f3g3Psx2tN1CGRXDIHGpuFuqHyme2bgDG27w%2DxssVYcTvlW7sx98bAEDPPlcXAt8aN9amMmtZv%5F00Fapr7HKchJaKmetlqiO3dmn5aAoXpRGYnqAdh2%5FxDbq1qGt3DCAOs54fd%2D6QjcXcueGcRbPoYrVMWqsMtH5wjeP0wvlyx6hFdUot97ZP4Eo4BPxSE%5FnVdEE6Up%5FaXTHNGO0mg4dx02iT%2Dcn%5FcdNW%5FKvO%5Fgevljnje%2DmP04CfBkOJDfP7RzUYwVUUSfphNjwtrGz8dDABPXGr6DIBOAEA4gFpMzL4U2QBgGgBk2AB%5FTz7d8CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiA4YAQEAEYXTICqgI6AoBASL39wTpYhMiO5%5FOigwOACgOYCwHICwGADAGiDCAqHgoc5LSxAu61sQK1uLECrLqxAuS0sQLutbECu7uxAqoNAkRFsBPl1oEW0BMA2BMN2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FC0c7ouaFTaZqKAaOZqn6PuOQM5q83AU4npRHnrBBh370Y8jBGAE%26sig%3DAOD64%5F3V9c2FJGEh6iL73y3Cgm7hGMAo9w%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DCWZJpcIW2qF4B%5FBqNrJqCNH9YdKZZgAPjyOiMq1jpLWp%2Dr2Y9uPbWHlIGX19HmmHCUkmEe1znMF6cjuMlncH%5Fa%2DPPQ5MGEZgqINHpOnbe0ntOGPBIhMUaQ6f%5F9yj2w4QKN%5F0lqImxgxKS6dNwN6eH3rxEARS23S7k8%2DWtXQMJnS0qL%5FJ8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DA9MM8o3YDDOXIF8jvXIWpJTkXjaKqZF4rjA4VUI5KpXPGNneFqEbHT16jQt%5FzcAtPZAOBQ69NIOoNIPN5FOD7O6PW14NEkOx9ijIchcIgQqo26%2Dg2c8nUyb%2D38b3VuYi3P%5FIldJWaD0gCaQYicxib2%5FD79fnmUucQNpp3Jd949yUlpxEPdhNl5tqfvWLmQHnHEycWt4lZ9E6xuFcpi95yHcNyLO40C707w%5FGBuCfbkNw3%2Dvtrl3tE%2D5y2P1dAn4%2DLG%5FBqLt0qj30o8Ke5R6kOKmCbX6LAdLnzHUDnWOJSfhV%2DkUzUCDOF0nXxAE280z50nvLOpLR6HnT8B3pX33O9v78UL3wMS4GVyyF%2DGSrV5A995jfS7wPleF%5FZ6dxle6nXEuUIESe6%2DLkhSOVTQYiiIgVjREkwIjLeEQ6kyo8dqw3cIXBqLG09cfMf0my%2DtqmR1F7QuEd2qGUWvyzpFPDnac3DJxsqHSd%5F%2DR%5FtBpvruhSeceAMX09NZJF066waqwQH8xOKhEAfkSs7rk8JY%2DQKSlnDgVPz4ghOzxCR1wjtK2%2DpmujeyKkgh0R9ap81LmdpOwga0%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7315374343724469259%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315374343692944594%2526sid%253D4745915%2526kid%253D6292687%2526bid%253D19094189%2526c%253D21110%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 22 Dec 2023 11:08:38 GMT
last-modified
Tue, 19 Dec 2023 16:32:37 GMT
accept-ranges
bytes
etag
"3489978854"
content-length
1868
content-type
image/svg+xml
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame AA7D 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 13:10:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
79077
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Dec 2024 13:10:41 GMT
e1f607e7b642b5e7c7577064e3f5cf34.png
imagesrv.adition.com/banners/3618/19094189/media/ Frame 8F3E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/3618/19094189/media/e1f607e7b642b5e7c7577064e3f5cf34.png
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/3618/19094189/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC34q%2DNW6FZY2NEsHMtOUPjP%2Di0Abjkoj2dI7XsaqDEtCg1vesARABINPLzjBglYKAgLQHoAH0i5KgAcgBCakC1hwwsmp0sj6oAwHIA5sEqgT6AU%5FQZRP%2Dx2gJTbAjKWN%2DzvxBDYMMWADvfiSQS98mVFgCcNbY8St2GpGRxVF7f3g3Psx2tN1CGRXDIHGpuFuqHyme2bgDG27w%2DxssVYcTvlW7sx98bAEDPPlcXAt8aN9amMmtZv%5F00Fapr7HKchJaKmetlqiO3dmn5aAoXpRGYnqAdh2%5FxDbq1qGt3DCAOs54fd%2D6QjcXcueGcRbPoYrVMWqsMtH5wjeP0wvlyx6hFdUot97ZP4Eo4BPxSE%5FnVdEE6Up%5FaXTHNGO0mg4dx02iT%2Dcn%5FcdNW%5FKvO%5Fgevljnje%2DmP04CfBkOJDfP7RzUYwVUUSfphNjwtrGz8dDABPXGr6DIBOAEA4gFpMzL4U2QBgGgBk2AB%5FTz7d8CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiA4YAQEAEYXTICqgI6AoBASL39wTpYhMiO5%5FOigwOACgOYCwHICwGADAGiDCAqHgoc5LSxAu61sQK1uLECrLqxAuS0sQLutbECu7uxAqoNAkRFsBPl1oEW0BMA2BMN2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FC0c7ouaFTaZqKAaOZqn6PuOQM5q83AU4npRHnrBBh370Y8jBGAE%26sig%3DAOD64%5F3V9c2FJGEh6iL73y3Cgm7hGMAo9w%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DCWZJpcIW2qF4B%5FBqNrJqCNH9YdKZZgAPjyOiMq1jpLWp%2Dr2Y9uPbWHlIGX19HmmHCUkmEe1znMF6cjuMlncH%5Fa%2DPPQ5MGEZgqINHpOnbe0ntOGPBIhMUaQ6f%5F9yj2w4QKN%5F0lqImxgxKS6dNwN6eH3rxEARS23S7k8%2DWtXQMJnS0qL%5FJ8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DA9MM8o3YDDOXIF8jvXIWpJTkXjaKqZF4rjA4VUI5KpXPGNneFqEbHT16jQt%5FzcAtPZAOBQ69NIOoNIPN5FOD7O6PW14NEkOx9ijIchcIgQqo26%2Dg2c8nUyb%2D38b3VuYi3P%5FIldJWaD0gCaQYicxib2%5FD79fnmUucQNpp3Jd949yUlpxEPdhNl5tqfvWLmQHnHEycWt4lZ9E6xuFcpi95yHcNyLO40C707w%5FGBuCfbkNw3%2Dvtrl3tE%2D5y2P1dAn4%2DLG%5FBqLt0qj30o8Ke5R6kOKmCbX6LAdLnzHUDnWOJSfhV%2DkUzUCDOF0nXxAE280z50nvLOpLR6HnT8B3pX33O9v78UL3wMS4GVyyF%2DGSrV5A995jfS7wPleF%5FZ6dxle6nXEuUIESe6%2DLkhSOVTQYiiIgVjREkwIjLeEQ6kyo8dqw3cIXBqLG09cfMf0my%2DtqmR1F7QuEd2qGUWvyzpFPDnac3DJxsqHSd%5F%2DR%5FtBpvruhSeceAMX09NZJF066waqwQH8xOKhEAfkSs7rk8JY%2DQKSlnDgVPz4ghOzxCR1wjtK2%2DpmujeyKkgh0R9ap81LmdpOwga0%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7315374343724469259%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315374343692944594%2526sid%253D4745915%2526kid%253D6292687%2526bid%253D19094189%2526c%253D21110%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
497db998c21e65514089d554d71a0c6376d78876119d80c61024bccf96126284

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/3618/19094189/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC34q%2DNW6FZY2NEsHMtOUPjP%2Di0Abjkoj2dI7XsaqDEtCg1vesARABINPLzjBglYKAgLQHoAH0i5KgAcgBCakC1hwwsmp0sj6oAwHIA5sEqgT6AU%5FQZRP%2Dx2gJTbAjKWN%2DzvxBDYMMWADvfiSQS98mVFgCcNbY8St2GpGRxVF7f3g3Psx2tN1CGRXDIHGpuFuqHyme2bgDG27w%2DxssVYcTvlW7sx98bAEDPPlcXAt8aN9amMmtZv%5F00Fapr7HKchJaKmetlqiO3dmn5aAoXpRGYnqAdh2%5FxDbq1qGt3DCAOs54fd%2D6QjcXcueGcRbPoYrVMWqsMtH5wjeP0wvlyx6hFdUot97ZP4Eo4BPxSE%5FnVdEE6Up%5FaXTHNGO0mg4dx02iT%2Dcn%5FcdNW%5FKvO%5Fgevljnje%2DmP04CfBkOJDfP7RzUYwVUUSfphNjwtrGz8dDABPXGr6DIBOAEA4gFpMzL4U2QBgGgBk2AB%5FTz7d8CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiA4YAQEAEYXTICqgI6AoBASL39wTpYhMiO5%5FOigwOACgOYCwHICwGADAGiDCAqHgoc5LSxAu61sQK1uLECrLqxAuS0sQLutbECu7uxAqoNAkRFsBPl1oEW0BMA2BMN2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FC0c7ouaFTaZqKAaOZqn6PuOQM5q83AU4npRHnrBBh370Y8jBGAE%26sig%3DAOD64%5F3V9c2FJGEh6iL73y3Cgm7hGMAo9w%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DCWZJpcIW2qF4B%5FBqNrJqCNH9YdKZZgAPjyOiMq1jpLWp%2Dr2Y9uPbWHlIGX19HmmHCUkmEe1znMF6cjuMlncH%5Fa%2DPPQ5MGEZgqINHpOnbe0ntOGPBIhMUaQ6f%5F9yj2w4QKN%5F0lqImxgxKS6dNwN6eH3rxEARS23S7k8%2DWtXQMJnS0qL%5FJ8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DA9MM8o3YDDOXIF8jvXIWpJTkXjaKqZF4rjA4VUI5KpXPGNneFqEbHT16jQt%5FzcAtPZAOBQ69NIOoNIPN5FOD7O6PW14NEkOx9ijIchcIgQqo26%2Dg2c8nUyb%2D38b3VuYi3P%5FIldJWaD0gCaQYicxib2%5FD79fnmUucQNpp3Jd949yUlpxEPdhNl5tqfvWLmQHnHEycWt4lZ9E6xuFcpi95yHcNyLO40C707w%5FGBuCfbkNw3%2Dvtrl3tE%2D5y2P1dAn4%2DLG%5FBqLt0qj30o8Ke5R6kOKmCbX6LAdLnzHUDnWOJSfhV%2DkUzUCDOF0nXxAE280z50nvLOpLR6HnT8B3pX33O9v78UL3wMS4GVyyF%2DGSrV5A995jfS7wPleF%5FZ6dxle6nXEuUIESe6%2DLkhSOVTQYiiIgVjREkwIjLeEQ6kyo8dqw3cIXBqLG09cfMf0my%2DtqmR1F7QuEd2qGUWvyzpFPDnac3DJxsqHSd%5F%2DR%5FtBpvruhSeceAMX09NZJF066waqwQH8xOKhEAfkSs7rk8JY%2DQKSlnDgVPz4ghOzxCR1wjtK2%2DpmujeyKkgh0R9ap81LmdpOwga0%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7315374343724469259%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315374343692944594%2526sid%253D4745915%2526kid%253D6292687%2526bid%253D19094189%2526c%253D21110%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 22 Dec 2023 11:08:38 GMT
last-modified
Tue, 19 Dec 2023 16:52:07 GMT
accept-ranges
bytes
etag
"2511637389"
content-length
5316
content-type
image/png
87efd1d510371568d679ec26885fe7b0.svg
imagesrv.adition.com/banners/3618/19094189/media/ Frame 8F3E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/3618/19094189/media/87efd1d510371568d679ec26885fe7b0.svg
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/3618/19094189/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC34q%2DNW6FZY2NEsHMtOUPjP%2Di0Abjkoj2dI7XsaqDEtCg1vesARABINPLzjBglYKAgLQHoAH0i5KgAcgBCakC1hwwsmp0sj6oAwHIA5sEqgT6AU%5FQZRP%2Dx2gJTbAjKWN%2DzvxBDYMMWADvfiSQS98mVFgCcNbY8St2GpGRxVF7f3g3Psx2tN1CGRXDIHGpuFuqHyme2bgDG27w%2DxssVYcTvlW7sx98bAEDPPlcXAt8aN9amMmtZv%5F00Fapr7HKchJaKmetlqiO3dmn5aAoXpRGYnqAdh2%5FxDbq1qGt3DCAOs54fd%2D6QjcXcueGcRbPoYrVMWqsMtH5wjeP0wvlyx6hFdUot97ZP4Eo4BPxSE%5FnVdEE6Up%5FaXTHNGO0mg4dx02iT%2Dcn%5FcdNW%5FKvO%5Fgevljnje%2DmP04CfBkOJDfP7RzUYwVUUSfphNjwtrGz8dDABPXGr6DIBOAEA4gFpMzL4U2QBgGgBk2AB%5FTz7d8CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiA4YAQEAEYXTICqgI6AoBASL39wTpYhMiO5%5FOigwOACgOYCwHICwGADAGiDCAqHgoc5LSxAu61sQK1uLECrLqxAuS0sQLutbECu7uxAqoNAkRFsBPl1oEW0BMA2BMN2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FC0c7ouaFTaZqKAaOZqn6PuOQM5q83AU4npRHnrBBh370Y8jBGAE%26sig%3DAOD64%5F3V9c2FJGEh6iL73y3Cgm7hGMAo9w%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DCWZJpcIW2qF4B%5FBqNrJqCNH9YdKZZgAPjyOiMq1jpLWp%2Dr2Y9uPbWHlIGX19HmmHCUkmEe1znMF6cjuMlncH%5Fa%2DPPQ5MGEZgqINHpOnbe0ntOGPBIhMUaQ6f%5F9yj2w4QKN%5F0lqImxgxKS6dNwN6eH3rxEARS23S7k8%2DWtXQMJnS0qL%5FJ8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DA9MM8o3YDDOXIF8jvXIWpJTkXjaKqZF4rjA4VUI5KpXPGNneFqEbHT16jQt%5FzcAtPZAOBQ69NIOoNIPN5FOD7O6PW14NEkOx9ijIchcIgQqo26%2Dg2c8nUyb%2D38b3VuYi3P%5FIldJWaD0gCaQYicxib2%5FD79fnmUucQNpp3Jd949yUlpxEPdhNl5tqfvWLmQHnHEycWt4lZ9E6xuFcpi95yHcNyLO40C707w%5FGBuCfbkNw3%2Dvtrl3tE%2D5y2P1dAn4%2DLG%5FBqLt0qj30o8Ke5R6kOKmCbX6LAdLnzHUDnWOJSfhV%2DkUzUCDOF0nXxAE280z50nvLOpLR6HnT8B3pX33O9v78UL3wMS4GVyyF%2DGSrV5A995jfS7wPleF%5FZ6dxle6nXEuUIESe6%2DLkhSOVTQYiiIgVjREkwIjLeEQ6kyo8dqw3cIXBqLG09cfMf0my%2DtqmR1F7QuEd2qGUWvyzpFPDnac3DJxsqHSd%5F%2DR%5FtBpvruhSeceAMX09NZJF066waqwQH8xOKhEAfkSs7rk8JY%2DQKSlnDgVPz4ghOzxCR1wjtK2%2DpmujeyKkgh0R9ap81LmdpOwga0%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7315374343724469259%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315374343692944594%2526sid%253D4745915%2526kid%253D6292687%2526bid%253D19094189%2526c%253D21110%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
a21e5aac3e7798cca7d03ef4fc5a38752e1326423f2b99669e58dd4f105ae048

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/3618/19094189/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC34q%2DNW6FZY2NEsHMtOUPjP%2Di0Abjkoj2dI7XsaqDEtCg1vesARABINPLzjBglYKAgLQHoAH0i5KgAcgBCakC1hwwsmp0sj6oAwHIA5sEqgT6AU%5FQZRP%2Dx2gJTbAjKWN%2DzvxBDYMMWADvfiSQS98mVFgCcNbY8St2GpGRxVF7f3g3Psx2tN1CGRXDIHGpuFuqHyme2bgDG27w%2DxssVYcTvlW7sx98bAEDPPlcXAt8aN9amMmtZv%5F00Fapr7HKchJaKmetlqiO3dmn5aAoXpRGYnqAdh2%5FxDbq1qGt3DCAOs54fd%2D6QjcXcueGcRbPoYrVMWqsMtH5wjeP0wvlyx6hFdUot97ZP4Eo4BPxSE%5FnVdEE6Up%5FaXTHNGO0mg4dx02iT%2Dcn%5FcdNW%5FKvO%5Fgevljnje%2DmP04CfBkOJDfP7RzUYwVUUSfphNjwtrGz8dDABPXGr6DIBOAEA4gFpMzL4U2QBgGgBk2AB%5FTz7d8CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiA4YAQEAEYXTICqgI6AoBASL39wTpYhMiO5%5FOigwOACgOYCwHICwGADAGiDCAqHgoc5LSxAu61sQK1uLECrLqxAuS0sQLutbECu7uxAqoNAkRFsBPl1oEW0BMA2BMN2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FC0c7ouaFTaZqKAaOZqn6PuOQM5q83AU4npRHnrBBh370Y8jBGAE%26sig%3DAOD64%5F3V9c2FJGEh6iL73y3Cgm7hGMAo9w%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DCWZJpcIW2qF4B%5FBqNrJqCNH9YdKZZgAPjyOiMq1jpLWp%2Dr2Y9uPbWHlIGX19HmmHCUkmEe1znMF6cjuMlncH%5Fa%2DPPQ5MGEZgqINHpOnbe0ntOGPBIhMUaQ6f%5F9yj2w4QKN%5F0lqImxgxKS6dNwN6eH3rxEARS23S7k8%2DWtXQMJnS0qL%5FJ8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DA9MM8o3YDDOXIF8jvXIWpJTkXjaKqZF4rjA4VUI5KpXPGNneFqEbHT16jQt%5FzcAtPZAOBQ69NIOoNIPN5FOD7O6PW14NEkOx9ijIchcIgQqo26%2Dg2c8nUyb%2D38b3VuYi3P%5FIldJWaD0gCaQYicxib2%5FD79fnmUucQNpp3Jd949yUlpxEPdhNl5tqfvWLmQHnHEycWt4lZ9E6xuFcpi95yHcNyLO40C707w%5FGBuCfbkNw3%2Dvtrl3tE%2D5y2P1dAn4%2DLG%5FBqLt0qj30o8Ke5R6kOKmCbX6LAdLnzHUDnWOJSfhV%2DkUzUCDOF0nXxAE280z50nvLOpLR6HnT8B3pX33O9v78UL3wMS4GVyyF%2DGSrV5A995jfS7wPleF%5FZ6dxle6nXEuUIESe6%2DLkhSOVTQYiiIgVjREkwIjLeEQ6kyo8dqw3cIXBqLG09cfMf0my%2DtqmR1F7QuEd2qGUWvyzpFPDnac3DJxsqHSd%5F%2DR%5FtBpvruhSeceAMX09NZJF066waqwQH8xOKhEAfkSs7rk8JY%2DQKSlnDgVPz4ghOzxCR1wjtK2%2DpmujeyKkgh0R9ap81LmdpOwga0%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7315374343724469259%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315374343692944594%2526sid%253D4745915%2526kid%253D6292687%2526bid%253D19094189%2526c%253D21110%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 22 Dec 2023 11:08:38 GMT
last-modified
Tue, 19 Dec 2023 16:32:37 GMT
accept-ranges
bytes
etag
"1870257821"
content-length
5037
content-type
image/svg+xml
03be876a429110eae4e5a87df339cc1f.svg
imagesrv.adition.com/banners/3618/19094189/media/ Frame 8F3E 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/banners/3618/19094189/media/03be876a429110eae4e5a87df339cc1f.svg
Requested by
Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/3618/19094189/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC34q%2DNW6FZY2NEsHMtOUPjP%2Di0Abjkoj2dI7XsaqDEtCg1vesARABINPLzjBglYKAgLQHoAH0i5KgAcgBCakC1hwwsmp0sj6oAwHIA5sEqgT6AU%5FQZRP%2Dx2gJTbAjKWN%2DzvxBDYMMWADvfiSQS98mVFgCcNbY8St2GpGRxVF7f3g3Psx2tN1CGRXDIHGpuFuqHyme2bgDG27w%2DxssVYcTvlW7sx98bAEDPPlcXAt8aN9amMmtZv%5F00Fapr7HKchJaKmetlqiO3dmn5aAoXpRGYnqAdh2%5FxDbq1qGt3DCAOs54fd%2D6QjcXcueGcRbPoYrVMWqsMtH5wjeP0wvlyx6hFdUot97ZP4Eo4BPxSE%5FnVdEE6Up%5FaXTHNGO0mg4dx02iT%2Dcn%5FcdNW%5FKvO%5Fgevljnje%2DmP04CfBkOJDfP7RzUYwVUUSfphNjwtrGz8dDABPXGr6DIBOAEA4gFpMzL4U2QBgGgBk2AB%5FTz7d8CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiA4YAQEAEYXTICqgI6AoBASL39wTpYhMiO5%5FOigwOACgOYCwHICwGADAGiDCAqHgoc5LSxAu61sQK1uLECrLqxAuS0sQLutbECu7uxAqoNAkRFsBPl1oEW0BMA2BMN2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FC0c7ouaFTaZqKAaOZqn6PuOQM5q83AU4npRHnrBBh370Y8jBGAE%26sig%3DAOD64%5F3V9c2FJGEh6iL73y3Cgm7hGMAo9w%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DCWZJpcIW2qF4B%5FBqNrJqCNH9YdKZZgAPjyOiMq1jpLWp%2Dr2Y9uPbWHlIGX19HmmHCUkmEe1znMF6cjuMlncH%5Fa%2DPPQ5MGEZgqINHpOnbe0ntOGPBIhMUaQ6f%5F9yj2w4QKN%5F0lqImxgxKS6dNwN6eH3rxEARS23S7k8%2DWtXQMJnS0qL%5FJ8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DA9MM8o3YDDOXIF8jvXIWpJTkXjaKqZF4rjA4VUI5KpXPGNneFqEbHT16jQt%5FzcAtPZAOBQ69NIOoNIPN5FOD7O6PW14NEkOx9ijIchcIgQqo26%2Dg2c8nUyb%2D38b3VuYi3P%5FIldJWaD0gCaQYicxib2%5FD79fnmUucQNpp3Jd949yUlpxEPdhNl5tqfvWLmQHnHEycWt4lZ9E6xuFcpi95yHcNyLO40C707w%5FGBuCfbkNw3%2Dvtrl3tE%2D5y2P1dAn4%2DLG%5FBqLt0qj30o8Ke5R6kOKmCbX6LAdLnzHUDnWOJSfhV%2DkUzUCDOF0nXxAE280z50nvLOpLR6HnT8B3pX33O9v78UL3wMS4GVyyF%2DGSrV5A995jfS7wPleF%5FZ6dxle6nXEuUIESe6%2DLkhSOVTQYiiIgVjREkwIjLeEQ6kyo8dqw3cIXBqLG09cfMf0my%2DtqmR1F7QuEd2qGUWvyzpFPDnac3DJxsqHSd%5F%2DR%5FtBpvruhSeceAMX09NZJF066waqwQH8xOKhEAfkSs7rk8JY%2DQKSlnDgVPz4ghOzxCR1wjtK2%2DpmujeyKkgh0R9ap81LmdpOwga0%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7315374343724469259%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315374343692944594%2526sid%253D4745915%2526kid%253D6292687%2526bid%253D19094189%2526c%253D21110%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
f3fb12b83a5ccf74d4c5b62c1f3f8d636d2b7b4eab5cf4c52692209721446c0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imagesrv.adition.com/banners/3618/19094189/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC34q%2DNW6FZY2NEsHMtOUPjP%2Di0Abjkoj2dI7XsaqDEtCg1vesARABINPLzjBglYKAgLQHoAH0i5KgAcgBCakC1hwwsmp0sj6oAwHIA5sEqgT6AU%5FQZRP%2Dx2gJTbAjKWN%2DzvxBDYMMWADvfiSQS98mVFgCcNbY8St2GpGRxVF7f3g3Psx2tN1CGRXDIHGpuFuqHyme2bgDG27w%2DxssVYcTvlW7sx98bAEDPPlcXAt8aN9amMmtZv%5F00Fapr7HKchJaKmetlqiO3dmn5aAoXpRGYnqAdh2%5FxDbq1qGt3DCAOs54fd%2D6QjcXcueGcRbPoYrVMWqsMtH5wjeP0wvlyx6hFdUot97ZP4Eo4BPxSE%5FnVdEE6Up%5FaXTHNGO0mg4dx02iT%2Dcn%5FcdNW%5FKvO%5Fgevljnje%2DmP04CfBkOJDfP7RzUYwVUUSfphNjwtrGz8dDABPXGr6DIBOAEA4gFpMzL4U2QBgGgBk2AB%5FTz7d8CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH%5Fp6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH%5F56xAqgH35%2DxAtgHANIIHwiA4YAQEAEYXTICqgI6AoBASL39wTpYhMiO5%5FOigwOACgOYCwHICwGADAGiDCAqHgoc5LSxAu61sQK1uLECrLqxAuS0sQLutbECu7uxAqoNAkRFsBPl1oEW0BMA2BMN2BQB0BUB%2DBYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSKQAvHhf%5FC0c7ouaFTaZqKAaOZqn6PuOQM5q83AU4npRHnrBBh370Y8jBGAE%26sig%3DAOD64%5F3V9c2FJGEh6iL73y3Cgm7hGMAo9w%26client%3Dca%2Dpub%2D5884294479391638%26dbm%5Fc%3DAKAmf%2DCWZJpcIW2qF4B%5FBqNrJqCNH9YdKZZgAPjyOiMq1jpLWp%2Dr2Y9uPbWHlIGX19HmmHCUkmEe1znMF6cjuMlncH%5Fa%2DPPQ5MGEZgqINHpOnbe0ntOGPBIhMUaQ6f%5F9yj2w4QKN%5F0lqImxgxKS6dNwN6eH3rxEARS23S7k8%2DWtXQMJnS0qL%5FJ8%26cry%3D1%26dbm%5Fd%3DAKAmf%2DA9MM8o3YDDOXIF8jvXIWpJTkXjaKqZF4rjA4VUI5KpXPGNneFqEbHT16jQt%5FzcAtPZAOBQ69NIOoNIPN5FOD7O6PW14NEkOx9ijIchcIgQqo26%2Dg2c8nUyb%2D38b3VuYi3P%5FIldJWaD0gCaQYicxib2%5FD79fnmUucQNpp3Jd949yUlpxEPdhNl5tqfvWLmQHnHEycWt4lZ9E6xuFcpi95yHcNyLO40C707w%5FGBuCfbkNw3%2Dvtrl3tE%2D5y2P1dAn4%2DLG%5FBqLt0qj30o8Ke5R6kOKmCbX6LAdLnzHUDnWOJSfhV%2DkUzUCDOF0nXxAE280z50nvLOpLR6HnT8B3pX33O9v78UL3wMS4GVyyF%2DGSrV5A995jfS7wPleF%5FZ6dxle6nXEuUIESe6%2DLkhSOVTQYiiIgVjREkwIjLeEQ6kyo8dqw3cIXBqLG09cfMf0my%2DtqmR1F7QuEd2qGUWvyzpFPDnac3DJxsqHSd%5F%2DR%5FtBpvruhSeceAMX09NZJF066waqwQH8xOKhEAfkSs7rk8JY%2DQKSlnDgVPz4ghOzxCR1wjtK2%2DpmujeyKkgh0R9ap81LmdpOwga0%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7315374343724469259%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7315374343692944594%2526sid%253D4745915%2526kid%253D6292687%2526bid%253D19094189%2526c%253D21110%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 22 Dec 2023 11:08:38 GMT
last-modified
Tue, 19 Dec 2023 16:32:37 GMT
accept-ranges
bytes
etag
"938843466"
content-length
25207
content-type
image/svg+xml
view
securepubads.g.doubleclick.net/pcs/ Frame 60FF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstv8US_SVZzsyqswfj1k6K7eDEv4s__c-c97O02JBD6ts5aSWqu5WRrMlg8VNOboHqdsM5nkrlojfqayDXMLKo9aEUZrUOS1uqtJ1ffePb-XktEogTy1ft4HvQypZYh1t5sbirSBiOkkeKX8Fr_k0-w7tEACaweR7bHhXyiyWDqhOR9cU6-6Cg_SG7IcjmYwMBWQimU3s75-wgPw8yV-2GGw7gDM3I3h52wqxaFs0RmJg0sdimVKHeqb_T2P6BgHE-DXeE__9G9gr0329SyWu2D7BvsCdtEhgKOOzCt8HAJDPN9ixJzNfN2HsfMSMn26tr9OB3GesxaeU51wgNh0PUykZc-pYv3bPNgG9yTQTJ9qbdy6XFR8DeDu8-jSpiI14E9g3rZ-na1c3GZ0Kfv91B0&sai=AMfl-YQlWPsAm9p6vHet6H40Vf3raHLeCxXewf6833kjkzILDQxm9r1J8S-WTGwG9JNvnZ4u2plvuawMHL9ZXeM&sig=Cg0ArKJSzDSD1gOGP18_EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 22 Dec 2023 11:08:38 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 60FF 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
450367b93e700a3e7c896781ccc424bded60931a46e8f8f880a949005a57bd37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12308
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 46E1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1KQgTtCjv1FY0gUMfLknBg6tCe2l2OIvdGPcEg92DI0fP73nXHI7p5w3AnBnQQuyufANwIsTUtDHFgC_XBPlwwtyFejtY3kfqZuEOLTyweLBDJIN2PvubcOIul3AKGiL5Fn69Ek2kUn4YueLhNsB_nQ&sig=Cg0ArKJSzBgm7Q8OXW8ZEAE&id=lidar2&mcvt=1008&p=0,0,90,728&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1412529771&rs=1&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703243316429&rpt=899&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:08:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 46E1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=3110114821779197&bg=!b2ylbCPNAAY3kmNgF5I7ADQBe5WfOKRRrWTJ3zkRa9oWpOCCgFdW6GcsdcVBOZLEC9OhRfa07mxm6YNZmzDn6KCJtVnfAgAAAIpSAAAAA2gBBwoAGI2vpP6_OtQxoLLjizZiHO4UtTK04ZiHk5kDU3_2VjNwys3p-iLxYByFfwRvMbYGWHcekyCb3kVnlnycVIJ3zbznsEVmnVjYeqRE8nebND1kD4lsagfnWjxldFCPaC94WHN4DezEJW_hDQm2iVBOeZas28jk47AfIUqf9UnGxH_UFZE78EMur0Yaq1zRUl7HQli06GrPjz4fTIOPIiyZLjh2ymwoFDqb8k5xlaj2XkdMpQEis8mZCBGe53dYcXDLN-FEc5nLbjc6nBdY2Sh_yDcc9SKrgn4mPqZn1Ww-CJHDM8w-y0qZqhnJDHO2MOIVP1XW7E7mzeoKVo_gX2fLF03sb72D6wPIpp-MN1IGiUqEyNpR2NBb3__VRTlVe2KqgReZksPduq8ynIcU5UknCo9uNgQEJOpjloSOB3MQOrgOaEnP2puUMPaAeTSTDIdv9rIkHO-SZCpdwH7dm3TmEbr0wR0Wo7oweoNJA-m-frzY7m0RidVfkMq3h4rxJx2rxFtjv2uBQ5hbJD-LEogkvVrlMFJUSZ2VZKSWe7JfoO8gXWUp6J6kvLpGNg3irt0oFn1A55loleHS0ltl3YIPuMwkBy0MXyowSZP_YoYuBfruhz1pi-5SAlerRj3crejIAe9oRS0YKlrIiYBoWw9np8F9Dd1jwtBC5BBk7jXuOwK25tIpgq3ik_CGEtHVRVieLU4xf8oGeiL-kbwgRGFkaOv_Vwv_e7hqBZoPTxwA5vSA4TPTXTipgStV6SirTibyOK7zeNnaU031y1R51HvBAxVHg95g53kg-GqVsjKV1GWFGW0KZ4bYJ84nf1nW9kvAGZ6rSJLB-vqujQk07h_EhaP2Oq5DCR9FDtycyZSNfO7qpupKNNVcbWUr9M2TQar1xbKwNm5v1FLvfS3HmiZ_SB0cvvnOLoXilk365xdZ6hXztfJCaEc5Q8Y7rlhhLaR53bQNMfn41fKOhAeVnZgViJVrp5ZAH1Jd8_l8uZ36Vc7nZtU3kk0Wo40m-p5jT8_Cqan7QC2n1ZVovh7QLXd7AII3AF1MLPOcQ4ozY9Kt0lMBYpBD3f2ryN04Oc22oeZqk08JtQnVe61LNRwWSMlSvOQoEYUWxSHQlTU4ZKzFp0bJbEVR2VWtEc2TLSNPNs9Y16-H65kWB4X9kvLMKxk-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 60FF 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 22 Dec 2023 11:08:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA7D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BT1XLNW6FZfG2M_nHjuwPkdSJ2AcAAAAAOAHgBAI&bg=!X1ylXBPNAAY3kmNgF5I7ADQBe5WfODZ_F6OCWkMN32lgQQjcpckJhNB6nCGumPVjVD_phFShd3H4qvsIS3K5ecw6YfKqAgAAAEpSAAAAAmgBB5kDbWvr9FiJr1AbnrTfY6ge9RBcsw2dyrSHZkxV1f6H9KqS58SVNyaLogn6BwfrXKACsVigP8DwA_2u6B_NdM4X2qDT3KMwtngIRBVI1F-qu1QiN28Ta1xxb3obNm12KPHXwb8__0RacHYw4-DcRIykhtMTh1u4SlJVLBiHKVfE8pAYqu7YlYuFGUTRAR_M2MdUX38mASwNGX_gvfiXz3YGrkp7Z1mtyDVX5FSqAPfKgnPWhAD6NcDs3b9uIXrEfhO8AQjaAuJ0eD2aFkb6NqJNK2N4JO_d2qgaoFNTiENOYnv2kb4Bjr56ktrt1mA92WTFoTJhNAeXc0_Km-N_LayY8Jh2eKvoU9bW8rjxtuW_Scy8s7hKOrM2bR47el6-qSPkYY_3arDyOkv5HT3epEanft_lqODPZBo4OfKIm1ZdVOKN6K8lRQaMQfoVjIZcphWJX-68Wi4t4tkNqk9qcBIYN69oIVzGBzmQTPtq1Xp-T7dSbNZmrggoQkbxpLvIKbqv_HpEjFohszg625mHUgLtbqdYCw6G83fIEJUyDH0hWpObgZceZwWqK2PMlT7nSx4sWXe9Em6QKBeEF-umZSbZXmmobbn_6OuRC5y9CYF8wLO7-O1Th4sFwNVbVZ-nlTt4FVLOmmmS9X_AGNfbn74kXxzMjEBucQuRvXsGlPMVTBP4AGVcBFKb8g6ND5hDBeV6zQnBMPNe0hU7WqzMpnY_3avRFgxq9X_rXO9rWNPu19xTPxUU6EYxY0Eo2ChtF_4ynCOS4rG6MqdEaF5_gxAxWy0wt-8a8XE59nr4IIabCSyhX2PDuoZ4xdQsxzOI374qV9dpgzm1LKeutHALtgKuuIhhdrBA-cHxy7JeJlhJY1xu-UCGECmuxdu0_ymcE3zmbu5QvnHT___l7ATbxZD8xG2CkeRKiEUA1aOn1nJlKjGbE9WpSsGxo1O3ATQfz6l_vNP-2NmjylSCQErJLvm7h9vrO61bnjIKoZfk37gx7yUfxwl4LvKA1TzvPosZiltG8nEqrZWZSgFcY6AxMwZKDokV1UBxquu7dv1N5Jt_qMQHOxoBiIaJsMlaBbgqmvvMJ05Qb9L32pUtNcnQ64yalNuQNSOaa0IRVqYwmETkxR9cbm5UHR8KSPDd4JhgwQZNPMmlc3Sz1JrE4CcHvso
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:08:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DE19 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=1391495508145524&bg=!LS6lLmHNAAY3kmNgF5I7ADQBe5WfOMJ4K70FJYR_9m2r3I8W5-mxecDZAwUA4hBFxXZURHZ7930dNS0_OIifAV50-UlxAgAAAItSAAAAAmgBB5kDNWfTzYoS3UFtQK8fhoFDmdUAyPg72VIVCCcDyx4N3vx3QJ4glWZdzIZLqhFraGRml6sP7UpidaU8gQba55Atwn_WJAO1UbXTkw2YVHNja6ADghBClHbouCMLw50VlcmiChYRIt4R2DWtt1eqLlJmr5haHR3O1_023P2NxBDOA57_sFS0U4Ch_2Okk5A5rnHyM3ytK7CgTB3cc6MFCLpWo8tnVrbFa2nRyLSzgBbUvAyBNg2yVYnKNHHYWNbRRCnLixQFLyy_eXjVISIlIfFvuCIGLhi5zRk8sX_XobgiYQRFAWAHiNziDhmBpZen_EP8BATxbXLSperLw4pIelhrofCkAbHKKR_zgQjqYZW-zDiWSq7J6ervinXyNYHEZ14oWOyoYDrMJYfzkE2EYM7Xvj9y_U1bB9r0EtRcBcMWZzUrgVM_5je8bdIdRMgv-mqpCq_6rmKdFITA2Kx9ltRIYVgk95cO2LgWabbBDLBodAhsfxcM8AdQtHf_X95O-k7GvYKvw4E1koknZlbng4G3Qu5T36LIOFLzIQEE5rH4f3tfuDL4nZkBUyNniD7iI8aAFIAdoNJ5M_9nJz81dJkWaGbQBmIecNy01vEidRfqVgf91pdaI27y4KNWq9COzpAfuod0fzixcRcW_V9q6neq665wMCE4WXzbDKtHJUkt14jyIMlfTBvHxZ5reSjTMaZo3myxg6xNhfURAoxxuK9Lvnuoy3B1J-rM8Lnotx9Yi18ycIjxPU938WnHk0g8B0Yq1HBoZ6Psi3LsbCkUH1nY1YRFV9T-RsQqZpbtLQ6ywgRgQA_OVjOOxT09-vqhHPjJny1HuGdYjo7zh-Ccftmrs8UdMl-zwez0twuGN0fY9U8pv_345CJOUwp0QolkV4kV_jSSSo7iH7RsZxGyQMYD1eQ_p45jIfhaKAReyf6uWg4opDzpYHiE_5E-Uw3ZgN6owg156CrLsi2jGqOvpmUkhCsokOoW29_0c2aEQwlpJk4ulyMbuDNPAHYojXcBhbCN67ihjS2eJu0WdI5_aNLeZj0WLcX2ZWmGJzqpIbCrMByJMahdotoiz0KuK1ZfkqbLfJVQnj_2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3C80 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2141
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 10:32:57 GMT
expires
Sat, 21 Dec 2024 10:32:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 24C5 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8557ba090991e1aa959542c2793e4982da5e3714e78b6ed34f74212d694535d1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UP7Z2uCaOJ4gB0IuFUCcKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-UP7Z2uCaOJ4gB0IuFUCcKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 22 Dec 2023 11:08:38 GMT
expires
Fri, 22 Dec 2023 11:08:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 3C80 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 13:10:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
79077
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Dec 2024 13:10:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 24C5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=2843191572254011&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 3C80 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?xc6Ong
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 11:08:38 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame C947 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=1177456641719290&bg=!aWqlaiXNAAY3kmNgF5I7ADQBe5WfOPbU5YWgtinymJWrmwdhAKF5uFA6JCV_-7jR85kPWUoCb2cVUCbVZKuQcJgFp2EUAgAAAGpSAAAABGgBB5kDRKEimE8VbAsDiBYUYnfEkY_wKRJyVGiFpNxPizwLnFWCSW-XNSnRIrozUjaECS6gdl-foNcB93klvMxocH8QaqkaTKfeR_mFotFd0bfYvMESb5eZDtyey4mjixl8XXUxp_k2929f5xFdZaYzBfDLr2Z5cy-SggJHZDW1L8X85Yt9nDvab0-2sh5C-doqVMiVx6NiTvEStW_FAECgc0dSeB6OYNBAnDUBLfyJktXBdM4VvEHvR9SU-hJcvziflecQZfOQrl5Sb_l3L1SvVclBOB88AGG1fxm2HGII20QbDFncvgMlg3qBb3dEBvQfKqtszz9y85Kv3VIFN8h2EP97x_6MyrP61RFr2QlG8z_XQ0yuUMetO2rfuDBLvtYRV-mCX7Uv9MHbqqk9kqLIEsvjcTp8DSS0umxVPABd1J9xm4cyp_D8XNUo_d-BICOlniIXSVFNlsmnX7lHKlD2snib9Qz8xUbut5GK3WTepcDf_E8MdBmYvsJWQLDHC1fszt_w1zmkPNWov5Jx-LOkyaID75J8Pl584vCRZWyWlOXYLcjmfCO3kYe0s8i1q1kF0pj1x47gRv0aqI79_kjrsuN6Hp4530nqlEGL2EHTDcUgX5I4rJRdNeA0yhMfgGjOuZrMdxoOgISOnSkzyhsm3YgBHNrlYePOb62QvDDCNna18ctQ-nhWEgiNt3g8SDETXbN7qlaWqK6yBgFLNnPnpKt9UzkWitO9ASiL2PERq3_ncakDvRmfPb4Esn8TR7_alTW8zUtVzk_aCSnYrXIJE87jASvwmrFoPVsv6C_SdvVzBALdXoPc78ThnGemparOxicgPAI7qWa2RLcPeSq4jboOfu_fFeJVXyEk5_saLVtYQUGywKXHObb4m9ff3fQYnM56tSq08HtOmi8AGihHikQ9c-78rYwLJQleT5Zb2--LIB9LHQwBi2sohEpeUDAOZEXaA1N3v_Snia6wuUAQgPlya6HTZe8vK3XwEO7m1IvHZO1g9QMfljV6jEEvUdh-nx2aV1BqMVI3KohFYnCX9giR9flk7OnMqYiJcC7r5t73zOBhHiLWa7TvsTP3y7CkAZ0lU5zwMkjh9c24HAKSOIBhrKQQxk5S
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 2B4A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=3790887298648475&bg=!NDelN3jNAAY3kmNgF5I7ADQBe5WfOKUUn9f8IxTTchOLjEsXa5Bm5UfqMN_R-RJQeoS7Sy7JDO7ZqJpUIwwNT7XDrHQ9AgAAAFlSAAAAAmgBB5kDQK6fgvfM5A5scUZNQNBTQYCL1kkDFULEviGK3Dw0jY70dEVhxSo-zSJexhwBuN7vx4Feh1HNFARAy1tTOF61Lkqlt_nUKPNe3qpXCgppo0uQsC3Om4TrHCaEg7xLBwJ-WDZ6z90ntcJAlIRYfGCPYczlz6AykB_ynZSQhlLhAkXbUHWL1bO49lp2fV9KQB_-QMpByQozKOOSVbmcSkRe7xytddehy3zwitnXvO3Wt3qJqJ0xU1EeLIQt0hpFCUGRqjMEh9UZnhCdFRhprCvsIOkJSvxVWBSew2U5pZaohXKQjtPdkiwGPt37SmHJBLj1T5dcbd0L6DedK3kgcRLPkYWoMRWyUbI1jmMkL3tuLDcCZo8GPY-gP5uE9dVgopBoEORvqTD6K7umN-eeAhhvjjjlsPVHkKLXCwGqA29jj7nGpA-p3PhBVudzKZ0B8YhF_IFKqK_xMT3aOk0eAg_aObXsXjzGGaYhJ2HSdpQxbaqrgQtOyzZWElx6lwdFEIawrvtH-F1-6mSjs9CHfrC8GDHSXe2fcV2ObrT8O83d80pDsBjmiAd8XaGE463Oru8a4A4iwvBA_DBQRBHqpyvtNY-pkv95Xz7OhVEjzi3AiIw7arw1Di7h6kOBkOeWP-kBzu-qcnLlHWSN1GMVLSRD6X0__FNJzQsWdbJYjT7UHRtKqL5CI9oiW71ILnQMLIcgZ2CCR56b8HVZru5kpG3aGvC_tC0eMXhRGh0iBro6UxDCaHfh2QKmiXH3JpPwgrhKryu1EkBJKlOz7GYdjcID7DHr2zY5ZeptthvlkEhg4pgNkSC9lv43uJk6EzPV0QaA6s0hLtw0QNtwdbGfg7xggkW8YNKf4FqPuRYjEft5NyiFYp-AsEsonf7KZkfFd9-csOW0yBSS2mP7qT88PUALmLjLtTU5pmAPiErIN7GRS2nvP0YazmwCmKboky4Mfs3YFpKoDbO25WQOF4vlNNhEoKv2Q_8J8NUJuInG43ur39Wmh7tfecPbvpdxme6NDvT0vfxpA6syVuAf_96IcwKLq-PYsdqO7-hfKgvu9Osg51o2aSC_O94RdalRLymk1u0e7N6ply0TENSVPYJZANjEIpE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 60FF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=2843191572254011&bg=!8fKl8r3NAAY3kmNgF5I7ADQBe5WfOFI6hNtRRSFnz64Hh1TJew38vj6BiSVMlMk3i21IhooBFYFCvjRkW7Ix7ZCDQxsAAgAAADlSAAAADGgBB5kDWuj9ZsMtDoEVnqPw-3MUvzSWsHl-n7kvnvVsGqKfhj1k5bOoZJ_9e0YZuLMaS0XONJALe_Y-iWFqvOCKRwigE9RFmcAvDjtM-gSkxu42_Rv_BNVEZ_oWhE5cCcsY7pDrsf-Qe5PYeqcEDI7CxFDOpweZwK5EKp4APD-H1Gj9AEzSMjelnNrRpsikO1E_2TQiy_9_fb-BPV5yoUnE73RkI3vicKza-cUj1N7NU3TYbZ3UZOB059cmf4sBjS1kERuvNkRhmXrTs4RFMtB8fd5rbFKTfOCzXRDYSdSvFblvQjaReYeyCmnKAp54Wy9hrlNtZ_g0ol8KNzso63kmEgZnpuTcC4JQ-UF4rN0AYqzZcIKEoN8rUqIzzDdtTS0fSg9Sj-uXtioGTaDUendmUdIlhuW4lvSkERn0mHf42Oa52R1wTSURG7bsrqiYopSKXUsVZIZmv-nM9gMi1ct6lfgeGheXyP01HcE5r_XhBMq1YY-KC7jEQeaYkZKu3e-cwsQTPVy_Yyfi8lsRSq5bdTRZ2Z4qPusgLxaTKBM5uTTLYBVwezcryy06ZblqUn5eVvNBUU6pbus6Xrx96IXc8ZqbEbmdGE2_xxV00NtYBLaoKdDHLG_PnkwHZ_rTLdkY3L4Ool9VbmZ50E1oyamkRiB-asFqIWrZ8r20zspi2-2dhdqHRDmz9negekh52vbCvyG7U8qAQjUDgc21RIsh7fmENRuJ_qXAqK8HgJCCOn2r2zYF2weLTQ_Kz2AfMarXvnFgvyLeqeCM9ybiVB2lFQhiAbmnVdkQKP34ZO5lRS-n_vfPyL2KckukaFcBpdJ34tcI1QLCN7OW5zpXADQcFZSMT2qPu5KndRyt35t06iJfbVDnTgQASiDRumURLhSybmDbHrqCMVVeVh2l6FT__hh2fv3-yGogcOhQs3NYpUXKvuteUyL6KkA5HQq59wjqZpuFoGIYmnmlYwZDUYwyYRQEAsTY9nJSBd1omFHI-kzwaYGR4E7_nG1-V86lUczltqV8KzGSvp6iP2j79dciUrCxYbDIr-UGd2I3eGRsZ0_SH-rLbkD1tzlZC4LxBdrkFnQ11P2YZG2c7-lwoZToxBNURa5R1axD-LRJCEreZyfIxu3MZHi2LDdJoOT_9A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame EEEE 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5503367077075&version=m202309260101&ct=77&x=1&cor=13968835423680377000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Dec 2023 11:08:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS number| ampAdSlotIdCounter function| FormProxy object| __AMP_EXPERIMENT_BRANCHES number| ampAdGoogleIfiCounter object| gaGlobal number| ampAdPageCorrelator number| 3pla object| listeningFors

16 Cookies

Domain/Path Name / Value
.statcounter.com/ Name: is_unique
Value: sc12916097.1703243314.0
.statcounter.com/ Name: is_visitor_unique
Value: 1703243314411580742
.xgcartoon.com/ Name: _ga
Value: amp-p9Bt0_bstAkl23bHflv-sw
.doubleclick.net/ Name: IDE
Value: AHWqTUmjDUFYiUn7FVZMzOiPam9f9S__N86zADVLAY8QRkXRi5CB7Au-gNapO9J6TIY
.adfarm1.adition.com/ Name: UserID1
Value: 7315374343692944594
.casalemedia.com/ Name: CMID
Value: ZYVuNdj6lz.BI-UQGyJDswAA
.casalemedia.com/ Name: CMPS
Value: 1144
.casalemedia.com/ Name: CMPRO
Value: 1144
.adnxs.com/ Name: uuid2
Value: 6515208821964439437
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Ilgf9JY.!]tbPl1M>e)ZlrFUfJ+tGXxo@<sdl9<oLUlM'^GG@T#w7D'n[[aaUh]?vN9J3If)y3KL9D3I?+h15SI8
.doubleclick.net/ Name: APC
Value: AfxxVi4C9uWyH-hsppot8P1w2gF5w9Gnq4M9XL73yCPOypbx2s2zeg
.adfarm1.adition.com/ Name: lv_6292687
Value: w=4745915|t=1703243317
.doubleclick.net/ Name: ar_debug
Value: 1
.quantserve.com/ Name: d
Value: EG4BCQHcKoEA
.quantserve.com/ Name: mc
Value: 65856e36-36af8-b87ac-9872f
.simpli.fi/ Name: suid
Value: B78F9AFB69A9442280BDD00F76A82436

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1dbcdb917fd70818a52c0ea050bef9ea.safeframe.googlesyndication.com
ad.doubleclick.net
ad1.adfarm1.adition.com
c.statcounter.com
cdn.ampproject.org
cm.g.doubleclick.net
cms.quantserve.com
dis.criteo.com
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
ib.adnxs.com
imagesrv.adition.com
pagead2.googlesyndication.com
region1.google-analytics.com
securepubads.g.doubleclick.net
static-a.xgcartoon.com
tpc.googlesyndication.com
um.simpli.fi
www.google.com
www.googletagservices.com
www.xgcartoon.com
104.18.36.155
104.20.95.138
169.150.222.217
172.217.16.198
172.217.18.2
178.250.1.9
2001:4860:4802:34::36
217.79.188.2
217.79.188.60
2606:4700:20::681a:3f3
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:829::2002
35.204.74.118
37.252.171.149
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00ec1365c05b2843c4e57ff0b5006e9501b19c4138d7d1286a7d42ab133b0d03
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cc4300a9fffaf77f0abe572bc905ccd085437d5f6511057f2078caecace10ed
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
10a9496c968fb01e420759b953e1c683c7620261d4d04ae9a290d42dd63d4455
1e2aa31ea0b4c14103915ba7d906536f68d021c22d3038b36c145bc2e6a2cc1d
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
204fdb307e6f9f36d07bfbb9894e5077b99139be3781867d8b06e08e9c247824
235739cbea8365a26556687cf385c19607d671e4eff0ef00e0d7b7e185b12cb2
24dbca256a138921762e3d07a5b42889d44d97389a92de3154665f2a1687b53c
261b798a0deb97b6a88669eca66323e4ca9566fdeae94febf6ab862088119822
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669
2c9c549b36b2d2d1698810a28e3e89c1b033bb3ed057886e7b4d26d4c6d76056
2dfc3120b346b740f323485e3711448804353c1c5c213ec822a6ff76e0c7b8ad
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3973d479148068d3d66f67b898c6f7fcf30e0e650581cf018c9f64bfff80fddb
3b8fd957271a7089ccbf728bf63e93fd5de3d78b076ad856a91bed46b09d5abf
3c54442f21c2cbd18f8e6e2508129e77dab00b67022621679202cfe3b9baa4e9
41028f1ca593711ac048a68041a1db5d1f3d4da2916e0463588fd360f38bdc37
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43fdbad1e70b4ca4f893ab921a117375f407ea61cfe84f8530d44e9dc75afb28
450367b93e700a3e7c896781ccc424bded60931a46e8f8f880a949005a57bd37
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
497db998c21e65514089d554d71a0c6376d78876119d80c61024bccf96126284
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997
5fbd85c9c9c9ff7edb84dcbfb3d6722575878d4fd275792bc721a37e257f9d9d
6131dc1f5f4917d39d60cc5a0acdf6cc86983144801036d6a6dfde7e265a1b00
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6356dca74d480f9fe67e7a08ad460f342880cfb3004f3ef6d8df6db39edae277
64d54b3d080e4adca43d4efc5fbec23b872c5b69498c4bf3b5a41c662de8a00b
6861b8ab1210f276e500cd62b3f13f6790a92489e52e0ca26dfd4c794b9f6530
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6db2f055c71c15fde67c5b3bff49434f27ba7ea4261227a97b5f24cf4ea22dc7
733f3312d0a6ea385c56131985cad375dd697cfb4a810621a33269e67ea2ede3
753ca84bd70fb1e841da1be2b4b7de6b807278bb6b4527f36eba859c3af420b8
75d290c66435015b67ba38a991ef393c4989c543627feb54e046872285e07a6c
8013407130f3d1c34679b5d4a3ca7d56ce95e0a656d501bf0920e8bd8732b6a3
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2
8164a9fd10bd783e275a7d359386f4a4eddb6423ec02b367cf9b0393a6a5efc0
83af0c09a4f51158ec41f22995415aad509db6ef38d91c7feda2503acf5c49f6
843be4a90a54770262f21c295ee8e308db565183fe42cea5f09068e02d7568cb
84bef380e66d452d18f1d82afcd27fb5ef50bff2c21f2a208da7210f0bd6b560
8557ba090991e1aa959542c2793e4982da5e3714e78b6ed34f74212d694535d1
86d56b5e3f897dc34253a3f6ae7fa15eb35518c9888bd204fb8eb0e9dcdbfd09
878a2cd75957206fa5958be9c549e0b8f9adf16b6ae5aa305b1405649f2d84a5
883d3027bf51be625957b794722a5129011fc51eb11311d0c06c0e96386ed8bd
89f1b87cf5e58eb63b40edf0ccda2e3e5540d13e4b415e49800246a70c08db1b
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8dfad163b0a7d8e83f7fb8712e068f7410cc7a71038e57b09d63a8af2f6612ad
94aea748a7ee24920e714e2e7f90b23d48298e7a79ae1c666308e020ab157a3f
95f9669f86fe28fac80e3a754575893953ce4880b37490c44fb603257ccfd95b
96ac482f16a2bd9b4d1e7c4ff468a4fc875968aa15fd9aa4df335435ffb74663
9883d27b3f72e5a653a4baa17e904e8db6c9063e97f1f302d49d583e5b2e7f66
9a131fc01b268534108bfc3fd57f94b172a372eb49e1f2adc641947709770735
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9ff640cd32b6160f76fab858e13b05afd12bfc2e9327c01bd0c5e853afade68a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a21e5aac3e7798cca7d03ef4fc5a38752e1326423f2b99669e58dd4f105ae048
a4469ab0c7ce65d2198202049fd355d98f792af76a35177918585c167bbbb5e1
a45cce4039d1a24390f17f2a13696864601a113398402930fc1a29e4b74d732e
a52c807b2276459872596299fb8852bc6c4bc89c77c206e69549e1ccd8cf56d0
ac79466527bbddc1f62ebc9439506bf48c8c6f19cfbb8e2bb71541c45e0e032d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb22b6f1eaa16879c8550599bc09f556bba897ecd3826a49db742558c1e0751a
bf5e73ce29fe3acfe7df3893d33ce608323928a2643dfc84725a3b0217baa1f5
c6eefbd6f1f1f64525a0f0e69c4b0c0a08e76c1c0ad63361a28f0b920f58b5b1
c7211b35cb0e6403546377d7a25870102eb82d1b9f817bdc1d41844011e88a93
c82dda4d8680a3128bdaef741267a4b107cc63dc88691b1a47f96c3b15f2cf1a
c93dd298a227decbcbc5fcc458c787f081db10425e322950458c08e0656384d7
cae2bc80669a8710661c20b014851082bfb04dfb11b7a1e24aee2d45b1a09aeb
cfe355518d9fdd1c597500251c0b51aa4fa9d238f34cb3126acfd651edf4cfc2
d50653c6b567749e8af96b01371c0830a1ab0731ac3e13230bc12913e00c4f52
d62865bdb3303a0067669d76aa4d3a0edbc3ae79008cf2b8d15e2f203457e3c1
dca1a0dc1f2b52f18cf46789de016d2937b1829b3f2db9a19aa78f31a9694e5a
de4a8de27816c4a35469116b47d2f09682b610f92d4462c51dde1ab101b60421
de6f3845be49878afb5314dd5297e48423a4e952b0ad7fc367627de0338d49d7
e0435079f9a4a1280a9ccfbb593d29768c3f96b4cd7b0c6ee2134f820b5f65cf
e1797b36cd5ade208fada0195657eb7324024509d82af4bf9b5d6375b6134bc9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40d97b983b5756bf934b6b97d8d3fbb7cd719406bf82fee6e8a2c1acced376d
e6718089f292dc7eb38d1b174713320b730f682e810e0fce91b34b849eb00762
e7c872f016d4de45e603b00879e9b83d4d39228864a9df9431bec432a6343fcb
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3cabe65146cdf1ac4847908d22a66ef8e2163c1dbd812d7102ed939ea848287
f3fb12b83a5ccf74d4c5b62c1f3f8d636d2b7b4eab5cf4c52692209721446c0a
f530f6332f62e984dd2bce7c2eb33b915a130e79e0a0075bf250bb7a7e823fbb
f8d1dcfecd75072e5d920d31a9965c616a7a09d98ecd25071e3d62b2aff4329b
f988c2da4f2109029d1265f2468e55b8f926a4095700ea8a2a9ac20b67396528
fc5acef9da49afd9d14cf336a62e276cb4d4b38de50103868f9077d73f2ea410
fee1dd955bc7e9487b8a60093ff8ab4408e156718f83dc6fb686e23e686936f8
ffa0f66496acdc68d7616dc3302c9e7a30713143df54a5ff4f9824a243a538fb