www.xgcartoon.com Open in urlscan Pro
169.150.222.217 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.xgcartoon.com/
Effective URL:
https://www.xgcartoon.com/
Submission: On December 19 via api (December 19th 2023, 1:28:57 pm UTC) from US — Scanned from DE

Summary HTTP 393 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 36 IPs in 10 countries across 39 domains to perform 393 HTTP transactions. The main IP is 169.150.222.217, located in Hong Kong, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.xgcartoon.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on September 24th 2023. Valid for: a year.

This is the only time www.xgcartoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	169.150.222.217 169.150.222.217	60068 (CDN77 ^_^) (CDN77 ^_^)
13	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	104.20.94.138 104.20.94.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
51	2606:4700:20:... 2606:4700:20::681a:3f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 31	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3 52	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
54	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
6	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
58	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:18eb:9096:ecfc:cea8	16509 (AMAZON-02) (AMAZON-02)
5 26	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
3	35.227.252.103 35.227.252.103	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
5 5	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:211... 2600:9000:211e:3600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 4	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
2 2	35.214.241.154 35.214.241.154	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
2	2a02:fa8:8806... 2a02:fa8:8806:21::1720	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
4 4	216.52.2.91 216.52.2.91	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
3 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
3 6	2.19.245.101 2.19.245.101	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2600:1901:0:7... 2600:1901:0:76b9::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	18.197.41.124 18.197.41.124	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.5.132 37.157.5.132	198622 (ADFORM) (ADFORM)
2	81.17.55.170 81.17.55.170	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	91.121.248.44 91.121.248.44	16276 (OVH) (OVH)
5	104.102.45.165 104.102.45.165	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.255.77.250 34.255.77.250	16509 (AMAZON-02) (AMAZON-02)
2 2	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
2 2	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
393	36

7 169.150.222.217 (Hong Kong, Hong Kong) 1 redirects

ASN60068 (CDN77 ^_^, GB)
PTR: unn-169-150-222-217.datapacket.com

www.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.94.138 (None, )

ASN13335 (CLOUDFLARENET, US)

c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2606:4700:20::681a:3f3 (United States)

ASN13335 (CLOUDFLARENET, US)

static-a.xgcartoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

58 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:18eb:9096:ecfc:cea8 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 142.250.186.66 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.64.151.101 (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:3600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.75.86.98 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.214.241.154 (Groningen, Netherlands) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 154.241.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:21::1720 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.52.2.91 (United States) 4 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.19.245.101 (Düsseldorf, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-245-101.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1901:0:76b9:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.41.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-41-124.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.132 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.17.55.170 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.102.45.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-45-165.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.77.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-77-250.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.122 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.200.5.215 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.13.224 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
116	googlesyndication.com 3 redirects d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148 pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	2 MB
71	doubleclick.net 10 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139	473 KB
58	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 25796 ad4m.at — Cisco Umbrella Rank: 11359 assets.ad4m.at — Cisco Umbrella Rank: 35458	490 KB
58	xgcartoon.com 1 redirects www.xgcartoon.com static-a.xgcartoon.com	3 MB
23	gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn0.gstatic.com fonts.gstatic.com	529 KB
13	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	836 KB
13	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 428	260 KB
11	google.com www.google.com — Cisco Umbrella Rank: 2	3 KB
6	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 145563 static-de.ad4mat.net — Cisco Umbrella Rank: 192580	1 KB
6	teads.tv 3 redirects sync.teads.tv — Cisco Umbrella Rank: 1299	1 KB
6	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
5	awin1.com www.awin1.com — Cisco Umbrella Rank: 13930	3 KB
5	casalemedia.com 5 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480	4 KB
4	lijit.com 4 redirects ap.lijit.com — Cisco Umbrella Rank: 650	3 KB
4	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 714	1 KB
3	medialead.de pv.medialead.de — Cisco Umbrella Rank: 47317	979 B
3	openx.net rtb.openx.net — Cisco Umbrella Rank: 695	424 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 372	955 B
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 478	2 KB
2	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 742	89 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 560	1 KB
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	291 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 546	2 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	297 B
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2627	207 B
2	loopme.me 2 redirects csync.loopme.me — Cisco Umbrella Rank: 870	919 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 104746	1 KB
1	lead-alliance.net 1 redirects www.lead-alliance.net — Cisco Umbrella Rank: 89094	427 B
1	telefonica-partner.de 1 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 88416	257 B
1	360yield.com match.360yield.com — Cisco Umbrella Rank: 1765	199 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 780	759 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258	573 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 749	463 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 674	238 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 339	670 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	756 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	256 B
1	statcounter.com c.statcounter.com — Cisco Umbrella Rank: 10182	470 B
393	39

	Domain	Requested by
54	pagead2.googlesyndication.com	d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com pagead2.googlesyndication.com www.gstatic.com googleads.g.doubleclick.net www.xgcartoon.com tpc.googlesyndication.com www.googletagservices.com
52	tpc.googlesyndication.com	3 redirects d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
51	static-a.xgcartoon.com	www.xgcartoon.com
31	securepubads.g.doubleclick.net	3 redirects cdn.ampproject.org d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com www.googletagservices.com
26	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
20	ad4m.at	as.ad4m.at ad4m.at
20	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
18	assets.ad4m.at	as.ad4m.at
13	www.googletagservices.com	d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com googleads.g.doubleclick.net
13	cdn.ampproject.org	www.xgcartoon.com cdn.ampproject.org
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
11	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
10	d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com	cdn.ampproject.org
7	encrypted-tbn2.gstatic.com	d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
7	www.xgcartoon.com	1 redirects www.xgcartoon.com cdn.ampproject.org
6	sync.teads.tv	3 redirects googleads.g.doubleclick.net
6	www.googleadservices.com
6	www.gstatic.com	d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
5	www.awin1.com	as.ad4m.at
5	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
5	ssum-sec.casalemedia.com	5 redirects
5	encrypted-tbn1.gstatic.com	d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
4	ap.lijit.com	4 redirects
4	onetag-sys.com	2 redirects googleads.g.doubleclick.net
3	pv.medialead.de	as.ad4m.at
3	rtb.openx.net	googleads.g.doubleclick.net
3	encrypted-tbn0.gstatic.com	d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
2	ad.doubleclick.net	2 redirects
2	eb2.3lift.com	2 redirects
2	secure.adnxs.com	2 redirects
2	ssbsync.smartadserver.com	googleads.g.doubleclick.net
2	c1.adform.net	2 redirects
2	x.bidswitch.net	googleads.g.doubleclick.net
2	sync.1rx.io	2 redirects
2	match.adsrvr.org	googleads.g.doubleclick.net
2	dclk-match.dotomi.com	googleads.g.doubleclick.net
2	csync.loopme.me	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
1	partner.o2online.de	as.ad4m.at
1	www.lead-alliance.net	1 redirects
1	www.telefonica-partner.de	1 redirects
1	static-de.ad4mat.net	as.ad4m.at
1	match.360yield.com	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	s.ad.smaato.net	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	region1.google-analytics.com	cdn.ampproject.org
1	c.statcounter.com	www.xgcartoon.com
393	52

This site contains links to these domains. Also see Links.

Domain
cn.xgcartoon.com

Subject Issuer	Validity	Valid
*.xgcartoon.com AlphaSSL CA - SHA256 - G4	`2023-09-24` - `2024-10-25`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-05` - `2025-01-03`	a year	crt.sh
xgcartoon.com GTS CA 1P5	`2023-11-16` - `2024-02-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-11-21` - `2024-02-19`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
pv.medialead.de R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
ad4mat.net GTS CA 1P5	`2023-11-18` - `2024-02-16`	3 months	crt.sh

This page contains 54 frames:

Primary Page: https://www.xgcartoon.com/
Frame ID: 9769FBD86D773CBC1FF9F6267C512F85
Requests: 87 HTTP requests in this frame

Frame: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 983F52A3FB2231B88118AC2959123EDC
Requests: 11 HTTP requests in this frame

Frame: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 62BA6384C325C9C8ABE6E65401DE7B6E
Requests: 11 HTTP requests in this frame

Frame: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 7A184A4F484C40076BFAD089F83DB914
Requests: 21 HTTP requests in this frame

Frame: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 4CA27682723D789B6B23721B6E18C638
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 62305F8C2BA540774EC33DCF0EFD0C5B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: F5164A67920331D89744F315ECF7A8D7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992530259&bpp=121&bdt=178&idt=324&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809003%2C95320884%2C21065724&oid=2&pvsid=3463301039266083&tmod=1732282852&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.14ei4iedu2jz&fsb=1&dtd=330
Frame ID: 355C5F6FA748198D8A56AD123E8876D3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046732&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992530227&bpp=102&bdt=158&idt=371&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079265%2C31079758%2C95320885&oid=2&pvsid=1124386423904263&tmod=2023263088&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.rrpf4hnzlvqe&fsb=1&dtd=380
Frame ID: C77FD51D4A16E6EADE8FEA46A9A1A5C3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046729&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992530338&bpp=152&bdt=82&idt=326&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079266%2C95320885&oid=2&pvsid=3606132586892117&tmod=1523838000&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6kxmn0evvl1u&fsb=1&dtd=332
Frame ID: 177E67BD331E93E12FD6AD0DF643C8AE
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1j7kb27bwrpehq9wy9kghecgpe3hk7fhj1bmthrmwxw5ncs6anpvyh2sqrar2yan2ge6weghj5spcsz1jqv5gz0ecbkmcbd01xfn9xm2ygkaevwv1yxzcg7mhrt8pw3kpwrxvz26fz3hkz5jy4fktr4zva07m2nn7afjdvvnra0sc6bk10gv060qp8njhg1vnd85vsdaje0nbxmq6sc5kmdr5p2dry23prtm30qcesababxpm9hdpjjhwkdwsqezd0cdf8s79xrk58n2jrd2wrxh5yvvteaxzw3wmsdh722x2p7shrerdtdtmaqb4j62yh3kg5qk6cefp2ee6nagnx563v1kf2n8qm9vcpdh1mxp5312bbzapyaehwzq14ney8ccxbv5mmg449sfafwew5rnrg3b20n8wekyv44mvrchs9dn6940x3jq2hr2k3qx7dm89an59m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBmDjkpqBZbaCKrTs_tMP5a2HkAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoE0AFP0O4hERuyz_9bzw8LRZsSLRsslQnYzl_Uh9yE5xXjQqPtofUF0JKYnyHozn0gMpuduN55tPOlz2tqEt_-wcjpvErKNAdEjUxsb72TjubiBA8vZrwjGBDSzgoHDVsWTjO-2OFATQB5eRsPB5JoN-_rYFHZRYMkggbL3ksD9QWOTRalHu52wYw-LoMNAQ-ZdrZyRmL3rgsX5IbPQeHyUytuKFTbY6slZzIhWp28xu9ae0972l1mKxGdw4unH2a3lo4IToJ9MeRbIhOgwRQ6fixwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY88Lexs2bgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Ein2OYZ7lDSPeUrzj4JD_lQ0ubQ%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: C26B42D239E3737016F2F258262C35AB
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Frame ID: B4ABABC0BB07A1CB15C10A617B75C159
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1D738E4D62400279D54917BCA98681E0
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1ja6arpmrxcg6trd213q0javdegknbgezvfkbrg838j7wm31hxgb4xxn5mycvdbt17xedvyp8w179kfgkehg8vjyf8wghmvznfqsv7xrc8xhtpbj1pcdc6fm7206twcmmd5byrvz22w9646jfe3enf8ew5nxtgzyjezwwn6sgwvesnca6mh8sxx050xg9h2c56nncjp87kk50egfeh3dc969vg7gmmwvxw6brg91w23hcg2hnwn4002ryrxfrferq4erb2tsr7pp1d5n0z3eb84hdwcdyexqqqzsb91405ervz54xmhgfh353vcw0hhebsmaxrrdnrf8vv8cyqk6pegqbmy154qktsvx6ka0m83heetpmqmtxkmp83r5q3xzkm1qdckav32rxt215488kg72kdycsgc8x20srghf0z7br4fdvsqs1d1etnz633s26tt1kgez&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMGH-kpqBZfuUK9eCngXSq6nwD5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAgCIDL1wVbI-qAMByAMCqgTTAU_QhI243KW7R0qqcbXpb2fzAJdJ-Hug_qKbATBIfvaVNOdkWpet7mY-KLq40MqiZJhMTVRYFLuZStIL8PjoVHkVSwm5E0anBo1HzqvMQuwOBUniwKMh96OuyJLF-b66fqbwtOHgpbFWwTAOPpgOaMxjDIsKbSQEbwe16Mc50df91au5DvGfvqy59OSdrezJ7oVZS_f6JZ2mhqx1WvAq347tZO8qzXWraPWsUFTyEj_LzGLQipFH0mfkHMBtlZCoGvQGj07etKfBrfhx4PId8huqT0OABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYg8nfxs2bgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3DfWg-kpOgKSp_fLx2YL4p7g5QHg%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: EEF9A104E17C1C8CB0C09A70AB56285F
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Frame ID: 497639DE98331D39765A9B9EC2AEE78B
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 276543E120F56F00F375050FA4A59E02
Requests: 9 HTTP requests in this frame

Frame: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 1DF19B7E5F8BE24064E9C2CB97C79C06
Requests: 16 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1htfyzsyd3ydj99zygtzv5mww3tjk1f85tqhpqyd9qzw2kgn4nye2tst1dmd1mtdxmgenb7js9hw5bmtgrppb47g9q9r747wtvy6jzcnj5exer3391sy3e2pk1kq099b1vp7gx7nk7mk2vnb5qg56nsj3dtg4qva9r49fhq5xznh5r43hprvp1z7gyphen3a078yvaanq0kab1hjxb97gvw452kz4x4a56rvvemw4th6d53ky0dkr49g7ggfxqdy273xnsjhgxb1t431pvj44wy9tcvmmt29p5dbjv7g4wa0vzwwfdxra8gpsmvvday4azkq5bdkfnmjkry8acrekbwakpt1zpbmd4k3c21mq5jkkn5xmy91gq78mtnpvjxt28tb0gv2bz38deqkkqx74071ba7bf4y89eszj4ewpcmktzwkzj9p0g27qzy5vnb0j4p9gajn&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-VNrkpqBZbnzLoDF_tMPl9axsAOQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoEzwFP0IBLb5qqUif6JYoNjnH5b7ip6Op5zAcn03jsCRnkB0lCtK36i31BL4mCSMlttUW-eT_W3l_vZh_4lTpGbdCUtYFCh2gMJeTy9FvKb3nJ8Jgh1FAmhOddU-Ey397zSI8A63YYNngto4kNdWBQcXilXkuCBdG3idOs1lCP4DLiIC67Iy-eANlatxrOF08AggVoVpLLGQtEJ4F9yBDrDoUzxgbcQOnAJ-BVMKUblcdDAygj3lSyQrkcLoHxNupjkHYM-2bwfbEFBafGFUsQ9iyABvra74OwvNiX7wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYus3jxs2bgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_18uW6PjgmqeaKPVGz--AfNhiEgcw%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: 58BC833C2B69AD6492249EC50BD26C63
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 68C541BA101E348E4ADC543810C72490
Requests: 9 HTTP requests in this frame

Frame: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 8C8DF57E1D2E0FE9031F9944AC044A65
Requests: 11 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: F321B45D126FF76FEC84A9788544A3E7
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 42896CF9C6700F470776CA3399051AA1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 79335376B320C16495F53EE4DC966640
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: A15B7E9AB571099660F5BB93CB538501
Requests: 1 HTTP requests in this frame

Frame: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 7A5C79183A4D963A429667C6BE8E590D
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 91BA62E22BCFA9585680AE096FB1944B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BC21178E45B14A87C4CA6655FE558F46
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9C9086961C9D3B8235065A610C1EAB23
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0D6D3B2C848BB45C5D70924DAF6B2630
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F81A71E4A235AEC9B1D148D5E2B2883A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4644C74782AEDF676AFC5EBA9385089F
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=120&d=600&e=&g=575e5c1ffc8d8a17e99e8fa86b7ec98e%2F7039146224033364183&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702992531550&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqpvjzh7r4pbb5mhmv4az93a0y7dv76xng9gftgtr347qdb0t0wpm23rwkd3ngy22zn31k1mvenayb90dbh4558cz9g2w7jx5r7rg1tytjn7sx5t9r8b16y9ky5qgt2yj1yspgdwzr3earrxvx634jjfrprn93sk29r1tm38yy8416rthp2rvysmyrhema99k9bjqjgsesey1b47ggyqbpzzad0jgehb7g98xeqsfnp6zw0cdjf0ksz1j1rsqnzt43hkhw1022svpngfemwpntp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBmDjkpqBZbaCKrTs_tMP5a2HkAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoE0AFP0O4hERuyz_9bzw8LRZsSLRsslQnYzl_Uh9yE5xXjQqPtofUF0JKYnyHozn0gMpuduN55tPOlz2tqEt_-wcjpvErKNAdEjUxsb72TjubiBA8vZrwjGBDSzgoHDVsWTjO-2OFATQB5eRsPB5JoN-_rYFHZRYMkggbL3ksD9QWOTRalHu52wYw-LoMNAQ-ZdrZyRmL3rgsX5IbPQeHyUytuKFTbY6slZzIhWp28xu9ae0972l1mKxGdw4unH2a3lo4IToJ9MeRbIhOgwRQ6fixwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY88Lexs2bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Ein2OYZ7lDSPeUrzj4JD_lQ0ubQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: B86242C091F69ECEA31BAD9565792E74
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=34719&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=300&d=50&e=&g=82a2f3f0760066a9a7baefac43cd36a9%2F4739944954464993950&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702992531554&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gt65m2zajz2vh8hmmwstbjc18rvb6gz1xxtyb0np0ptpn17d8v5hzmjx2c9skhjpjxcwjrhk05gfdr274y83gd42m1efwnsf9rt8710ark2jpgy6x5x0nv4j7gqqva3525n0wsf8wxnx3bxkvfc6erapnc39vqe640p9jp4ysybnnmav2xf6hbaptc5cyhqck74qqkzydcgtp5b59arfxta0pcsp30wsrrj7wd0j5vtynyhrb027hetprjfjayn5pzy2n1mpx8afa59xe93sx35%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMGH-kpqBZfuUK9eCngXSq6nwD5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAgCIDL1wVbI-qAMByAMCqgTTAU_QhI243KW7R0qqcbXpb2fzAJdJ-Hug_qKbATBIfvaVNOdkWpet7mY-KLq40MqiZJhMTVRYFLuZStIL8PjoVHkVSwm5E0anBo1HzqvMQuwOBUniwKMh96OuyJLF-b66fqbwtOHgpbFWwTAOPpgOaMxjDIsKbSQEbwe16Mc50df91au5DvGfvqy59OSdrezJ7oVZS_f6JZ2mhqx1WvAq347tZO8qzXWraPWsUFTyEj_LzGLQipFH0mfkHMBtlZCoGvQGj07etKfBrfhx4PId8huqT0OABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYg8nfxs2bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3DfWg-kpOgKSp_fLx2YL4p7g5QHg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: 4C177872008D614737FFB0A0BDFEE216
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=19769&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd&c=320&d=50&e=&g=04c2c2fc5112ef957fba8b5ff16b90e7%2F15119798499113095724&i=21630&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702992531558&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h41hyrfzzcnjmk013376tqwngqn76h5nxf6v28crepc5nyf67vnbermka0qq8met76bqaxqebq71f16bx93vdfx3gt3h05vy1fnb13rp04ch5jkgs701gzzhk21xyr0b57kxbzk4be1k9s5s58zbcbywgx27htzfmh5tv2sbe6nqwwf004k64spkasnkq0awp3qa10akd5jrj8zet9782xtd3ah5qp3rts9skv2vpjsrrfde9b15m0y63vtv56t6cv89b8sygqy2kp6m943wfb8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-VNrkpqBZbnzLoDF_tMPl9axsAOQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoEzwFP0IBLb5qqUif6JYoNjnH5b7ip6Op5zAcn03jsCRnkB0lCtK36i31BL4mCSMlttUW-eT_W3l_vZh_4lTpGbdCUtYFCh2gMJeTy9FvKb3nJ8Jgh1FAmhOddU-Ey397zSI8A63YYNngto4kNdWBQcXilXkuCBdG3idOs1lCP4DLiIC67Iy-eANlatxrOF08AggVoVpLLGQtEJ4F9yBDrDoUzxgbcQOnAJ-BVMKUblcdDAygj3lSyQrkcLoHxNupjkHYM-2bwfbEFBafGFUsQ9iyABvra74OwvNiX7wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYus3jxs2bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_18uW6PjgmqeaKPVGz--AfNhiEgcw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: F817CEF5BF5A43B4B2218A150EE0C3A4
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046727&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992531396&bpp=116&bdt=106&idt=363&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079980%2C42531514%2C42531705%2C95320884&oid=2&pvsid=3070742680505491&tmod=896271259&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.g4xc33er71j0&fsb=1&dtd=365
Frame ID: 3A0148D32D336BC09E3AFEF4E8BD305F
Requests: 1 HTTP requests in this frame

Frame: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 518D2F722A5F17A7E95509AA145264CB
Requests: 12 HTTP requests in this frame

Frame: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: FC67313D9F364420610BDD8B3179B7F4
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992531635&bpp=138&bdt=105&idt=340&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C95320885&oid=2&pvsid=2417075223100956&tmod=1972741523&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.3n5avnf8mfgx&fsb=1&dtd=345
Frame ID: 456A643FA6A8030244D73CAF29B5B0A5
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 86D7E07980013265EE55253DBCD4413D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046725&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992531939&bpp=126&bdt=89&idt=363&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1910587181&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320377%2C95320868%2C95320884&oid=2&pvsid=3459210345517852&tmod=1566219697&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.zho22i8nz53m&fsb=1&dtd=368
Frame ID: 5192E196A962D88419E772621565BC40
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kpyqspz84xzrrpk8n5kn6g22qbg54pm14166fdwngp936rbykwfe0bdjsbya7568nk00ehw4m9a96wb808m8b9a5mx8zm001nv0n04xtswvj9djy0kzynyst7qj9yxhct8h0p0zdzs4b3kkptb4mwkmcjen493tzs5knq7vtqtpxb3b5tjtts5mb8pgnb4ke7t3jf61wnxb66wvear7wkd3xpzt8srgmrcq4rsm4n0hhbx5a7wj3m2jay0cmevvmz9c4t3rknmh3cw2ab44naqdxd5zzt41bxe1yswbmrfxev8kwhezgnbhnjtp00mt01x4fnkgqpmx3ezctq5a0czv063c92s4dkqd64bec17yfmkmakpw18w0p78pe9d2s3bzg0z71rr9vwce8w11n44tbt7rf0b5t33z88km62bms2xt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_-JTlJqBZYTMBIKVigPdjqDwDJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAgCIDL1wVbI-qAMByAMCqgTPAU_QK8x4WPxNOsZQhaQFpX_Yq_axQIIUrDI7iHuzRodNh8BLPvv5ephT25a13FRAK8HTt3__Y6c8HOpSC0B6gnXC870pS-Pmu-QDmYl_h8v0XJNHY2ygqa1lvd_vAlvO5ViQEpiXc2vj6J4BqsWVqRBA52bgMSAWF0qdQUcDQOzhAOydnksYH63isibApcwAnfOTZhE85isIPHHh5XaVvbBSe3zgZbkkD-I1jvGILPAQniMCfHee3_I0Xmf4CKyNnVNn74qk1psFtVpmpC0a2oAG6M3OyvrOxsHXAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliIpbPHzZuDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_13Iqwx-xAu05b2ZmEEIzv3423Miw%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: 64E2F33B9DD68F4D0429259D6E78CBD4
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0C3913B1F4422E5D404223EFC633B935
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2B1CA0DC91BFB54A67EEE8A26C33D3CC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6384B6CCF6CD5A4CB657D1B381716668
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: D9C7509E78D1285E99BC0E3BC15B46B3
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15579&b=prmh1fgf43PHkH4HmtztrMBf9SRTEXQaA9&f=JBeszf5fx45tBH6H7tqCQBGCxSgTbWguA8&c=320&d=50&e=&g=e0be80e24dd0429f194d132811912d85%2F16896158332824084429&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1702992532650&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kc0tctxxeafkaab481y9sc364df9wmx7c2rkpyexs4x366nq41a622jb4wgdgf8dfecz4g0nbb3a3tv5txdhn2zbfwqk8azy3dftfp6k7sknvjfz8b6ydfvws12nsepnxx14fm3m9r93j14918nxgtvzr9ksqt6g2ns4ckt1gx0abg79dhjv0kdvz2tk222syzec5cg7sjm1scf73bsgbj2tfsjxa89rg92fahamvfa43bs9pyh7n80ysqdd3n7zbmtyknq26bj7vp3jjb0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_-JTlJqBZYTMBIKVigPdjqDwDJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAgCIDL1wVbI-qAMByAMCqgTPAU_QK8x4WPxNOsZQhaQFpX_Yq_axQIIUrDI7iHuzRodNh8BLPvv5ephT25a13FRAK8HTt3__Y6c8HOpSC0B6gnXC870pS-Pmu-QDmYl_h8v0XJNHY2ygqa1lvd_vAlvO5ViQEpiXc2vj6J4BqsWVqRBA52bgMSAWF0qdQUcDQOzhAOydnksYH63isibApcwAnfOTZhE85isIPHHh5XaVvbBSe3zgZbkkD-I1jvGILPAQniMCfHee3_I0Xmf4CKyNnVNn74qk1psFtVpmpC0a2oAG6M3OyvrOxsHXAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliIpbPHzZuDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_13Iqwx-xAu05b2ZmEEIzv3423Miw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: 34E984B17C4539875725ECD818681E09
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2E305587DA1A409BFAEDCEE15C7BCF11
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 874A77460F540D720DB7576F2A96FD74
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kf1zptb81cyqtb8ssv0thbk5zw9my5tr63egxjs3jmmpw8w3q3rgepyarvgwe5yxsvqgyqwmdzg2cntexn4z29dk6m57gmpmee5bj44123bb2zkkw31h32gjdx9z66yp384nm5qbtc655892nta5dxjsr3aqngqaks2gv549kmx6k2ykszxw86knvgbcm9kdrsaa5z9twnyzcp0154dbwf6f01y84a3nej01j1rp1dt28nxzkd535f0z773s396vgs3bg9jeytk8y3z0kqkgmff3dgv1f0mnvmjxt8c814rjeh0mqay36t26t1bnm4185bmwahrg0q119pf66acs8zkfn70gymsr7zy84arp00fnk74bbhbxv097y7x6pa0cw15gevt6ytss3mrxy6yy5yfy1msx2qcdx739ek79ja610f2fg3g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnuUclJqBZdq1GMjq_tMPiLKp0AmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoEzwFP0BlPT7YSxhp0Y6uK5S2nGOiYyNhcJa4TulzoSxtAO6NNyCRnpvhSKW0nXIW9o6XLg-mnXhRc5kGR-NfbKBccutIjnes0FX9Vri9bumYSkIrbc49LGkz4qVSrDuOmxlrYtf3Q0VoFvA0uu1rJ2qImq5eOjmS-R0h8x8A9SUCT6kc-jaVkVeE6-7zNjsYfmu2RW6OpZzLZRunj3yL2GEdxrqcDzbgZk3uVNteEnYrsNrJ_ulLbS4XSxs-VvXb0k3rMOPUjJVSKjH73OvCo6UeABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_5HHx82bgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2PPpR_RtiItbt1fUtZwcYHHWCg5g%26client%3Dca-pub-5884294479391638%26adurl%3D
Frame ID: 32EF02EA462BFFDD2927A9E64DDC04F0
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4F26C21CAD93876C5C82EBEC804EC5AB
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 80EC0F4FE968151BDC3652135CBA041C
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=728&d=90&e=&g=f4bd16a0434b96ec92337ace3b391e14%2F4425640653481459052&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1702992532967&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvetjg4f1j3npvr37srqvz8g64jdgfh2e5jhnwafray6e4kx5w6rfgxp1t9j5kn8fzh8m7yxxtx9ym5x55xmm3e551gjnk4cksaa7vje375bfcbp7zdga1pstpzzhmfyy5hd8rxt1xdfd8c29aa72wzkdq8ry07q76m0bpcr642rrxc41x34q4cfwstj7ge7k3hdcgje1g84cben39e8vs5n8d4cfd0cx8e71fw794v8y6anc4as6et31ctyvan0v74d7eztfykdmwa7nmg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnuUclJqBZdq1GMjq_tMPiLKp0AmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoEzwFP0BlPT7YSxhp0Y6uK5S2nGOiYyNhcJa4TulzoSxtAO6NNyCRnpvhSKW0nXIW9o6XLg-mnXhRc5kGR-NfbKBccutIjnes0FX9Vri9bumYSkIrbc49LGkz4qVSrDuOmxlrYtf3Q0VoFvA0uu1rJ2qImq5eOjmS-R0h8x8A9SUCT6kc-jaVkVeE6-7zNjsYfmu2RW6OpZzLZRunj3yL2GEdxrqcDzbgZk3uVNteEnYrsNrJ_ulLbS4XSxs-VvXb0k3rMOPUjJVSKjH73OvCo6UeABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_5HHx82bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2PPpR_RtiItbt1fUtZwcYHHWCg5g%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Frame ID: 276A41D4CE4D37FE197ED3FA3A3D76E4
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 864A342EB043932719B7DB5108063EA6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BA9647AE7B48C4B3FCCB02808A4E59A8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🍉西瓜卡通

Page URL History Show full URLs

http://www.xgcartoon.com/ HTTP 301
https://www.xgcartoon.com/ Page URL

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js
tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

393
Requests

93 %
HTTPS

47 %
IPv6

39
Domains

52
Subdomains

36
IPs

10
Countries

7727 kB
Transfer

15506 kB
Size

30
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://cn.xgcartoon.com/
Title: 简

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.xgcartoon.com/ HTTP 301
https://www.xgcartoon.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 116

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODYxNuVDxDGCxjGCzIIQz3-g85c2Yg HTTP 301
https://tpc.googlesyndication.com/simgad/4558490222349370582

Request Chain 126

https://securepubads.g.doubleclick.net/pagead/adview?ai=CrYe6kZqBZZaOMvnM1PIPhsuqsATO9IjudL6K-JvwEaOener_QBABINPLzjBglYKAgJgHoAHor-yIA8gBCakCAIgMvXBVsj7gAgCoAwHIA9sEqgSaAk_QqnEd2TCN1pLn3BDOYgM0IlramA2azGrybmYhqFRb1L60Az-yG7cJ0Ux7qioZ__n5QbGEaMzKWZQPyp47CDSs83u_t0BkoelgyG_H5zb9S70e55YktydNd8sip7_3mj8jMnqwRJ7ydsv5fB7USQ9hhA1ChPVNoyAGL6zklyJNHOGianwUZIaN7l-At4bbMgfscm9DNjANZi4WyJGxHt1BNe8kiK91fFHMyzoBGNObNOGASiUrj5tINmVqjRFEg1XhCKuKizIEUBUWQFk2ZreR8IQreZnMjsgjb74gb8nkNXCsTeVzz6Of5T-80KSLEwk7j8EjBOd5QbXMGaeEdYtYjdertZ_2Qa8Fetq3sTR74r9WUfBpy4LLuMAE6Kr09cIE4AQBiAX6qeyRTZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeA0JN3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA8gcEEIP6BNIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpY_IXtxc2bgwOaCR1odHRwczovL3d3dy5uZWJ1bHVzLmJpei9kZS9kZYAKA8gLAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQLiDRMI6LTtxc2bgwMVeSZVCB2GpQpG2BMMiBQB0BUBmBYBgBcBshceChwIABIUcHViLTMwMzkxOTk1MDM0MDM2MzQYmdIh&sigh=cxCNPbIO02s&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSGwAvHhf_H9i-T9-L_EfVa_e8E6CRZvlVgRoXeRgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213599129034509850243%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22823859176%22],%2222%22:[%22true%22],%224%22:[%2212-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212298244413749864897%22}&andc=true

Request Chain 146

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEMYD_sVl-Lh5eMTf1229II&google_cver=1&google_push=AXcoOmSfwRyXdVkB4wM4783wSx1e19MDtEgNChFdsssz8uqRx9YhKUfV68YcR5q3_JqexRtq2VzTECOWzajm1GoBJPVJiEBa4f6xD4K6slSp-ir7e6F1h0l-Ps8ps-zGy0AvR_OaSV2Dr7Eh93Vpw44_druL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSfwRyXdVkB4wM4783wSx1e19MDtEgNChFdsssz8uqRx9YhKUfV68YcR5q3_JqexRtq2VzTECOWzajm1GoBJPVJiEBa4f6xD4K6slSp-ir7e6F1h0l-Ps8ps-zGy0AvR_OaSV2Dr7Eh93Vpw44_druL&google_hm=eS1heHZJN0pGRTJwRVlFVjE5Ti5Xd0RrQlVFSTMuOEJTZH5B

Request Chain 148

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOTeRNzg8Q8Zr_k7lh40_Bw&google_cver=1&google_push=AXcoOmTcjqTjMMOUmzThRU633t9SEfVZU2qRP3yBfmbcNGCqhBpKiHkM3RW_e11t7mA9IPdxmLgMfiLQ26_MhaXItMUDIHVJnwNvRUlqUqqXnogMV3H5ExoBbFugE5e11Ku_Igd70mg-iT819MN6DOcOkpyL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFDRFM2VkwtMjQtNDY5RA==&google_push=AXcoOmTcjqTjMMOUmzThRU633t9SEfVZU2qRP3yBfmbcNGCqhBpKiHkM3RW_e11t7mA9IPdxmLgMfiLQ26_MhaXItMUDIHVJnwNvRUlqUqqXnogMV3H5ExoBbFugE5e11Ku_Igd70mg-iT819MN6DOcOkpyL

Request Chain 149

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENmpximuHD9t1JS9nj6K0ec&google_cver=1&google_push=AXcoOmS195ycOijsGKr351Xpn-o9tUOHtEfQ5J2XpkT3DmJksOQWDE5z7I177IuPvB8WuMfwPtiIE3xqtoGRn3IuFvbWaefqhlrMByakYWHM4GVD1ZGGLXGOa7jHk2NgZHDwLJDwirps5UU3In9C2MJ0Amp2 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENmpximuHD9t1JS9nj6K0ec&google_push=AXcoOmS195ycOijsGKr351Xpn-o9tUOHtEfQ5J2XpkT3DmJksOQWDE5z7I177IuPvB8WuMfwPtiIE3xqtoGRn3IuFvbWaefqhlrMByakYWHM4GVD1ZGGLXGOa7jHk2NgZHDwLJDwirps5UU3In9C2MJ0Amp2&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENmpximuHD9t1JS9nj6K0ec&google_hm=ZYGak24RnfZ4sik8VVsHsQAACFAAAAIB&google_nid=index&google_push=AXcoOmS195ycOijsGKr351Xpn-o9tUOHtEfQ5J2XpkT3DmJksOQWDE5z7I177IuPvB8WuMfwPtiIE3xqtoGRn3IuFvbWaefqhlrMByakYWHM4GVD1ZGGLXGOa7jHk2NgZHDwLJDwirps5UU3In9C2MJ0Amp2

Request Chain 151

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBxXBYK244M0kjeHJL5CMF4&google_cver=1&google_push=AXcoOmQMMTqJnjG6Do8fy-crQF9_5aSEuOf297PZ-9h9fEmt7ihkt_4iqsxtmiJDMpJv8WcIr2QjnjjfGM0ATvRd9tK20ktXJupNKD8U8IF5xRGdPenhoMOi6SxtZWv0y7rBf5WqRuj7H_TpR4mu3FgGH8kc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQMMTqJnjG6Do8fy-crQF9_5aSEuOf297PZ-9h9fEmt7ihkt_4iqsxtmiJDMpJv8WcIr2QjnjjfGM0ATvRd9tK20ktXJupNKD8U8IF5xRGdPenhoMOi6SxtZWv0y7rBf5WqRuj7H_TpR4mu3FgGH8kc HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 152

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEMT1coLx2LI5vch2TrA4jPA&google_cver=1&google_push=AXcoOmQVzdbgCELTaNjK-JuCl6yItFgpcfAoMf4y0SWPoRwGfXJZe5PHYLXSC2TUIADochYTBEElPhfHr_7qfEecmfnB8cOIk3vj7pusf7NXRq3Ence0UyBlg742a8buAmtzDM0MtADmYYyUu9rHz7uN3j2rrQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=8c00e809-1747-432b-a00d-0f655c169d8c&google_cver=1&google_gid=CAESEMT1coLx2LI5vch2TrA4jPA&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQVzdbgCELTaNjK-JuCl6yItFgpcfAoMf4y0SWPoRwGfXJZe5PHYLXSC2TUIADochYTBEElPhfHr_7qfEecmfnB8cOIk3vj7pusf7NXRq3Ence0UyBlg742a8buAmtzDM0MtADmYYyUu9rHz7uN3j2rrQ&gdpr=${GDPR}

Request Chain 158

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGpQ1oINF75SjAxFKtcIivQ&google_cver=1&google_push=AXcoOmT6gIZ6HnKMC5aFd-rkjFjlsQ9vmp-5-PkM5VfCFiyQiUNZ1yo6dKCzaegvRTkhalDZu4coXInuGzxX2a84pg6e7fbytmE HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGpQ1oINF75SjAxFKtcIivQ&google_cver=1&google_push=AXcoOmT6gIZ6HnKMC5aFd-rkjFjlsQ9vmp-5-PkM5VfCFiyQiUNZ1yo6dKCzaegvRTkhalDZu4coXInuGzxX2a84pg6e7fbytmE&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmT6gIZ6HnKMC5aFd-rkjFjlsQ9vmp-5-PkM5VfCFiyQiUNZ1yo6dKCzaegvRTkhalDZu4coXInuGzxX2a84pg6e7fbytmE&google_hm=H2OopGZHFL2Y1Z6PRDCVZbru

Request Chain 159

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESED7HfOjDnm7vJtJfP5QS9QE&google_cver=1&google_push=AXcoOmTrVBHs4Ae9VEdK-evf-DOtfIIw2KlaLNOJhrLLjuBQJwh0x9DnJAu4bCPdgkkSPMGU2CBiBEvA9XPA4N72KUsHqymPvh8 HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmTrVBHs4Ae9VEdK-evf-DOtfIIw2KlaLNOJhrLLjuBQJwh0x9DnJAu4bCPdgkkSPMGU2CBiBEvA9XPA4N72KUsHqymPvh8&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1702992531321 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-55c12365-48ab-4514-8b37-6dbc05cf5842-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTrVBHs4Ae9VEdK-evf-DOtfIIw2KlaLNOJhrLLjuBQJwh0x9DnJAu4bCPdgkkSPMGU2CBiBEvA9XPA4N72KUsHqymPvh8%26google_hm%3DA1XBI2VIq0UUizdtvAXPWEI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTrVBHs4Ae9VEdK-evf-DOtfIIw2KlaLNOJhrLLjuBQJwh0x9DnJAu4bCPdgkkSPMGU2CBiBEvA9XPA4N72KUsHqymPvh8&google_hm=A1XBI2VIq0UUizdtvAXPWEI

Request Chain 160

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEArmzmPVO-pg5EqIdq4C-3g&google_cver=1&google_push=AXcoOmQ9fH6fPNhzCY25im-g5Zm4DnWtMCqoKReJpUOfqGqflAJSzIq3Rx_TPzILP36Qm6C8NmouqUCXI1Nbo_uw5R34FWasi4YQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQ9fH6fPNhzCY25im-g5Zm4DnWtMCqoKReJpUOfqGqflAJSzIq3Rx_TPzILP36Qm6C8NmouqUCXI1Nbo_uw5R34FWasi4YQ HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 188

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODYxNuVDxDGCxjGCzIIQz3-g85c2Yg HTTP 301
https://tpc.googlesyndication.com/simgad/4558490222349370582

Request Chain 196

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEASlT3Y7yFrK2qzuE1Zw2P0&google_cver=1&google_push=AXcoOmSN85Z5Qn4y9Zkz7_Ckco1U0d90A0MglJU5LD3w4ImNBE7S_ylf6f8xWmsrn2efiE0vmDOfpbrdr8znZRKV0y0VVzEpJGsGBB04D64w1fDSm2fBQXKNaOeKtWCweFrBqzIHxmH1kO4J8raTH65kQ6uY HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEASlT3Y7yFrK2qzuE1Zw2P0&google_cver=1&google_push=AXcoOmSN85Z5Qn4y9Zkz7_Ckco1U0d90A0MglJU5LD3w4ImNBE7S_ylf6f8xWmsrn2efiE0vmDOfpbrdr8znZRKV0y0VVzEpJGsGBB04D64w1fDSm2fBQXKNaOeKtWCweFrBqzIHxmH1kO4J8raTH65kQ6uY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg2NzIwNTQ2MTU2NTAzOTc2MA&google_push=AXcoOmSN85Z5Qn4y9Zkz7_Ckco1U0d90A0MglJU5LD3w4ImNBE7S_ylf6f8xWmsrn2efiE0vmDOfpbrdr8znZRKV0y0VVzEpJGsGBB04D64w1fDSm2fBQXKNaOeKtWCweFrBqzIHxmH1kO4J8raTH65kQ6uY

Request Chain 197

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENmpximuHD9t1JS9nj6K0ec&google_cver=1&google_push=AXcoOmSbob_KEfFvhYAO89Sl7M13O5yf6WHc76GugefqZxKWkbt1nrLPybp3yjS3S-seFUQIKqPMdjNB_9Kd1hkz6lMVjcWK7JLtus2KlCJ1ZKIFANdsUsjLnWPwSKgCE1Do93T-A-ydQlgrYhcJZW3BF7do HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENmpximuHD9t1JS9nj6K0ec&google_hm=ZYGak24RnfZ4sik8VVsHsQAACFAAAAIB&google_nid=index&google_push=AXcoOmSbob_KEfFvhYAO89Sl7M13O5yf6WHc76GugefqZxKWkbt1nrLPybp3yjS3S-seFUQIKqPMdjNB_9Kd1hkz6lMVjcWK7JLtus2KlCJ1ZKIFANdsUsjLnWPwSKgCE1Do93T-A-ydQlgrYhcJZW3BF7do

Request Chain 198

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGpQ1oINF75SjAxFKtcIivQ&google_cver=1&google_push=AXcoOmSFTeNGzZlbEB7tFlcG92R-hnJw8Gkgl8S-UMYW_YH3Bsmb5TAWHn6tpl_im_kZ_bXge7OPeZROoDtCc6nrjmlEDp16gU90wCfFayacCcSc-ZRuojY34Si5M31AMMe2zUssZRO1S-_LTrWmiDuu0SSB HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSFTeNGzZlbEB7tFlcG92R-hnJw8Gkgl8S-UMYW_YH3Bsmb5TAWHn6tpl_im_kZ_bXge7OPeZROoDtCc6nrjmlEDp16gU90wCfFayacCcSc-ZRuojY34Si5M31AMMe2zUssZRO1S-_LTrWmiDuu0SSB&google_hm=H2OopGZHFL2Y1Z6PRDCVZbru

Request Chain 200

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBxXBYK244M0kjeHJL5CMF4&google_cver=1&google_push=AXcoOmSnxjZlgIqOGY-6CZQOolvfw62N8HA3N20kyFVXknod693C1Iugmd_6noiX_9XqNxNnp9mmhmzLuXJIrapC5zYvjptT0TtfEK7zRcy6dezgEHG6Ydvy31IqdNTug19mTxUOfaXt3Y6zZdy1Ee7Xxw9c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSnxjZlgIqOGY-6CZQOolvfw62N8HA3N20kyFVXknod693C1Iugmd_6noiX_9XqNxNnp9mmhmzLuXJIrapC5zYvjptT0TtfEK7zRcy6dezgEHG6Ydvy31IqdNTug19mTxUOfaXt3Y6zZdy1Ee7Xxw9c HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 214

https://securepubads.g.doubleclick.net/pagead/adview?ai=COy6tkpqBZZLfKsPC7gOqwp-wAc70iO50vor4m_ARo56d6v9AEAEg08vOMGCVgoCAmAegAeiv7IgDyAEJqQIAiAy9cFWyPuACAKgDAcgD2wSqBJoCT9Bh0bdoHUjzpP6yiO410-sUMZnmhPMGA4St7zHWGZU_kApRw6wVYLQI7A6c_YckNVCqRnUeWMP68tMxwEn_DDSCMOZh2AYDUKhe7qQnWqDbFPbLpYWPSgSn1L0QqVgODfSp4NiHkS9sHBoEXdiGYLbCZ549ffZbOJxChofMTsh8VaocIeaP9qo3q_2IDYGJaS0fpRgdRfq5UDYEYP_Wr3uBEzHoEN_byPsTzTPgQgByA-LANd7uVHvZuoTMlOGTtRuiGq-qyDFjM3GIsxxdqp67I55i2t6DTJAbjKuLVVPSL2tRKWve-8Loh6Dvcrx1H3BIB4xf5bK3GGYKPY7CCRXh9AX79uaqGBjYNSrSDD9OsDiSjcnhzl0ewAToqvT1wgTgBAGIBfqp7JFNkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4DQk3eoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQqfUE0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljL_-3FzZuDA5oJHWh0dHBzOi8vd3d3Lm5lYnVsdXMuYml6L2RlL2RlgAoDyAsBogwUKhIKEOS0sQLutbECtbixAru7sQLiDRMI9Knuxc2bgwMVQ6F7Ch0q4QcW2BMMiBQB0BUBmBYBgBcBshceChwIABIUcHViLTMwMzkxOTk1MDM0MDM2MzQYmdIh&sigh=do7hIDlT0QQ&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSGwAvHhf_sg5db1X8AQb5WzvaEYiKHODR9wzKSRgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226260286297222306358%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22823859176%22],%2222%22:[%22true%22],%224%22:[%2212-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210789102694540996945%22}&andc=true

Request Chain 295

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODYxNuVDxDGCxjGCzIIQz3-g85c2Yg HTTP 301
https://tpc.googlesyndication.com/simgad/4558490222349370582

Request Chain 300

https://securepubads.g.doubleclick.net/pagead/adview?ai=COGavk5qBZermG-7G1PIPuYy6oAHO9IjudL6K-JvwEaOener_QBABINPLzjBglYKAgJgHoAHor-yIA8gBCakCAIgMvXBVsj7gAgCoAwHIA9sEqgSZAk_QQ4bc_DorjpStPq2ZjHSDawspIrWpdQ0-yH6mkRdqp8k1VJgGFsvPtbpJz6f96FYI8arO2rTYCTothLlPAAJD-348pEW2BbXMmrDglrZxpry2PAxyk3kVPfqCVcCc04I2DSsF2ezRq3r8BCGtnOLy03FccnLevhRtCaNoW5KpnLztY4ooY5gIymjK7_7B4oxcSfudlcbrTjyvNoqLOrfJhDLBk7uaWXsmwE7WLG_zjmVj3gIr3fKpMjfcy0LgPKYRm6Ba35hirj6dVPMUxCEmGJdV68HrJIdQVdNGgUMk1DxH__pbUQ-p73NSuoujAb6qHfO6aHZL2BqAfIpCluHU6cazQB05VbXDSsPzOdcIg3PqWjXIh0prwAToqvT1wgTgBAGIBfqp7JFNkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4DQk3eoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQ78QC0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljjn-7FzZuDA5oJHWh0dHBzOi8vd3d3Lm5lYnVsdXMuYml6L2RlL2RlgAoDyAsBogwcKhoKGOS0sQLutbECtbixAuS0sQLutbECu7uxAuINEwij3u7FzZuDAxVuI1UIHTmGDhTYEwyIFAHQFQGYFgGAFwGyFx4KHAgAEhRwdWItMzAzOTE5OTUwMzQwMzYzNBiZ0iGyGAMiAQA&sigh=QcszVsKzvcA&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSGwAvHhf_JgAZ-7TB9qmHJTsLqIvcPVgxzH0IMRgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211342364959018316003%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22823859176%22],%2222%22:[%22true%22],%224%22:[%2212-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225976240902245503457%22}&andc=true

Request Chain 318

https://um.simpli.fi/gp_match?google_gid=CAESEJqRPY2YB7ROCA11-74CfAg&google_cver=1&google_push=AXcoOmT1ZziQt9cReqi3X-t8qDltAnm1ixH7NMPvvlJkPhIPK55HRqLn6b1bL3h_1Vw6zf8hPbMKdWxVIgLatZTV17D863fqOTECjoXSrDqiA5woyo6kOr6kbuTRL-aFlKSHVWixz6GILwJVj6ksbD8nqqs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BD3554EA92ED4A3CBBF6CD013D5E4A81&google_push=AXcoOmT1ZziQt9cReqi3X-t8qDltAnm1ixH7NMPvvlJkPhIPK55HRqLn6b1bL3h_1Vw6zf8hPbMKdWxVIgLatZTV17D863fqOTECjoXSrDqiA5woyo6kOr6kbuTRL-aFlKSHVWixz6GILwJVj6ksbD8nqqs

Request Chain 319

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENmpximuHD9t1JS9nj6K0ec&google_cver=1&google_push=AXcoOmQLo5_029TBN259v6VDbP1IwtU-y2Knjmw0zCK5spX3D9WYdoym5AQwh0MpZKZNmVyy44oOmSkwwKrT_3GQttzv1OmbkMreJxlQxHssEaAuY6wn5Wbc0HL1ylyhxfjIstfXXGpvsAmE5cfNO95jeR0L HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENmpximuHD9t1JS9nj6K0ec&google_hm=ZYGak24RnfZ4sik8VVsHsQAACFAAAAIB&google_nid=index&google_push=AXcoOmQLo5_029TBN259v6VDbP1IwtU-y2Knjmw0zCK5spX3D9WYdoym5AQwh0MpZKZNmVyy44oOmSkwwKrT_3GQttzv1OmbkMreJxlQxHssEaAuY6wn5Wbc0HL1ylyhxfjIstfXXGpvsAmE5cfNO95jeR0L

Request Chain 320

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGpQ1oINF75SjAxFKtcIivQ&google_cver=1&google_push=AXcoOmSJ8Os8ij3l_52jyPakU9TThyH1cM_WCqjemsPhW1JYjIWKtmIALYTCTRgsrqWfu7oKnzzfs3kzRkKSdyWD4vkvAZ78U09jpuxaEC4kdz-tGqmwELhsogcSbdaOFGK8QOlSyXi1ljfaMNq1apzWX0_Z HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSJ8Os8ij3l_52jyPakU9TThyH1cM_WCqjemsPhW1JYjIWKtmIALYTCTRgsrqWfu7oKnzzfs3kzRkKSdyWD4vkvAZ78U09jpuxaEC4kdz-tGqmwELhsogcSbdaOFGK8QOlSyXi1ljfaMNq1apzWX0_Z&google_hm=H2OopGZHFL2Y1Z6PRDCVZbru

Request Chain 322

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEArmzmPVO-pg5EqIdq4C-3g&google_cver=1&google_push=AXcoOmS9lzZjgUpP-WhnV9jtFDO-eFlc48J3qc23MkAYtmS1kg_6qmufdTopOxcy343qEq_NphHDTv2kBc0ebyr90E8au-FiAiDhSUZeXUjMAxno2zLolQwRFhuA8elll0TRExU483--r8uy2-xq9OQWrmTZBQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmS9lzZjgUpP-WhnV9jtFDO-eFlc48J3qc23MkAYtmS1kg_6qmufdTopOxcy343qEq_NphHDTv2kBc0ebyr90E8au-FiAiDhSUZeXUjMAxno2zLolQwRFhuA8elll0TRExU483--r8uy2-xq9OQWrmTZBQ HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 323

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEPw8PMwefAaZY0kFEDfWg-Q&google_cver=1&google_push=AXcoOmSNJM-2ZJaTXoWmxu-R8boR2HQxiIrrZR108S1_QS8Qll_JfzkvLPhai7f4CErxAbqHrZOL15vGfN5z6SmO26NpMq6Ve-MfaoyZxJZVhBHbIefFtThCYzbn8ICMK1TrYS7-xepE0iQcGXMZTprytilp HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEPw8PMwefAaZY0kFEDfWg-Q%26google_cver%3D1%26google_push%3DAXcoOmSNJM-2ZJaTXoWmxu-R8boR2HQxiIrrZR108S1_QS8Qll_JfzkvLPhai7f4CErxAbqHrZOL15vGfN5z6SmO26NpMq6Ve-MfaoyZxJZVhBHbIefFtThCYzbn8ICMK1TrYS7-xepE0iQcGXMZTprytilp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzA0MzY3Mjc3MTY2MjIzMzEwMQ%3D%3D&google_gid=CAESEPw8PMwefAaZY0kFEDfWg-Q&google_cver=1&google_push=AXcoOmSNJM-2ZJaTXoWmxu-R8boR2HQxiIrrZR108S1_QS8Qll_JfzkvLPhai7f4CErxAbqHrZOL15vGfN5z6SmO26NpMq6Ve-MfaoyZxJZVhBHbIefFtThCYzbn8ICMK1TrYS7-xepE0iQcGXMZTprytilp

Request Chain 324

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEMT1coLx2LI5vch2TrA4jPA&google_cver=1&google_push=AXcoOmTajCwLVgoevhIq7YyTlOjR-7Oq4IY0sQuTf4ipnd22XjPHDxZop7SY_BpuxgHo3kJ5NnUN_I7vU5GpwO3EFkQUBOleMzA3wVgjEcjg6tT5XQoWibohpIuLQg-dunAVHzaPWrKOuAolh2_4XEYs8kjctQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=8c00e809-1747-432b-a00d-0f655c169d8c&google_cver=1&google_gid=CAESEMT1coLx2LI5vch2TrA4jPA&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTajCwLVgoevhIq7YyTlOjR-7Oq4IY0sQuTf4ipnd22XjPHDxZop7SY_BpuxgHo3kJ5NnUN_I7vU5GpwO3EFkQUBOleMzA3wVgjEcjg6tT5XQoWibohpIuLQg-dunAVHzaPWrKOuAolh2_4XEYs8kjctQ&gdpr=${GDPR}

Request Chain 359

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENmpximuHD9t1JS9nj6K0ec&google_cver=1&google_push=AXcoOmRr1r_le49pHWX6yW9rF4Hx-nlbJFaS9WvSyNqZRAwVai657_r7nkPVEZtEKLp87Fv4pe1wso2XkR7-N-97AFEs6FjRv99PLQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENmpximuHD9t1JS9nj6K0ec&google_hm=ZYGak24RnfZ4sik8VVsHsQAACFAAAAIB&google_nid=index&google_push=AXcoOmRr1r_le49pHWX6yW9rF4Hx-nlbJFaS9WvSyNqZRAwVai657_r7nkPVEZtEKLp87Fv4pe1wso2XkR7-N-97AFEs6FjRv99PLQ

Request Chain 360

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELcVwzf4LeLPBRzj-lkHnUY&google_cver=1&google_push=AXcoOmSRv0Wpu9AJoLvtV_6STTVM9NbqBiIxvVif8KBVjRGtWtosKSkdsGY4RoNMY0aanFXq9326_2na5cPkvU7nxc_IJRCdUqE9 HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSRv0Wpu9AJoLvtV_6STTVM9NbqBiIxvVif8KBVjRGtWtosKSkdsGY4RoNMY0aanFXq9326_2na5cPkvU7nxc_IJRCdUqE9&google_gid=CAESELcVwzf4LeLPBRzj-lkHnUY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQwNTU2MDQ5MzgzOTgxMDk3MTgyMQ%3D%3D&google_push=AXcoOmSRv0Wpu9AJoLvtV_6STTVM9NbqBiIxvVif8KBVjRGtWtosKSkdsGY4RoNMY0aanFXq9326_2na5cPkvU7nxc_IJRCdUqE9

Request Chain 362

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEArmzmPVO-pg5EqIdq4C-3g&google_cver=1&google_push=AXcoOmR-Tv4HyB7bUoJEqa_oe6z3ZWIxPUXuyHoJZOw28adJYNjqSM6PE8pxqcD-o_DH19oBhgpK_8x4cK5RIxpO14qK9QEh0zXNbDc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmR-Tv4HyB7bUoJEqa_oe6z3ZWIxPUXuyHoJZOw28adJYNjqSM6PE8pxqcD-o_DH19oBhgpK_8x4cK5RIxpO14qK9QEh0zXNbDc HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 379

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKTX-MfNm4MDFc-T_QcddFUF7w;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023121914285391436430793X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023121914285391436430793X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218

393 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.xgcartoon.com/
Redirect Chain

http://www.xgcartoon.com/
https://www.xgcartoon.com/

186 KB
31 KB

859ms
428ms

Document
text/html

169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f0f7a2b24b5d82e66cac5922b1722e8eaba43fe6e89aeeec08119ed9bb28adb1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=180
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 19 Dec 2023 13:28:47 GMT
etag: "2e912-ZaaWgC3KxZLhp2taah0UYzl+W9c"
expires: Tue, 19 Dec 2023 13:31:47 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Tue, 19 Dec 2023 13:28:47 GMT
Location: https://www.xgcartoon.com/
Server: nginx/1.18.0 (Ubuntu)

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 136ms
68ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0435079f9a4a1280a9ccfbb593d29768c3f96b4cd7b0c6ee2134f820b5f65cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 19 Dec 2023 13:28:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73141
x-xss-protection: 0
server: sffe
etag: "20620290c9309704"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Dec 2023 13:28:48 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/v0/ 82 KB
24 KB 97ms
29ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb22b6f1eaa16879c8550599bc09f556bba897ecd3826a49db742558c1e0751a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 19 Dec 2023 13:28:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23125
x-xss-protection: 0
server: sffe
etag: "03885caa855825de"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Dec 2023 13:28:48 GMT

GET
H2 200 amp-autocomplete-0.1.js Show response
cdn.ampproject.org/v0/ 29 KB
9 KB 106ms
57ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

878a2cd75957206fa5958be9c549e0b8f9adf16b6ae5aa305b1405649f2d84a5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 19 Dec 2023 13:28:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9459
x-xss-protection: 0
server: sffe
etag: "8a483731af74fd28"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Dec 2023 13:28:48 GMT

GET
H2 200 amp-base-carousel-0.1.js Show response
cdn.ampproject.org/v0/ 33 KB
9 KB 129ms
80ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-base-carousel-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34abd1b18255edb3600bc9af8c9ddee862998331a1e1eff341ccd221d74c5c5f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 19 Dec 2023 13:28:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9144
x-xss-protection: 0
server: sffe
etag: "07d6224a0bda3843"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Dec 2023 13:28:48 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/v0/ 50 KB
15 KB 111ms
62ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-form-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e40d97b983b5756bf934b6b97d8d3fbb7cd719406bf82fee6e8a2c1acced376d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 19 Dec 2023 13:28:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14979
x-xss-protection: 0
server: sffe
etag: "5c37322451a9f07d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Dec 2023 13:28:48 GMT

GET
H2 200 amp-mustache-0.2.js Show response
cdn.ampproject.org/v0/ 45 KB
15 KB 97ms
48ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-mustache-0.2.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83af0c09a4f51158ec41f22995415aad509db6ef38d91c7feda2503acf5c49f6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 19 Dec 2023 13:28:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15383
x-xss-protection: 0
server: sffe
etag: "10ecb1b2e6eeaabe"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Dec 2023 13:28:48 GMT

GET
H2 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/v0/ 40 KB
10 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dca1a0dc1f2b52f18cf46789de016d2937b1829b3f2db9a19aa78f31a9694e5a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 19 Dec 2023 13:28:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10344
x-xss-protection: 0
server: sffe
etag: "710c75735c511774"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Dec 2023 13:28:48 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
32 KB 263ms
263ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10a9496c968fb01e420759b953e1c683c7620261d4d04ae9a290d42dd63d4455

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 19 Dec 2023 13:28:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32187
x-xss-protection: 0
server: sffe
etag: "f62e83b3b94bc414"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Dec 2023 13:28:48 GMT

GET
H2 200 amp-social-share-0.1.js Show response
cdn.ampproject.org/v0/ 14 KB
5 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-social-share-0.1.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfc3120b346b740f323485e3711448804353c1c5c213ec822a6ff76e0c7b8ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 19 Dec 2023 13:28:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4740
x-xss-protection: 0
server: sffe
etag: "e23d2a0d990fab56"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 19 Dec 2023 13:28:48 GMT

GET
H2 200 /
c.statcounter.com/12916097/0/c55d9f9f/1/ 49 B
470 B 210ms
152ms Image
image/gif 104.20.94.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.statcounter.com/12916097/0/c55d9f9f/1/
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.94.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
cf-ray: 837ffda65bb89b4b-FRA
content-length: 49
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 logo.png
www.xgcartoon.com/img/ 13 KB
13 KB 229ms
229ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/logo.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
last-modified: Sun, 28 Aug 2022 14:10:33 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"3473-182e4ca3706"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 13427
expires: Tue, 19 Dec 2023 13:31:48 GMT

GET
H2 200 stay.png
www.xgcartoon.com/img/ 128 B
325 B 227ms
227ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/stay.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 14c55deaf7ebe64eb047f2deeff0f12615193ff170e0693bebd2b51991751bf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
last-modified: Fri, 02 Dec 2022 17:11:13 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"80-184d3d21b68"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 128
expires: Tue, 19 Dec 2023 13:31:48 GMT

GET
H2 200 up.png
www.xgcartoon.com/img/ 232 B
428 B 225ms
225ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/up.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 13e6a7a86b66aec6cc0cf1441a042fa7beaedbab5dc996b0341301518a1f55af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
last-modified: Fri, 02 Dec 2022 17:10:45 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"e8-184d3d1ae08"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 232
expires: Tue, 19 Dec 2023 13:31:48 GMT

GET
H2 200 down.png
www.xgcartoon.com/img/ 266 B
463 B 226ms
226ms Image
image/png 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xgcartoon.com/img/down.png
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2661dcb6bfa9b71c39c54788bde5ea88003db9f7384c04e66d6f7926fdba8894

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
last-modified: Fri, 02 Dec 2022 17:11:00 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"10a-184d3d1e8a0"
content-type: image/png
cache-control: max-age=180
accept-ranges: bytes
content-length: 266
expires: Tue, 19 Dec 2023 13:31:48 GMT

GET
DATA 200
OK truncated
/ 1 KB
1 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa3ecba51fcbe3806a57d12638c9e2760902fef8faa7bfc5b4e0214ed36848b7

Request headers

Referer
Origin: https://www.xgcartoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: font/woff2

GET
H2 200 daxiaojiehekanmenquandaxiaojieyukanmenquanriyu-chuchun.jpg
static-a.xgcartoon.com/coverw/ 5 KB
5 KB 111ms
50ms Image
image/jpeg 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/daxiaojiehekanmenquandaxiaojieyukanmenquanriyu-chuchun.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cf8320abe90f0b566bbb7997c1d5269403a16be82145d4935efd96c369878f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 65713
content-length: 4716
cf-bgj: h2pri
last-modified: Sat, 30 Sep 2023 08:19:42 GMT
server: cloudflare
etag: "06A0B0309BA981980693FF16BB713B42"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BmYxvT0LF9kXvh%2Bg2TrYg6rhafA69EKeIx%2BTuiVcy3xJ72TjMRAplQ5f8xt21gWaezlnPm58i%2FRxbuFhHm89UXKICorQ0q6vnLaHpcyWD0icWxb8Bcj55t9iMX4ooZIpM%2B2Hs0f73OwbCHxiptjQNA%2F7q80%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda7e82f3723-FRA
expires: Thu, 21 Dec 2023 03:12:10 GMT

GET
H2 200 xiangdangmaoxianzheqianwangdoushidenverchengweisjixiangdangmaoxianzhedenverdaodadoushidangledengjisdemaoxianzheriyu-mensishijia.jpg
static-a.xgcartoon.com/coverw/ 88 KB
89 KB 109ms
49ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/xiangdangmaoxianzheqianwangdoushidenverchengweisjixiangdangmaoxianzhedenverdaodadoushidangledengjisdemaoxianzheriyu-mensishijia.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10e358711eab7bbdacde3e4d3eb925d04438f07358f0dad5d22a8818fc9771c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
last-modified: Sat, 30 Sep 2023 08:22:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65713
etag: "20979B22CCCCF2F971F5EA653CDD5998"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLgHsyTT0zlAUoFttaBIXDYAaO8uniU7qDj6NLeBzvAiD4eaWZ4SS6x23liIftRKqE3Jz8GVBXyZOgGIrafHBqOua16J1qBdJKdIhb%2FcpqwpwoSdr%2B9HFZDN7atFG4atWRCXGZ%2B%2F2gIf1X11LBt1wwqis%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda7e82c3723-FRA
content-length: 90509
expires: Tue, 19 Dec 2023 02:28:25 GMT

GET
H2 200 zangsongdefulilianzangsongzhefulilianriyu-shantianzhongren.jpg
static-a.xgcartoon.com/coverw/ 16 KB
16 KB 110ms
50ms Image
image/jpeg 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/zangsongdefulilianzangsongzhefulilianriyu-shantianzhongren.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ef4d8e305ba6d28a0b9efb307e16112274ace9cbc43c0a760913eb9a0881c30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167056
content-length: 16110
cf-bgj: h2pri
last-modified: Sat, 30 Sep 2023 08:24:34 GMT
server: cloudflare
etag: "EE150326E2ECFC4798E42590D0D49BD4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CvsgHZgommWdllbhobKLI5u3BJsVDHNPT%2FktSRmnFZTg3Nu1dny6NZ0VZdno4heWo66avcjKlE7DmAJG3xYLrEaopVG74jBNUc%2BjzBTLBSFECRVFo0IKcBm2sh5iY4uosGxedDbsYPx%2BHAfcPuFc34mrqwA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda7e8263723-FRA
expires: Wed, 20 Dec 2023 01:17:52 GMT

GET
H2 200 shoulongrenlagenaragna_crimsonriyu-xiaolindashu.jpg
static-a.xgcartoon.com/coverw/ 10 KB
10 KB 111ms
50ms Image
image/jpeg 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/shoulongrenlagenaragna_crimsonriyu-xiaolindashu.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ea7fca64b1f5e4f08b3a996a528b5cb1d3305956dec7502ee9c4f59f1c8762e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 65709
content-length: 9975
cf-bgj: h2pri
last-modified: Mon, 02 Oct 2023 08:10:12 GMT
server: cloudflare
etag: "FD3AC5333F8DC9ED14A57DF2658F75A1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iAM90xC7S0VvmAhCdpRPt1%2FF54QwalyTISwkjY1U4IuaQZ0LHBJeLGxpN%2BhvXI7Phtt2fMkU5rpM%2FOa1NPfFEIFBCzWXyVLuET%2BZnHfKx7Cj2DXkaTHcdQmlV%2Fy3ZdYzV4kyY7hS3H%2FkUpCcQlCD%2BHvTZjA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda7f8543723-FRA
expires: Thu, 21 Dec 2023 06:23:03 GMT

GET
H2 200 lieyanxianfeng_jiuguodejuyixiaofangyuantesouzudawu_jiuguodejusebuduiriyu-cengtianzhengren.jpg
static-a.xgcartoon.com/coverw/ 54 KB
55 KB 89ms
29ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/lieyanxianfeng_jiuguodejuyixiaofangyuantesouzudawu_jiuguodejusebuduiriyu-cengtianzhengren.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fa1f27152e0d87361b0db046cae89137d3f1be8c804a2b77885e2c2ca1c8425

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 08:17:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 80036
etag: "3B5E13E18911DA3FA9DC123A1FB1B960"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ylqao%2F8S8vAYeOhQlzv%2FOxGV0qF0E6oMKXwM%2FrflZnJg2ZTX8VFG8uFcnimqgP5u2NvXsAoZ9zerjtXwjFw0PIPlq374f6o%2BMpoZlkHw%2Fm3at52NTJB%2FLPo2imsW7EMwrs3drQzLOI2Nd1I0IIxn5k1B51I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda7e8253723-FRA
content-length: 55378
expires: Wed, 20 Dec 2023 02:46:31 GMT

GET
H2 200 duizhangxiaoyiriyu-gaoqiaoyangyi.jpg
static-a.xgcartoon.com/coverw/ 84 KB
85 KB 110ms
50ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/duizhangxiaoyiriyu-gaoqiaoyangyi.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 505587c1162ef2d4af495312c860628d42fdd2b3f5536834468b6c7ed186f070

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 09:17:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65707
etag: "9A55809126B6D6B5EB739038022074EC"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3jBZdQ72h6mxWAaMW8pfNG66N%2FHdFtKazpM3SFUayR5EleHl29drpHJDhsdLscc3nbXPAaDlrP4ZAEkQnujxiWNa%2FfIEdQhep3pJ5VHGSHSzmxdXcSmsy6E8kriYfWxhltyKDdMDAfTlV6K%2FFC2gx%2FLrfeo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda7e82e3723-FRA
content-length: 86154
expires: Tue, 19 Dec 2023 04:07:05 GMT

GET
H2 200 overtakechaocheriyu-gaoshan.jpg
static-a.xgcartoon.com/coverw/ 54 KB
55 KB 106ms
49ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/overtakechaocheriyu-gaoshan.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 521f6fc33d7ede7524e5263c613a5db8df62c4a73a16a8147fdb385a88ec5350

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 09:20:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65706
etag: "2C1FAA685607ABAD7AE0057667AAFFCF"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mutEFCckp3vCnat70Q4ZNO1GaS7TIxPFU3K70Mee%2F4dH1dNpN%2BgfBA2DeQsYCca8X%2Fqu6NwIYMjK4Df48ZZdVNOVPHMPpOfi9ymhkHwO%2F%2FrDZc7x6%2B2LnoN8EYdJ2Q0FMlT5ZaiPnE5SuyKZKMe6gW4tsPA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda7e8273723-FRA
content-length: 55610
expires: Tue, 19 Dec 2023 22:06:20 GMT

GET
H2 200 aotumonvdeqinzirichangaotumonvdemunvgushiriyu-jitianmeihe.jpg
static-a.xgcartoon.com/coverw/ 69 KB
69 KB 108ms
51ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/aotumonvdeqinzirichangaotumonvdemunvgushiriyu-jitianmeihe.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ce64723f400800084733cca3c44b432a1e33fe5df837915a477dab99dea9152

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 09:26:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 166901
etag: "575242576A34933AC4A524902C85872A"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1P3bVx1dn8FcsI3RYzVgJTBUnmQrGcPylh9gZUQZGIt3AJORTxqfC%2Bgx0YaZNQJ0gO2laF8Yd%2Fz3UB6obweG8Y0BKEup4bzyVbHlvb8wZLqfgJX%2B6XIPE2lVi3nx%2Ff9p%2Fxklqh3YzB4tO7hU6bOIoKMqMcI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda7f8513723-FRA
content-length: 70628
expires: Sun, 17 Dec 2023 22:16:34 GMT

GET
H2 200 nitianxieshen4kguoyu-huoxingyinli.jpg
static-a.xgcartoon.com/coverw/ 69 KB
70 KB 1149ms
1145ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/nitianxieshen4kguoyu-huoxingyinli.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fefd09345b668fc2c8be2e1dac0e5fdad0e037db84b07962c0ef5ddb6c804b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:49 GMT
cf-cache-status: HIT
last-modified: Sat, 28 Oct 2023 05:16:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "F936B0D930357EB1420E8E7692165EB9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vZlAqrCRnyC8O%2FojRLm40Tymg8HIqGuN1dV7fNjyWSZyLc0kj8lnLB10F8k8smvxfFjyI9Dvg3hez3KQ5lxSJaS%2BMwI9hD5hMFBTVMRLAchxa211MpY5DhCqS%2FiHCUHTCMKO50VzpcJW5wX0CNOy9UqO7rM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda808563723-FRA
content-length: 70665
expires: Wed, 20 Dec 2023 02:21:28 GMT

GET
H2 200 shenzangguoyu-dayan.jpg
static-a.xgcartoon.com/coverw/ 72 KB
73 KB 53ms
49ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/shenzangguoyu-dayan.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72e0e53345dad9730c52f80ac573b1103553bf860bdb97e682d214825211d766

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 06:29:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 166898
etag: "8B2E7F73113DA565259B2CDD64B45FBD"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hi4Jbs21pPh2nAs82Bn3%2BO1fa%2Fbmbs3oU3MoZdxTCxbdJfEcE9WHuegftRLQcj9JAVK2gaO09ETzfYgZ%2F9yvYxHB9pQC5XI0iLZ6iISYbPst%2FaB%2F3wJetOKQJ1RCwMCqG3FshJKAFKCPCiUOWxfi95T6MfA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda808583723-FRA
content-length: 73923
expires: Mon, 18 Dec 2023 08:31:45 GMT

GET
H2 200 niderenshengshiwolaichileguoyu-puzhong.jpg
static-a.xgcartoon.com/coverw/ 69 KB
70 KB 1083ms
1079ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/niderenshengshiwolaichileguoyu-puzhong.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60e5a59bd06924e897f3f8170823db5fa4919204438357172aa470e442232aeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:49 GMT
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 06:26:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "D1F869A30C9222443C3580CB6EB4023D"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2FFb7sy9vwqUsyMotU65T4uqtX4LPhBOBCyAaSDYdVeLZkPCUyY6pEnBdM9JlA0UI9U68nUTqQiGLcK51d0fg1ptOaijhYlF7DKTgdLMKpE1KqnXe5LYqA4rw54hTR5Qj8blLwl6teIbeeaWBeUPnifIako%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda808593723-FRA
content-length: 70747
expires: Thu, 21 Dec 2023 08:18:26 GMT

GET
H2 200 jinzhanfashiguoyu-hudielan.jpg
static-a.xgcartoon.com/coverw/ 61 KB
61 KB 54ms
50ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/jinzhanfashiguoyu-hudielan.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f33a2f5f25c391fc75150a3034ebd6ac072945f97ecb572df2ba5ace685c023f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
last-modified: Fri, 10 Nov 2023 09:52:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65704
etag: "B6CF6BA8847A9E051A54B308570DEB2D"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rfTyChPSgUKGaqvumdW4ZlT5TBQQSaX%2FxlA2kvmnI4SwQewjBu65glFGzdVp%2Fp9pJzPFIW4%2Baj775OutjZVqyZp5sjUQ%2BB81engEkEDwU%2FEngDRz80BMbt0J20UdKq6Clq%2F0%2BpzUoyVnNMkCjBJcYuTe7Uk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda8085b3723-FRA
content-length: 61986
expires: Thu, 21 Dec 2023 01:24:18 GMT

GET
H2 200 wushuangshuguoyu-qieyingshi.jpg
static-a.xgcartoon.com/coverw/ 64 KB
65 KB 35ms
31ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/wushuangshuguoyu-qieyingshi.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f41cdc29fad9db0b0ff1c365d9cee36da396346538b001d566a66f261be39df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
last-modified: Fri, 10 Nov 2023 09:50:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65703
etag: "ED0F7E96FB240E4CC6EBFFD4151AEE35"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Expu1GUXllVDEhpN8QrcIuk5Q7OqLMAYPKNRtY%2Fb5Erl2c9dOOHVyHgStCYRYe2sq5XGjGp8BSi%2Fjtvx1jA3i5iJuAMAwqy02VC8j0vvnSTiEwUmvnhejW%2Bn2Nezq9Pg5dmGlTK6p6fdB%2FjI%2BSUHGYnTS58%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda8085c3723-FRA
content-length: 65892
expires: Tue, 19 Dec 2023 02:04:51 GMT

GET
H2 200 aoshijiuzhongtianguoyu-fenglingtianxia.jpg
static-a.xgcartoon.com/coverw/ 86 KB
86 KB 55ms
51ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/aoshijiuzhongtianguoyu-fenglingtianxia.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9482ef22ac0ff1fe12c7df21d2142a15aa40b0b58b746887ed7357324f26d9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
last-modified: Tue, 17 Oct 2023 02:45:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65701
etag: "1BE8883BDD9CBA199D68ABA0421068A8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WUQhR04NkJ2rxNFT588dFTUtbUJEWtVsYZxiaUj03BzQ8RIhPFFZyXSstu5C%2BesKEEpaXT%2FbGhrGnpNVKPn4ALuMZ0X%2FcPUN1b%2FPB%2FBatoroLwAd9MaXytFIhzQqVkrwEsI6yHt0PVDm6hk514m1AcrNy%2F8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda8085e3723-FRA
content-length: 87840
expires: Wed, 20 Dec 2023 01:12:57 GMT

GET
H2 200 wudongqiankunguoyu-tiancantudou.jpg
static-a.xgcartoon.com/coverw/ 80 KB
80 KB 35ms
31ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/wudongqiankunguoyu-tiancantudou.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e51caf5c4f4e84fbdb340685b602bea060d4d87fab53f01f6a6f7ccb80cc489e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 05:58:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65702
etag: "668C6F4FB565F1B929E65BF6F1705C33"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dWe3N3YLziwSFXlUvdc5SEvzgvH3zHVJ7fuEa2URY1ehZ48JX9FnnsJMNXidqQvkPlaXTQ0fWcaz3NX0UaYI0yCbijAhLSx78pYIeruJ2063sEmlvSzP3uwY2XFH8YyBkfAbT795Rh%2FwbUD%2BOgiKaQU9aYs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda8085f3723-FRA
content-length: 81817
expires: Thu, 21 Dec 2023 09:56:46 GMT

GET
H2 200 busibumieguoyu-chendong.jpg
static-a.xgcartoon.com/coverw/ 79 KB
80 KB 54ms
51ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/busibumieguoyu-chendong.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff146c82166afe0cf2e272fad7c1949b5cb6fbecffd3a5837d85a176f1759951

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 05:55:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65701
etag: "35B0403C3C5AC915F6C73E135A428314"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gq8GAcTpKo9yDO%2FoJDIhsqhfwMpatCxMWYgW1NwmmuSg4Xrxg9WjdwFiPCy0nQh%2Fj1%2BQVv5y7s0FUVIv6eORdZUP%2Fb0QAG%2B2FQuiCgvqoxwhARS0EinFFiLAJvTtzjgNdJJX2Lsy%2BQA910NTIp9%2BovTbCIA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda808613723-FRA
content-length: 80972
expires: Thu, 21 Dec 2023 09:25:42 GMT

GET
H2 200 lingzunzhizi_dongtaimanhua-aiqiyi.jpg
static-a.xgcartoon.com/coverw/ 82 KB
82 KB 52ms
49ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/lingzunzhizi_dongtaimanhua-aiqiyi.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c68d446f318242cb483c1404fb248a100ef152a579492b23752b4427954a096a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 23:23:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65701
etag: "948315BB2FB857884F1561F688E6F27C"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=huefw8pxQJabv0O1A5aMGFljIpi7eGiqUqCLEcp92XyPaeq5pbcjm3d8QMlQX0VEiuTUGInd5F6uFjig4gbphQNYyb3yOEUUZtRX2onG2YN%2FB%2FkT%2Bir9RJVsoVurDLoIKZKSX8xyX1QL%2FIgcI1FgyT6azZs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda808633723-FRA
content-length: 83567
expires: Tue, 19 Dec 2023 03:20:54 GMT

GET
H2 200 bahuangjianzun_dongtaimanhua-woheningmengnai.jpg
static-a.xgcartoon.com/coverw/ 80 KB
81 KB 470ms
467ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/bahuangjianzun_dongtaimanhua-woheningmengnai.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41060dd159c926287487f50a2d8e583c8c72e6121d1f5ffdc626dc6cf6bf4efa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:49 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 23:25:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "A7D9B45ECA968201355BB03F8CB2FF18"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yOh6QP%2B1V%2FCZhGBTpSc7BN7Ah856Z7S%2Fz8whaZjXHJ1qNWDHHiG4I3R1JL%2Bj%2FFZHLuZFylrTCFOdxzoi302gqpR2k2b2iFj8BG7MNtVL64OCIZLU5MdzbC0IzTkWU%2BfxVPeReZeNNNqlTvybLL6xE58y7k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda808643723-FRA
content-length: 82157
expires: Fri, 22 Dec 2023 03:23:23 GMT

GET
H2 200 chenshuiwangu_chushihengtuizhutian_dongtaimanhua-taerxisidongman.jpg
static-a.xgcartoon.com/coverw/ 79 KB
80 KB 54ms
51ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/chenshuiwangu_chushihengtuizhutian_dongtaimanhua-taerxisidongman.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad8677457876f632db38d31886a4f65dfeb50037c421ed20a9918fe60293585c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 23:26:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65701
etag: "189EC241E3F4BF6B48B573CFB959DA03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTWbnx8AJKt1re1B53ZctfqVFeCyGuAtao9BVuZi6MPsITPbJmqZXN2VRO5lQLb6iip9iuUPKqiWGaMCqdTfSGXvgbAwmc%2FF0LLKqltR7%2BiC8qA2jYME8U%2FRjuToaQlH%2F2RNtmsBkXC9ZxvvBB7hDFmbaCs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda808663723-FRA
content-length: 81101
expires: Thu, 21 Dec 2023 02:09:14 GMT

GET
H2 200 kaijuqiangwenliekounv_dongtaimanhua-xiangtianxigua.jpg
static-a.xgcartoon.com/coverw/ 81 KB
82 KB 53ms
50ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/kaijuqiangwenliekounv_dongtaimanhua-xiangtianxigua.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a343a1840f00a5db5891891069d57a2af26f4c1b80be9098252cadcca0b4e6bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 23:29:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65701
etag: "441C7D9C48ADD92C56645F75112A1835"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RA28ClXxQm5Z3S5XSMDcahS7NOcSMYG8gokLeKPFHWdulvexOLjgvuWyYnTPA%2FlNm46XLzq6TfXQQ1tVa3aIKJn0egyWYhyAcU%2FJr6oavEib14kNgGbmhmt5Ko1nzS9p0VmFnGi%2F17%2BPeIGdviRti%2BiirJs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda808693723-FRA
content-length: 82987
expires: Thu, 21 Dec 2023 02:09:14 GMT

GET
H2 200 wangulongshen_dongtaimanhua-paipailong.jpg
static-a.xgcartoon.com/coverw/ 81 KB
81 KB 53ms
50ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/wangulongshen_dongtaimanhua-paipailong.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89f365a523630bea5ea3533ec5c06b7db2297d14ccf662fe90aeba69d9ac3158

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 23:32:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65701
etag: "39B918AEBD42D0FFC27FD6399F76C99B"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3888TEoCLpQDx35%2F5BIdOE%2BYCdT4HfQvDad7I7JJBhbB3DOStXpOP3Bqhm5EKCAtBQELQ1jbwPiVJbOqdOSDJFKMj0Gm47g3OJw7G8EhVgYZPu2YmISa3PsorwCjVzjkNr%2BiHJSlEWvbojUlkx9C7kDLm84%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda8086a3723-FRA
content-length: 82534
expires: Tue, 19 Dec 2023 03:20:53 GMT

GET
H2 200 wozaiyijiedeshishenzhilu_dongtaimanhua-neoman.jpg
static-a.xgcartoon.com/coverw/ 89 KB
89 KB 51ms
48ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/wozaiyijiedeshishenzhilu_dongtaimanhua-neoman.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f59a24724025aaa808fdcb5db803d2127feba310c2acf9acb0e5365b9a2b8809

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 23:33:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65701
etag: "68B22A30E6B66C3A18BF426483A1D988"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LejFLry0IvvXACP9njtYW8SlqybnSplLgF3y0EeqnUwbL4BMaWJHY98Ph2vaLhRctzB3FCLJmlDbqwXSgF0S5LKy3iFkkNUXeFdPwqV9%2FvObd8kMUWPf5kDtUbXoycvi%2FbV0HEYvN88x98RbVIR4pzK4goI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda8086b3723-FRA
content-length: 90958
expires: Thu, 21 Dec 2023 04:04:56 GMT

GET
H2 200 wosongkuaidiyoushenhaojiangli_dongtaimanhua4k-chuibuqidepaopao.jpg
static-a.xgcartoon.com/coverw/ 66 KB
66 KB 52ms
49ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/wosongkuaidiyoushenhaojiangli_dongtaimanhua4k-chuibuqidepaopao.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5af2b3c44d498d4ca737d2fbc0acdc882fc81ec81afc4c1b7d8548f9b52f64a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 23:35:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65695
etag: "BAB8ABA6F4F3ABBE8F4305EFABA84344"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L0ig%2FKprSkWkIJ0lFN8O5ZH8PyLvoXUmolmvZNak8Gdebxd8kZZ3sQA4hEz3daLXeJzMsVrugUxQ0emL7SpoobNDrMCrJpKXHoK0nK2wUiTBs7KiWJ0RfyaFNsbZC0z68%2BhzawmJsA1ZUC02awgfTJCdRe4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda8086c3723-FRA
content-length: 67545
expires: Wed, 20 Dec 2023 03:50:06 GMT

GET
H2 200 zhanzhufengzhidajie_dongtaimanhua-manshengongchuang.jpg
static-a.xgcartoon.com/coverw/ 76 KB
76 KB 52ms
48ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/zhanzhufengzhidajie_dongtaimanhua-manshengongchuang.jpg?w=280&h=120&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1917b964380fc9d01d1e73a79c4d7cd4c0e9ae2a34ae63ddbcd65cea655e9a06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 23:36:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65694
etag: "7B438FF2C085D78C499DB5A0F124083F"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mT%2FLiRqgAC9LtRrZ5cUVVU3dYtxbksLgzOjZ6ZCWAVZzsFPFgTdOubixsWsaNnucCD%2FVNQGZWDAig7JvztdRnEEv%2BGb8GsAwNwHQgmBRE9Ca4SnR27bHnregaCBsz0adpJmbGIhiOCa9GHnw4UUBePv9qC0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda8086e3723-FRA
content-length: 77699
expires: Wed, 20 Dec 2023 03:40:03 GMT

GET
H2 200 senlinhaoxiaoziriyu-zuotengzheng.jpg
static-a.xgcartoon.com/cover/ 27 KB
27 KB 53ms
50ms Image
image/jpeg 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/senlinhaoxiaoziriyu-zuotengzheng.jpg?w=330&h=160&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7abe4ef543f967bd6fbc94fc40b81fd8a19428d105ba4d20d6f31783e81f74b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 65693
content-length: 27507
cf-bgj: h2pri
last-modified: Tue, 18 Oct 2022 02:11:53 GMT
server: cloudflare
etag: "909670C9E71ED1B7F387FB0F463E740B"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4aB9EhJBgIoSWBvFzx26xWooPBumxDkhiN0ttMnTdSrMDn1V2KrVz2NdDjXdl7gA0ZRQunUL9Wvzg162gdGuX1gjvM%2BcI%2F%2Bgpkbxqgv00Mb%2B3ZSfKcLA0g%2FwEwVuoyR8Tnumzy8gPmC2X%2B4Tj2f4luYkQFE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda808703723-FRA
expires: Thu, 21 Dec 2023 03:22:11 GMT

GET
H2 200 yiqidangqian_1-7jiriyu-datianhuangyi.jpg
static-a.xgcartoon.com/cover/ 127 KB
127 KB 375ms
372ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/yiqidangqian_1-7jiriyu-datianhuangyi.jpg?w=330&h=160&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7a1f2d2b3af5842dc4b63539230c2fdfef285afd76c1304d327daa0b51cd575

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
last-modified: Sun, 05 Feb 2023 03:03:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "D12842BD1DAE25B413459A3FCFCC546B"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qsuqd57zlQpviKnRRjgQ98Q%2Fa2jWA4BonP9qj3q%2Ftb6df3wQDZ1sOANpz37OHTAi069iAyVpEa0mO4%2BMbQm2Wkio5uURgW8mLd0L2%2Bp0IsIpZySmVBYxhjgOZP0OIFn7LGIfab%2Fh7%2BQG2lDmQLtx0hOY2uk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda808713723-FRA
content-length: 129796
expires: Fri, 22 Dec 2023 00:13:33 GMT

GET
H2 200 shanzhangzhuonongdegaomutongxue_di1jiriyu-shanbenchongyilang.jpg
static-a.xgcartoon.com/cover/ 132 KB
132 KB 71ms
68ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/shanzhangzhuonongdegaomutongxue_di1jiriyu-shanbenchongyilang.jpg?w=330&h=160&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ed841005c6fd7c9bd183a289bb9e7bc9c7a85e90d370bfb9eb42f440b7ede73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
last-modified: Tue, 30 Aug 2022 07:44:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65688
etag: "17421E25008222EDFE9BCBCEF2ADF721"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kOpzF6zzLEZ316fKsvNvNhkSxXJ3wRdbx3i4iMugk%2FzaVkxI15NkNn1J2LFkkwOe1yaieCnWP2lO%2BgMsHc7W%2FJseJN8fgkwzEwQUvEUqNgpzJ8xiT%2BpF%2FqGWH%2BE4st2FXh%2BvDbeaNWYLWCR1CNXn0sWC0FY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda818893723-FRA
content-length: 134813
expires: Tue, 19 Dec 2023 23:24:58 GMT

GET
H2 200 maohelaoshutom_and_jerry_yuanbanpeiyin-migaomeidianyinggongsi.jpg
static-a.xgcartoon.com/cover/ 2 KB
2 KB 54ms
51ms Image
image/webp 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/maohelaoshutom_and_jerry_yuanbanpeiyin-migaomeidianyinggongsi.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94b0aa179f9950baa8375f953ee4a03b1606d0945ff3159dafa2c8bdcbb2d59f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
last-modified: Fri, 23 Sep 2022 01:41:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65693
etag: "E5E81A81EBECBC8D433B057AF25B6B0B"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2vAU9%2BE4TOViC%2BCkBpKu2NOQRDPz6LAY6fEbb8dXMbOHT5ZS6UWBiWO1V92NCs1W8aJgiN%2F39EGX8le8RDgUcmFeASaGj38BZVuQWeRyJ1aSR5mYzBusDSX534sRomP%2Fx6v5IQF4RFfbjVEEgrcQ551332w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda8188c3723-FRA
content-length: 1816
expires: Tue, 19 Dec 2023 02:04:52 GMT

GET
H2 200 dawangbugaoxing_di2jiguoyu-shituzi.jpg
static-a.xgcartoon.com/cover/ 14 KB
14 KB 58ms
55ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/dawangbugaoxing_di2jiguoyu-shituzi.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54eda68a8d6e9cf6039971639882c4b78f652fd47545a11a66bffc39df959e40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 00:57:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65693
etag: "478FA90B6BC5A45142B686383C3AF18C"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n4orRjpKW7kc0GFK8DpiO4FLM8eP1vbIJvSpyPk6vfOLd0dOs%2Ba51eh7JJYWL38%2BiEcRQb83IDIWKotCxO0bxmQYsNaOBe7fo9JBkX5KMwL1OrmyJWkwdRs93u3PiPE8tliNQ0qd3VEEULJNjaSr%2FWKYe%2Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda8188f3723-FRA
content-length: 13997
expires: Tue, 19 Dec 2023 02:56:31 GMT

GET
H2 200 ququbucai_zaixiayeguaiguoyu-yuanqiwadongman.jpg
static-a.xgcartoon.com/cover/ 15 KB
15 KB 56ms
53ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/ququbucai_zaixiayeguaiguoyu-yuanqiwadongman.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a97d3325c01891167615327fef9cd173ac264f69bf526c15af006ad27f99eaf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
last-modified: Sun, 07 May 2023 06:42:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65693
etag: "BEF514ECA2F8681E6F7AF4005C8CCDF2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yY6jQPfRwENlaSaf50lj91%2FCHxzL%2F9fQ0InhRpA1DXVzPWiIXwDvS8fsUCphGC9JuE%2FG3zhFYpEOYyOO1RU%2B6aWWmKoM9IWvR%2BYsf9RIUBjgpKvm3hWVDXWatwIubEU9zIWTObMa7H0UU1mSkYXegfJfmj4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda818923723-FRA
content-length: 15000
expires: Thu, 21 Dec 2023 02:09:31 GMT

GET
H2 200 yizhichonghun_dongtaimanhua-kuangshengdongman.jpg
static-a.xgcartoon.com/cover/ 11 KB
11 KB 57ms
54ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/yizhichonghun_dongtaimanhua-kuangshengdongman.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbb41d948989c5c65e69966c145618e2db14c247ba6b92a6bb7bc62eb29ad634

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 07:07:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65693
etag: "C051EEA0B9C1600DB5216E34275CEF3F"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KidpbvQQYPhv%2Bn0mOPCS06znPK3HT2wgXQqmWB8pPLwkuvdZLgRVgjCJQXJv4%2F%2FxEkMvz0n6ne%2Fy1PufYEzghMRG994V3donprohRAX1TlXOhWwqXKpulfYrX1xXGOB0sjZVsfaqkDpYA2nowbsIdlxTExE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda818933723-FRA
content-length: 10954
expires: Wed, 20 Dec 2023 02:31:13 GMT

GET
H2 200 wuxianwangzhexiaodui_dongtaimanhua-youkushipin.jpg
static-a.xgcartoon.com/cover/ 13 KB
14 KB 58ms
55ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/wuxianwangzhexiaodui_dongtaimanhua-youkushipin.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a5e8e47f8c822a6b6949d92a6ae8666a793ba1f1a208f19b9cc696d560852cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
last-modified: Fri, 07 Apr 2023 01:55:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65693
etag: "C8835D7A4279B9037D93823591E23FE4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vANHTh2QH0h0kM2rJ4KrYfUQEs3lqWwtFt0%2FxASxj6%2FRWfuxl78s2NuQ7ZOFfD2XHEa%2B54OOWRX%2FyTRysp1hhCAc2Sxe8JxuvZ7kzaIRNT81tnsXIZQ8rSBJxzfLRg2wJAFDJoik3MNTW9PGtceqtTfjn2c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda818953723-FRA
content-length: 13798
expires: Wed, 20 Dec 2023 23:25:06 GMT

GET
H2 200 xiudoumodaoshidiyiburiyu-shenbanyi.jpg
static-a.xgcartoon.com/cover/ 3 KB
3 KB 73ms
70ms Image
image/jpeg 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/xiudoumodaoshidiyiburiyu-shenbanyi.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45aff63862b7a85a48741e816ce3b9fdc7e2ea725e1f5989ceb47f502381a4d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 65691
content-length: 2697
cf-bgj: h2pri
last-modified: Thu, 20 Oct 2022 04:56:35 GMT
server: cloudflare
etag: "F9364CF22F7C8152E974F570F4242ED6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hPU5QXTIMCavtjb0z75086AKCqCuByCQBn%2BZVA1Jy7v0PMQd2enX%2BEDvwcTBTSTtjD7SoD3SXo0nlqOkZroqk0xzkgFBobz7XeLU75nQ9MvupBqMSjGbL68AoxynlgdTbOsjZYJSJ%2Bi%2BCfkTr4b6t1ykAt4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda818963723-FRA
expires: Tue, 19 Dec 2023 23:55:41 GMT

GET
H2 200 fangyuquankaiguoyu-loujia.jpg
static-a.xgcartoon.com/cover/ 12 KB
13 KB 71ms
69ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/fangyuquankaiguoyu-loujia.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 326db4ba0a99427d55bb9b9c42decc77d1d07a925a3c0bede1ad8e1f511c82f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
last-modified: Sun, 07 May 2023 02:14:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65692
etag: "BF325C19368B0FE3C21FDC47FB7A32DE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AYvOUppNftGSyceIO2bV7aLNGlAtXsP2lwDKG1LPJleGxsPeQuN1kHsLQ3c77Uj%2BLZeEyGIMC9uuhL4U4tYz4NDhM4nWSSEXgjVxoEu4PWuDsC%2F0p9dMT2AIh9xO7ZNbwcuF88cEhHGra5xLFG0f19JMl1I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda818973723-FRA
content-length: 12407
expires: Tue, 19 Dec 2023 02:54:11 GMT

GET
H2 200 mofajinshumulu-jinzhibo.jpg
static-a.xgcartoon.com/cover/ 3 KB
3 KB 72ms
69ms Image
image/jpeg 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/mofajinshumulu-jinzhibo.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1550cde0e7d219960e9cb08513b187557f36f8492494b8aa84722533baa675c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 65692
content-length: 2883
cf-bgj: h2pri
last-modified: Mon, 15 Aug 2022 18:13:29 GMT
server: cloudflare
etag: "9190D06529D3D2F33CF12DC938567CCF"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=btL4Y0WrWNhZHwxnRa5WKP34JT%2FqHXbZvFtoXHLr7kNzs01tmITNETYLji1T9KQIICcuCgKARNfRwRdhsr8l3eoFjtXFeKof4RMPZpmSs1NjqpDsDmj%2BOsohwQ7KrAxcVkQhlloEBgo9QVQQcYhaXpVX0nU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda8189a3723-FRA
expires: Wed, 20 Dec 2023 23:03:11 GMT

GET
H2 200 yishijiemigonglidehougongshenghuo_riyu-suwoshechi.jpg
static-a.xgcartoon.com/cover/ 2 KB
2 KB 72ms
69ms Image
image/jpeg 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/yishijiemigonglidehougongshenghuo_riyu-suwoshechi.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe364619ca5af89c1517dc71bb790c4b2fc8ad68e40828b73d35c01a057f2820

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 65692
content-length: 1896
cf-bgj: h2pri
last-modified: Tue, 20 Sep 2022 06:49:20 GMT
server: cloudflare
etag: "C4FF63CA5522451C13043B0A23C7D8F4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XxzzmEurV3FnA5J9PlDXwfclp%2FroSqGzDZis%2FFG1L5C%2F0AYtqE%2Fnd6MkDOozdRSABXtf9i7TQZQD7HsHHQMspusjTU%2BYRQ2%2Bs4awBmQblfWWe4krn8lUSr5YUn%2FfJ9VV1kwWF%2F1TqPrgK%2BxHJTnbViC1hvI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda8189c3723-FRA
expires: Tue, 19 Dec 2023 04:09:36 GMT

GET
H2 200 quanzhifashi_di1jiguoyu-guanzhenyu.jpg
static-a.xgcartoon.com/cover/ 13 KB
14 KB 73ms
71ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/quanzhifashi_di1jiguoyu-guanzhenyu.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4620eb8558321711185c5cf37ba11012a3d67617ab55060ce2ab0c7ebb1a5dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
last-modified: Fri, 05 May 2023 23:14:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65692
etag: "B9344F29FC35FDD5A32F6916143E46B8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZWia89dTqhE%2BktIlRPeGmNAAJKUvHlXeex2RESOiVOzkak0j8CqwUf1VY6cZ5kpUxmBeGk9Hc0m98VoLk7ywdOwjap4CnWufs%2Bi%2BXT4f%2FKQSJ0yXTnWVelmXc9kQznDQXvqHrKWGnS17Fer0x4%2BEpp8K2cY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda8189e3723-FRA
content-length: 13786
expires: Tue, 19 Dec 2023 03:20:53 GMT

GET
H2 200 fufuyishanglianrenweimanriyu-jinwanyouji.jpg
static-a.xgcartoon.com/cover/ 2 KB
3 KB 74ms
71ms Image
image/jpeg 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/fufuyishanglianrenweimanriyu-jinwanyouji.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6e1cc877a10a8eb6972d29ff997fcba4280ce42b896f3909cd932ba02fd5bfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 65685
content-length: 2390
cf-bgj: h2pri
last-modified: Fri, 11 Nov 2022 00:33:12 GMT
server: cloudflare
etag: "2C07F9FCE1FF84CA15BF3FAE2284DF91"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vgZw0wtPqBEwdNMIU%2BTVqeKmpmtk485xHQeGW%2BFrtVmrXO2mS2jMVILbBkieB660Ik6RuJaSJLUJP8Ce3V0z9jNeKOPU4gF5hnZCKCWQhDh13R8N6gsFHqfRNV3QHOuNTd0dLR0j%2Bb0T11zJrh7soWJbjHc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda818a13723-FRA
expires: Thu, 21 Dec 2023 03:22:10 GMT

GET
H2 200 malajiaoshigtoriyu-tengzeheng.jpg
static-a.xgcartoon.com/cover/ 13 KB
13 KB 73ms
70ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/malajiaoshigtoriyu-tengzeheng.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c59cff9a64bddf2deaea3effeb952babb3a012d05e7b1d3ecde5212f7c17b9a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
last-modified: Thu, 01 Sep 2022 09:54:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65685
etag: "B643EC1285EBF7BEBB2FE21273DCA74D"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r4hU6L5VzCcy%2FpiQDp04iAY8pj5y0njMmsasmYBtUmDJADlIwv7oFd7gVodd2HReMgs2sqWps177ABkhVY6LtlSBJ7WTYXJVEdXepPzWxV5%2BIPt3ps%2Bh8G8tL3NHnSllaGNcSg2dC3au8dWoEln0t%2FaCa3c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda818a53723-FRA
content-length: 13245
expires: Tue, 19 Dec 2023 03:20:53 GMT

GET
H2 200 meishaonvzhanshiriyu-wuneizhizi.jpg
static-a.xgcartoon.com/cover/ 5 KB
5 KB 73ms
70ms Image
image/webp 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/meishaonvzhanshiriyu-wuneizhizi.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d42553a5c5c21454807af7cec2bc459c0dcb08728f1175db01d196b2bdfc8bf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Oct 2022 01:35:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65685
etag: "3E3669DCE08F269784F773A3A0BB30C8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mORVzdMMgG1RxScTy5OXBEcXLfleMUdlrViln7h5Y1rNB44aZW%2B%2BYBxtB%2F27e14J9dtUg%2BhQiSFA8UPbY4r%2BrNhWyi5qg%2BnXo5i9VV%2FbaqrjQJbvgVrrO%2Fi0Xk%2FY1p%2B8BZG5ID68F9iG2MGHjvdfBMhDbVA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda818a73723-FRA
content-length: 4672
expires: Wed, 20 Dec 2023 23:03:10 GMT

GET
H2 200 tianjiachongqi_zongcaifurenxiuxiangtao_dongtaimanhua_di4ji-baicha.jpg
static-a.xgcartoon.com/cover/ 5 KB
5 KB 922ms
919ms Image
image/webp 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/tianjiachongqi_zongcaifurenxiuxiangtao_dongtaimanhua_di4ji-baicha.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3523fe0bfc26b6aea6ba24d933045d533972c56d98371a9ad2f952afa3af4465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:49 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Nov 2022 05:42:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "8B570B4703DC81B4249B18FA260FEB03"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zprQI4c6rgkdbqUYbOT7L4K8u7B%2Fnwoi84oIarT90mN4TybH2IQnnH29x%2Bs0CXXSwH15v1mdfZFyNzrkU6eN7mWyFeO9mijT9ao3r7CttS1BPhuOu2WNFbXYkthETCHoocRd05huFKDhUWf5vqQuqmKQfjE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda818a93723-FRA
content-length: 4728
expires: Wed, 20 Dec 2023 05:51:25 GMT

GET
H2 200 zhongshengzhinuanhunqingchongqi_diyierji_dongtaimanhua-akewenhua.jpg
static-a.xgcartoon.com/cover/ 14 KB
14 KB 73ms
70ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/zhongshengzhinuanhunqingchongqi_diyierji_dongtaimanhua-akewenhua.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 847677e364f632a14b284e72e3b92d136e77486f4efccb0e81aa6d62432994cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
last-modified: Sat, 15 Apr 2023 01:15:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65685
etag: "1A563ACA7CEF7E855881649900046C24"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8DgYD521XnUDHEj4NnbDPGPqvGL0rXMJmRAMz8T%2BMB6izBchj59qqcSOMBV6AxWskXkK6noFNVWoyYAArSFYz8E7ai1kIkcrXiIWDGYoWEYSoX3dbebYk6Tda%2BXBV9xwSbX8yQ0Gn7jVYuJMjCOcT%2FVf7lA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda818aa3723-FRA
content-length: 13852
expires: Tue, 19 Dec 2023 00:41:53 GMT

GET
H2 200 huoyingrenzhe-anbenqishi.jpg
static-a.xgcartoon.com/cover/ 20 KB
20 KB 927ms
924ms Image
image/jpeg 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/huoyingrenzhe-anbenqishi.jpg?w=330&h=160&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: beb41f5f31d4b2911ad91b5b7b05131f006837a6c2bba64dc0659266107431f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:49 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Sat, 17 Sep 2022 12:00:46 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "5BEBF4DF6CEFE84525479C0D9499BF6B"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rP6g0Dr3LBfe3178rD8Qh7Z8eQ%2B%2BBzgK95i0xNo2EFEv2cgldH2cEpA2KB200Y2qct4KFLuFuucxWBERAtTlglczJXOFgB6dRiOCAvB3u1YpRHYIckSkBRJZgIaY2ZQzecF%2B6ouSi1mhjCjaox81qCrbho%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda818ac3723-FRA
content-length: 20074
expires: Fri, 22 Dec 2023 11:15:57 GMT

GET
H2 200 lingnengbaifenbai_di3jiriyu-lianjinglonghong.jpg
static-a.xgcartoon.com/cover/ 2 KB
3 KB 757ms
755ms Image
image/jpeg 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/lingnengbaifenbai_di3jiriyu-lianjinglonghong.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b497840fdc78d638af40eccc2c9fd9006670503964b7b8d7d84c5f8062ef25d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:49 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Tue, 11 Oct 2022 10:49:35 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "79E4E799FC149BCB112B48BE58EA6B10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Um4sGWGc9FiStxIO3kHPtGYFgl5%2BZG%2FoWNuYz2Yk%2BU4L5H%2BoBAzE%2FMDLiSw0OFonG%2F0EjJ8jssZ5GAdceUyfx2NJ3yvkMoyzJ8llNPjwvypStpc4cevNjsORRr%2BzXtnebDpm%2FxKpCHhg7lnuQ%2FndsDppLE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda818ad3723-FRA
content-length: 2301
expires: Wed, 20 Dec 2023 20:11:04 GMT

GET
H2 200 bulaizeaotemanchaorenblazarchaorenlibawangbuleisaguoyu-yuanguzhushihuishe.jpg
static-a.xgcartoon.com/cover/ 127 KB
127 KB 1187ms
1184ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/bulaizeaotemanchaorenblazarchaorenlibawangbuleisaguoyu-yuanguzhushihuishe.jpg?w=330&h=160&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d7e3dba795cc58a5bedbef6783f9e5151f51447f01b9e85e54bd16fb762cc15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:49 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 06:03:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "0446BB7F702C0E60EC9D518B32F179A0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xyS317KrAh%2BiIaIkCeJy6YJ5Q1YGaJvWHCpG0yQlvuVquYypbmCx1AVbA%2B3Q9qgos7IZWnR8YMpWDbQVOm4R54Vy89Co3AXH2M296JhTosuHSKeQ6E4yFjR3FN431zJdPdszmuNtAW1DzQEQPvaOrwS%2BaiA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda818af3723-FRA
content-length: 129743
expires: Thu, 21 Dec 2023 01:37:19 GMT

GET
H2 200 telijiaaotemanriyu-yuanguzhushihuishe.jpg
static-a.xgcartoon.com/cover/ 15 KB
16 KB 872ms
870ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/telijiaaotemanriyu-yuanguzhushihuishe.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dc8d4c8057500621917b3d88c33f534d917b03234c4716c04ca483e3dfdd69c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:49 GMT
cf-cache-status: HIT
last-modified: Thu, 16 Feb 2023 01:33:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "9484ECFE745A52D1CB3D1419C8357010"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p8RbDHAJSJUelh4oE0%2BFmWQGQjcqbBrrwq%2BFL99qdnR1ezaLjNd61wFgZGfKC47Jg9tv3tJXkyLhTYR6Has5gZFLvlBAgarbrSFmwQwOdwHKWtfpvZOnTukK1JFTaWGJarGfS04H%2FmEPp12jobqLZT6QUzo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda818b13723-FRA
content-length: 15613
expires: Wed, 20 Dec 2023 03:03:29 GMT

GET
H2 200 youyoubaishu-fujianyibo.jpg
static-a.xgcartoon.com/cover/ 17 KB
18 KB 809ms
806ms Image
image/jpeg 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/youyoubaishu-fujianyibo.jpg?w=330&h=160&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 753107f53fa7b6669aea9980a59cbbe59f0d21ded66bd2dabe9ddbc24ddcb2b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:49 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Sun, 07 Aug 2022 16:13:54 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "D7C5BA4A4C08A7C3445732535D7FFF06"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3EBrLALtcyoEnJ1xyUK7A3qGNvXMMXYtnQrojYg9HgK9ykBL7rm7f7%2BDrMvUWZpo2%2FpdnOh0NSCGbGaw%2FUQfgLDuvZXh1b%2BUBIa5ibP3YPq8%2FFRqetXw4%2FJ5gPy7UuIPKO8y0meYAPCGjVN1EnWiXOGH7E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda818b33723-FRA
content-length: 17505
expires: Thu, 21 Dec 2023 07:06:28 GMT

GET
H2 200 wanyufengshenguoyu-litinghe.jpg
static-a.xgcartoon.com/cover/ 13 KB
13 KB 982ms
980ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/cover/wanyufengshenguoyu-litinghe.jpg?w=72&h=72&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3be69c4d77cd568b0c2d360918d62e86b33abfe1b08a2bb2c6993235a67d264

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:49 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 07:15:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "D3F7A84E6AF7F1EEF2956FB7592AC66C"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LQfIj42%2BPBtWJOAbui5Sw5d9fDfmhxt0mhyZhSU8egw610tCW5dKa%2B8lUhZUPsE0Swt2ecXZbyWlmw%2B7gpox1a6I8JJ8yTbt%2Bi8NWC75GNKXXNq2pH62CJXOQf0YZY1IvU%2BKERG3s9Fs8zUQsp5nVI7yDgA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda818b43723-FRA
content-length: 13324
expires: Fri, 22 Dec 2023 05:38:18 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012312012346000/v0/ 8 KB
3 KB 67ms
24ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312012346000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e2aa31ea0b4c14103915ba7d906536f68d021c22d3038b36c145bc2e6a2cc1d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 12 Dec 2023 17:16:22 GMT
age: 591146
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2975
x-xss-protection: 0
server: sffe
etag: "a9f93cfafa19b094"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 11 Dec 2024 17:16:22 GMT

GET
H3 200 amp-ad-network-doubleclick-impl-0.1.js Show response
cdn.ampproject.org/rtv/012312012346000/v0/ 237 KB
62 KB 48ms
21ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312012346000/v0/amp-ad-network-doubleclick-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d50653c6b567749e8af96b01371c0830a1ab0731ac3e13230bc12913e00c4f52

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 12 Dec 2023 17:16:22 GMT
age: 591146
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63654
x-xss-protection: 0
server: sffe
etag: "7d5e78ba8c7d5e5d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 11 Dec 2024 17:16:22 GMT

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012312012346000/v0/ 12 KB
4 KB 50ms
25ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312012346000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c54442f21c2cbd18f8e6e2508129e77dab00b67022621679202cfe3b9baa4e9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Origin: https://www.xgcartoon.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 12 Dec 2023 17:16:22 GMT
age: 591146
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3942
x-xss-protection: 0
server: sffe
etag: "4694a1430564add5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 11 Dec 2024 17:16:22 GMT

GET
H2 200 mingzhentankenanjuchangbanhejiriyu-qingshangangchang.jpg
static-a.xgcartoon.com/coverw/ 76 KB
77 KB 60ms
49ms Image
image/jpeg 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/mingzhentankenanjuchangbanhejiriyu-qingshangangchang.jpg?w=780&h=376&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a9476ddc842ed2592539716ef20aa025c571793b66f9c23ac206d11aa52e76f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 80036
content-length: 77957
cf-bgj: h2pri
last-modified: Wed, 29 Nov 2023 13:02:59 GMT
server: cloudflare
etag: "4FFEE1300AD48B525CF8F6E3046C0AB4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z7cnzPKZk7Elu%2FiKLk%2FjqcuepVzilkMMs32YKtETccAaK8b4N8nJna%2Bbi8ehY4YBBrn8r%2B%2F9Lq%2FvOwRDX2zMnI7OT%2F%2FQVLO2Kx9gDMVw5La77W2%2FbA63hHKJv0d4%2BzQZQIlKJHGwGH0om8YCKRmBJ5%2FsW2M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda7e82a3723-FRA
expires: Thu, 21 Dec 2023 07:39:07 GMT

GET
H2 200 jiandieguojiajia_diyijiriyu-yuantengdazai.jpg
static-a.xgcartoon.com/coverw/ 395 KB
396 KB 41ms
30ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/jiandieguojiajia_diyijiriyu-yuantengdazai.jpg?w=780&h=376&q=100
Requested by: Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c47d3627bd81682d8314d37d4e5f1f025ac1cb3be92bfff56bdc214791576555

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:48 GMT
cf-cache-status: HIT
last-modified: Sun, 08 Oct 2023 09:05:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65711
etag: "249543CA39CA3B181E904028C2F0F379"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ymg5%2Bfbks7wFLigSre9BFc%2BBbWGq%2FLfFGJHn3MEFCs8oxIef%2FQ6rhi3p8n635wyQiIyP59%2B4KpfH2DYYInEFzfiMBCtDhpooDYUBJjTLZabT3N9QkiwiLwT1IM6Ba8qSWhRnFJXCaS32J3KWAhc6m2%2FOyQE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffda7e8293723-FRA
content-length: 404248
expires: Thu, 21 Dec 2023 03:52:15 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 155 KB
43 KB 3177ms
3123ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_home_header&adk=807729522&sz=728x90%7C728x90&output=html&impl=ifr&ifi=1&msz=1200x-1&psz=1200x-1&fws=4&adf=1363681995&nhd=0&adx=436&ady=80&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=82095008106&ga_cid=amp-l6rm70s8209U5GbTzsbPTg&ga_hid=8106&dt=1702992528674&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=367&dtd=6&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9044c1f5517e5d398e6fae473f109c1087a5ed6f35a193affc79931a2dc85d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43652
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CKr8kcfNm4MDFW4jVQgdOYYOFA
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Tue, 19 Dec 2023 13:28:51 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
14 KB 2793ms
2739ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_home_hrec_1&adk=1345413239&sz=320x50%7C728x90%7C468x60%7C336x280%7C320x100%7C320x50%7C300x250%7C300x100%7C300x50&output=html&impl=ifr&ifi=2&fluid=height&msz=0x-1&psz=0x-1&fws=4&adf=842741550&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=82095008106&ga_cid=amp-l6rm70s8209U5GbTzsbPTg&ga_hid=8106&dt=1702992528674&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=367&dtd=6&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c87438af538355fb31763dfc58e09aee52c9096b0f3ce6b3909a35b2a589141

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
google-mediationgroup-id: -2
x-creativesize: 320x50
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13663
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CIrK7sXNm4MDFd4mVQgdMiMPxg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 107027455953
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Tue, 19 Dec 2023 13:28:51 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 141 KB
43 KB 2433ms
2383ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_home_hrec_1&adk=997395249&sz=320x50%7C970x250%7C970x90%7C728x90&output=html&impl=ifr&ifi=3&fluid=height&msz=1200x-1&psz=1200x-1&fws=4&adf=4107419727&nhd=0&adx=800&ady=637&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=82095008106&ga_cid=amp-l6rm70s8209U5GbTzsbPTg&ga_hid=8106&dt=1702992528674&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=367&dtd=7&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

702b9456ddc2e5e24be3f79379ba52e66bc7e8db235469a7c53f2c3b327ae57d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 1200x250
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43382
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CJLw48bNm4MDFUOhewodKuEHFg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Tue, 19 Dec 2023 13:28:51 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
14 KB 3138ms
3088ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_home_hrec_2&adk=1425218679&sz=320x50%7C970x250%7C970x90%7C728x90&output=html&impl=ifr&ifi=4&fluid=height&msz=1220x-1&psz=1220x-1&fws=4&adf=3343197514&nhd=0&adx=800&ady=2269&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=82095008106&ga_cid=amp-l6rm70s8209U5GbTzsbPTg&ga_hid=8106&dt=1702992528674&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=367&dtd=7&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57bd5fc8348c295a6a6aa58634a6850f1539ce4468bf2b7ee3c9cc1db0cacbef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
x-creativesize: 728x90
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13623
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CLbW7sXNm4MDFQqwewodVOcHlg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138324260118
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Tue, 19 Dec 2023 13:28:51 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
14 KB 2524ms
2474ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_home_hrec_2&adk=665818911&sz=320x50%7C728x90%7C468x60%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=5&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=2267600489&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=82095008106&ga_cid=amp-l6rm70s8209U5GbTzsbPTg&ga_hid=8106&dt=1702992528674&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=367&dtd=7&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a48564d04daf471e99a45c9da8bf6ce686ad25ff3398a3685343734e958231b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 320x100
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13664
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CN7D7sXNm4MDFQngEQgdf7UIXA
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 107027453793
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Tue, 19 Dec 2023 13:28:51 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 142 KB
42 KB 1430ms
1381ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_home_hrec_2&adk=3860582034&sz=320x50%7C970x250%7C970x90%7C728x90&output=html&impl=ifr&ifi=6&fluid=height&msz=1220x-1&psz=1220x-1&fws=4&adf=757795631&nhd=0&adx=800&ady=3232&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=82095008106&ga_cid=amp-l6rm70s8209U5GbTzsbPTg&ga_hid=8106&dt=1702992528674&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=367&dtd=8&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7afc83eb08fc8099f9cb39d16020db192e883ed05c7a17bd8f498bb245d6a655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 1220x250
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43265
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CNaarsbNm4MDFXkmVQgdhqUKRg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Tue, 19 Dec 2023 13:28:50 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
14 KB 888ms
839ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_home_hrec_3&adk=1395775898&sz=320x50%7C728x90%7C468x60%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=7&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=66028269&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=82095008106&ga_cid=amp-l6rm70s8209U5GbTzsbPTg&ga_hid=8106&dt=1702992528675&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=368&dtd=7&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0201b79c190132252c7b83b308c3eedf1ae9703c843f79e1dc0e16bd999647c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:49 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 300x250
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13662
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CJqp7cXNm4MDFYkx4AodSEsJcQ
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138324663397
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Tue, 19 Dec 2023 13:28:49 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 142 KB
43 KB 1192ms
1143ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_home_hrec_2&adk=1246061670&sz=320x50%7C970x250%7C970x90%7C728x90&output=html&impl=ifr&ifi=8&fluid=height&msz=1220x-1&psz=1220x-1&fws=4&adf=4291690939&nhd=0&adx=800&ady=4195&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=82095008106&ga_cid=amp-l6rm70s8209U5GbTzsbPTg&ga_hid=8106&dt=1702992528675&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=368&dtd=7&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c251151f6df0f04292170afa5523a6ee15f38209ad18b920c1ece28581e4dbab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:49 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 1220x250
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43866
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CP38ncbNm4MDFQQvVQgdtlcNJQ
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Tue, 19 Dec 2023 13:28:49 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
14 KB 1534ms
1484ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_home_hrec_3&adk=3382497679&sz=320x50%7C728x90%7C468x60%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=9&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=387331864&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=82095008106&ga_cid=amp-l6rm70s8209U5GbTzsbPTg&ga_hid=8106&dt=1702992528675&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=368&dtd=7&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbe3013729bca638627e9135239ffc5fc470a365a744031ca2d3ddf6c8fdb129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 320x50
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13664
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CPij7cXNm4MDFaEGVQgd0KEGqQ
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138324260115
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Tue, 19 Dec 2023 13:28:50 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 141 KB
43 KB 2073ms
2024ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_home_hrec_2&adk=3639063491&sz=320x50%7C970x250%7C970x90%7C728x90&output=html&impl=ifr&ifi=10&fluid=height&msz=1220x-1&psz=1220x-1&fws=4&adf=2473948382&nhd=0&adx=800&ady=5158&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=82095008106&ga_cid=amp-l6rm70s8209U5GbTzsbPTg&ga_hid=8106&dt=1702992528675&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=368&dtd=8&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e09c998e379bc6ac5ddad2d706661a56e0b51300324636a5bd092cb3981e46b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 1220x250
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43995
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CLvB1MbNm4MDFUSuewodwa0MGA
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Tue, 19 Dec 2023 13:28:50 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 140 KB
42 KB 1827ms
1778ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_home_hrec_2&adk=1451229007&sz=320x50%7C970x250%7C970x90%7C728x90&output=html&impl=ifr&ifi=11&fluid=height&msz=1220x-1&psz=1220x-1&fws=4&adf=366815570&nhd=0&adx=800&ady=6121&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=82095008106&ga_cid=amp-l6rm70s8209U5GbTzsbPTg&ga_hid=8106&dt=1702992528675&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=368&dtd=8&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf0f0a43ed82770f16a1fb17aded6b8bf2370393fad9176e14f4a2e49b2338bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 1220x250
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43029
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: COOVxcbNm4MDFbHXEQgd2rUOTA
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Tue, 19 Dec 2023 13:28:50 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 141 KB
42 KB 808ms
759ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_desk_home_hrec_2&adk=2355133382&sz=320x50%7C970x250%7C970x90%7C728x90&output=html&impl=ifr&ifi=12&fluid=height&msz=1220x-1&psz=1220x-1&fws=4&adf=1713749083&nhd=0&adx=800&ady=7084&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=82095008106&ga_cid=amp-l6rm70s8209U5GbTzsbPTg&ga_hid=8106&dt=1702992528675&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=368&dtd=8&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

010f461391b368b9db73665c02faecb01e104c05ab65e2c36cc01ef856da0429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:49 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 1220x250
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43241
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CICh_8XNm4MDFY2wewodkUYMBA
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Tue, 19 Dec 2023 13:28:49 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
14 KB 385ms
337ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F71161633%2FXGTON_xgcartoon%2Famp_mob_home_hrec_3&adk=1043970851&sz=320x50%7C728x90%7C468x60%7C336x280%7C320x480%7C320x100%7C320x50%7C300x600%7C300x250%7C300x100%7C300x50%7C160x600%7C120x600&output=html&impl=ifr&ifi=13&fluid=height&msz=120x-1&psz=120x-1&fws=4&adf=1198440276&nhd=0&adx=0&ady=0&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&is_amp=3&amp_v=2312012346000&d_imp=1&c=82095008106&ga_cid=amp-l6rm70s8209U5GbTzsbPTg&ga_hid=8106&dt=1702992528675&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=60&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.xgcartoon.com%2F&bdt=368&dtd=8&__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e23fcb09cb87d27821c6b9acc0dcd98ba11d0586c31798356bfd15fdd88e1f57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:49 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
x-creativesize: 160x600
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13672
x-xss-protection: 0
google-lineitem-id: 208234953
x-qqid: CMmk7cXNm4MDFZVt4AodynoJFg
amp-access-control-allow-source-origin: https://www.xgcartoon.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138224182300
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.xgcartoon.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-CreativeSize,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Tue, 19 Dec 2023 13:28:49 GMT

GET
H2 200 container.html
d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/ 0
0 95ms
29ms Other
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012312012346000/v0/analytics-vendors/ 2 KB
886 B 21ms
20ms Fetch
application/json 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012312012346000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 12 Dec 2023 17:16:01 GMT
age: 591168
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 856
x-xss-protection: 0
server: sffe
etag: "e666ca0e175b1b23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 11 Dec 2024 17:16:01 GMT

GET
H2 200 ga4.json Show response
www.xgcartoon.com/js/ 4 KB
2 KB 228ms
227ms Fetch
application/json 169.150.222.217
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xgcartoon.com/js/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.xgcartoon.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 169.150.222.217 Hong Kong, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-169-150-222-217.datapacket.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2

Request headers

Accept: application/json
Referer: https://www.xgcartoon.com/
AMP-Same-Origin: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:49 GMT
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 10:49:40 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"11d8-187c255423d"
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
cache-control: max-age=180
accept-ranges: bytes
expires: Tue, 19 Dec 2023 13:31:49 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 80ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8WE8LSVZQB&ds=AMP&_p=8106&cid=amp-l6rm70s8209U5GbTzsbPTg&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.xgcartoon.com%2F&dr=&dt=%F0%9F%8D%89%E8%A5%BF%E7%93%9C%E5%8D%A1%E9%80%9A&_fv=1&_ss=1&__dbg=1&en=page_view&sid=1702992530&sct=1&seg=1&_et=0&gcs=
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xgcartoon.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.xgcartoon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 983F 6 KB
3 KB 29ms
29ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 13:28:50 GMT
expires: Wed, 18 Dec 2024 13:28:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 62BA 6 KB
3 KB 30ms
30ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 13:28:50 GMT
expires: Wed, 18 Dec 2024 13:28:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 983F 24 KB
7 KB 73ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42741
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 01:36:29 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 983F 25 KB
10 KB 138ms
90ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c93dd298a227decbcbc5fcc458c787f081db10425e322950458c08e0656384d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10277
x-xss-protection: 0
server: cafe
etag: 8188157995017847591
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 13:28:50 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 983F 203 KB
65 KB 87ms
37ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 13:28:50 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 62BA 24 KB
6 KB 71ms
25ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42741
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 01:36:29 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 62BA 25 KB
10 KB 147ms
103ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94aea748a7ee24920e714e2e7f90b23d48298e7a79ae1c666308e020ab157a3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10281
x-xss-protection: 0
server: cafe
etag: 4475361942733572661
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 13:28:50 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 62BA 203 KB
64 KB 120ms
75ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 13:28:50 GMT

GET
H3 200 container.html Show response
d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7A18 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 13:28:50 GMT
expires: Wed, 18 Dec 2024 13:28:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 e21910fd923a6283b5d44b2382eabc86.js Show response
www.gstatic.com/mysidia/ Frame 7A18 9 KB
4 KB 68ms
20ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4064
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Mar 2024 01:04:19 GMT

GET
H2 200 d500f8b303efba9f5ab695bab8da4c89.js Show response
www.gstatic.com/mysidia/ Frame 7A18 20 KB
8 KB 69ms
21ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d500f8b303efba9f5ab695bab8da4c89.js?tag=pingback

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

658763708a45d3b028477e7bde12bf3da7292317c8f82c01131600f89052ef53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 09:02:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8365
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Mar 2024 09:02:10 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7A18 2 KB
975 B 88ms
34ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Dec 2023 13:28:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 11:44:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Dec 2023 13:28:50 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7A18 2 KB
822 B 21ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 01:54:19 GMT

GET
H2 200 92da1c8e4790a69c4d76e84ba2e3001c.js Show response
www.gstatic.com/mysidia/ Frame 7A18 6 KB
2 KB 72ms
25ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/92da1c8e4790a69c4d76e84ba2e3001c.js?tag=analytics_pingback_2019

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2b80247038739299b71545084dc4ebff2edd21e6f1ffafe013376bb2e92c4be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 20:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2259
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 20:31:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 7A18 23 KB
9 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52113
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Jan 2024 23:00:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7A18 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 11:16:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 11:16:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7A18 20 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7A18 202 KB
61 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:10:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1076
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62114
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 14:10:54 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 7A18 37 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 13:56:43 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 983F 0
438 B 59ms
58ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstLavep30qyZTdY6wuM3PSD8UQE4_1ga96QrBgT7USAD5b6ibsuJZDnRAwTgCxL4J5xWp6hbqmOK3Ptx5WvNsFKusUV92TDActwkhbORUI7pGZ8XcV3LxlgnxUveg1aIF1DvqV0y_tpHOZ4ljbk7_2VK9CvQ0MUTUor4EBvnhc-joW9XSw6WhGciwb-Y1uQLfGP9kqKF7DU56fd292T0aVPN2t3VBUM4rJA2A9be4Qd0h1ju_jmQI7nyBO5CQxaxoxHE7fJYz7Xtc_tYetQbkvz_kMJSusHPFh0OgXWik--MwG_RyI86s_MtCfVXYtvP2hGJol5rEFGngdB7Ny5LkwxxRIx4pnu0TJWjVzeTkVhGKajzLE-iWRWywZzqg-8-JsDwY_omKg5pq1x9rQ&sai=AMfl-YQvHRzN3JVWMvWUs-u-VVGhxx0w8rCvqEU40I7ni38Obraj09XLbGTS9W0ayCHGIdT7OOldcaM9VRVKap0&sig=Cg0ArKJSzK3w41FO1ZlaEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Dec 2023 13:28:50 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 62BA 0
293 B 62ms
58ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuF2urnsXaDR8-NklpSFQNYJ4mCX1K6jG-HBpPubYtSGypsE6ruOuUM3HWQz9R6WmQ-gwBRMeLY1ZUt9GFznXE_ePLYBlv4nogESajrwxT6LcnaqeDeC8OptYDCxQucIwDTelRsNa_5Qonk105SEt4mBfdh4w0Wu16KePefGjHlqIRmgpkT18gjZe13-QQOupktm31Lo_6FJMfUTs8RANir6v0sDbQWnghj3kTPG1kQZk9gTvmtDkC3y_s9-tmj6wT6wooudLZ8OBpr43ImLEE6_xkZkkE9yZJHOxMc_kyiZ2fpQFUYOuwWk0IjdpEN9-zIHPZo1_o1mU5TE63Xkashjjan0JH2Td2jUKI7KKqfxiB67GKtE5LF5HBEq6_cYguSwWvdvn5gaNgOMqI&sai=AMfl-YRyzUaqljY8jKyt06nxtfIk-lyH5HsOdaM0_3wevuT1_1aun2RQByTpRcqLa478mvrZM0Wx9vGTIb3s9hA&sig=Cg0ArKJSzPKnldb6f3Y0EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Dec 2023 13:28:50 GMT

GET
H3 200 container.html Show response
d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4CA2 6 KB
3 KB 20ms
20ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 13:28:50 GMT
expires: Wed, 18 Dec 2024 13:28:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 983F 145 KB
50 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d1059934fa071ca8d63cb01c99ecfe94266ce25f9e4896c91dae81fd10afde5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51248
x-xss-protection: 0
server: cafe
etag: 33724819413699382
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 13:28:50 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 62BA 145 KB
50 KB 97ms
96ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ec3a4c85938a71f6fc02dc2073ab916112d8b5f3e4dee081c43d4ffca2fe35f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51251
x-xss-protection: 0
server: cafe
etag: 1055679026189704327
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 13:28:50 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4CA2 24 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42741
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 01:36:29 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 4CA2 25 KB
10 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94aea748a7ee24920e714e2e7f90b23d48298e7a79ae1c666308e020ab157a3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10281
x-xss-protection: 0
server: cafe
etag: 4475361942733572661
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 13:28:50 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4CA2 203 KB
64 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 13:28:50 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 7A18 28 KB
29 KB 78ms
23ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRfL3rq18n9KAN47vssaSeXbg26Mozm1-W6w1Bzr-JaWh1R5xoxY-M_wbNvJg&usqp=CAI

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

628c59f981225e7474edcf942e8ee8cccb89278b83750e4c8006aa75d7f9dc52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 10:43:28 GMT
x-content-type-options: nosniff
age: 96322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28680
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 08:02:34 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 17 Dec 2024 10:43:28 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 7A18 29 KB
29 KB 89ms
22ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQlIb-Tc83fBTFG0sT5wK87x0AMnNRLKY4ysKJr8nHPzttTa2osu4Agk02wRw&usqp=CAI

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8102bbc40c56e9c1d59491b9b7c02a1547c0f98558c57cc275447173ad2d836a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 08:02:25 GMT
x-content-type-options: nosniff
age: 451585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29354
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 05:32:13 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 13 Dec 2024 08:02:25 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 7A18 28 KB
28 KB 73ms
19ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRk097F23g6c9FYbptlhwhRqSxFIMrC-_K_c3f7PIPXtCRxd5_eNIq0rwI36_4&usqp=CAI

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9166139867849f520e589e2539331b7a59c0e2bd96b52c277d15461643b2ce9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 19:56:55 GMT
x-content-type-options: nosniff
age: 63115
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28277
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 04:22:49 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 17 Dec 2024 19:56:55 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 7A18 25 KB
25 KB 101ms
46ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRNQ0-2xuZfNh2P99WmmEKD5vr3HPj7nmwR_MifsG6Cvpd8kvrtoDm6FA1-qWI&usqp=CAI

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a9b1eb15c0ab4bd7c37458f34ecce3d1fafc4c7837bc8d406af18cf1a6ce2f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 21:25:14 GMT
x-content-type-options: nosniff
age: 57816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25620
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 07:16:13 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 17 Dec 2024 21:25:14 GMT

GET
H3

200

4558490222349370582
tpc.googlesyndication.com/simgad/ Frame 7A18
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODYxNuVDxDGCxjGCzIIQz3-g85c2Yg
https://tpc.googlesyndication.com/simgad/4558490222349370582

16 KB
16 KB

24ms
24ms

Image
image/png

2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4558490222349370582

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b960232209a48625cdde26c939de1bcfcbe82d31a7ee6960addfb3ecb34897f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 17 Dec 2024 15:50:27 GMT
date: Mon, 18 Dec 2023 15:50:27 GMT
x-content-type-options: nosniff
age: 77903
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16641
x-xss-protection: 0
last-modified: Mon, 09 May 2022 17:37:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

Redirect headers

date: Tue, 19 Dec 2023 08:51:39 GMT
x-content-type-options: nosniff
server: cafe
age: 16631
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/4558490222349370582
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 18 Jan 2024 08:51:39 GMT

GET
DATA 200
OK truncated
/ Frame 7A18 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a14fd36928728c88d7c81e40044847c8be0cde9c08c02f0b1b39c14b60d6ae65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4CA2 0
26 B 62ms
61ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgxlk81whOs0BJb4UmeU0thQgsYAaDUVwxD9ybfb1qFVbM8_ca7zWW7hyokwlcC_Zjs1zmbn-DHNHVxRWZ6q_CjHs-YIyYzTn-oPEOVqmmw9vA_ZcjiuQEihC4P2AqFONLE7noPSqkefyYfzI9eiE83_TkBV2SK50l0JFlUqBEjicQduSOdv86hQ_Q16UWUZOy38C4IEOhUvyEVAMvF6SrreTpMwASVw4TS5ghR8JP4DWxrWic3P9FU4OQt0FDh7thxVGR1Q8IU674ZZv47OI0KbPSz0tMl0CbFJi_PSW10FrEkPOrUeK48bDH7gBgDtDVzyWMmr442LC_PEP--zF5ea2ZzKXvHejhnRpjtMAvNAxRqVXWRR5JJMckAE_YwSM3GWwiNHtT42ujZDY&sai=AMfl-YQ573oVh_CFR1q0YHmNu6A-UYCsJI5Nw7fCuBipZ5mwon0XzpPbhFJ5lqFAmWylta6Z_zBtuO-QTMllf08&sig=Cg0ArKJSzNShMye41SXKEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 7A18 20 KB
21 KB 74ms
20ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 10:23:28 GMT
x-content-type-options: nosniff
age: 97522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 10:23:28 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame 983F 399 KB
135 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

657f06943a34735f0a25f30c9ea05c15e24c0985bbdb771e615182b03e03fa9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137959
x-xss-protection: 0
server: cafe
etag: 4616032106021055364
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 13:28:50 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 6230 9 KB
4 KB 23ms
21ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85152
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Dec 2023 13:49:38 GMT
etag: 5585625838579639069
expires: Mon, 01 Jan 2024 13:49:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4CA2 145 KB
50 KB 110ms
109ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a415b8130a9cd81b507e813b53561f24dec0e3669a38e1e4490a81b7027f693d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51247
x-xss-protection: 0
server: cafe
etag: 10048134020500291184
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 13:28:50 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A18 0
20 B 65ms
63ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoLCAEqB2Jhbm5lcjMKCggCKgZzZXJ2ZXIKDRArIQAAAAAAACRAMAQKDRADIQAAAAAAwGFAMAQKDRAKIQAAAADNzPQ_MAQKDRANIQAAAAAAAAAAMAQKDhAeKggxMjIweDI1MDAECg4QGSoIMTIyMHgyNTAwBAoNEA4hAAAAAAAAAAAwBAoNEAQhAAAAMzPzYUAwBAoNEA8hAAAAAAAAAAAwBAoNECshAAAAAAAAKkAwBAoNEAUhAAAAZmb2YUAwBAoNEBAhAAAAAAASp0AwBAoNEBEhAAAAAMCr8UAwBAoNEBIhAAAAAAAAFEAwBAoNEBMhAAAAAAAAAEAwBAoNEBchAAAAMzNzZkAwBBIaQ05hYXJzYk5tNE1ERlhrbVZRZ2RocVVLUmciEmdwYS9tYXhpbWFsX3YxX29jaCgM

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d500f8b303efba9f5ab695bab8da4c89.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame 62BA 399 KB
135 KB 113ms
113ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cc4300a9fffaf77f0abe572bc905ccd085437d5f6511057f2078caecace10ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137955
x-xss-protection: 0
server: cafe
etag: 16351662608342944986
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 13:28:50 GMT

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 96ms
55ms Preflight
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CrYe6kZqBZZaOMvnM1PIPhsuqsATO9IjudL6K-JvwEaOener_QBABINPLzjBglYKAgJgHoAHor-yIA8gBCakCAIgMvXBVsj7gAgCoAwHIA9sEqgSaAk_QqnEd2TCN1pLn3BDOYgM0IlramA2azGrybmYhqFRb1L60Az-yG7cJ0Ux7qioZ__n5QbGEaMzKWZQPyp47CDSs83u_t0BkoelgyG_H5zb9S70e55YktydNd8sip7_3mj8jMnqwRJ7ydsv5fB7USQ9hhA1ChPVNoyAGL6zklyJNHOGianwUZIaN7l-At4bbMgfscm9DNjANZi4WyJGxHt1BNe8kiK91fFHMyzoBGNObNOGASiUrj5tINmVqjRFEg1XhCKuKizIEUBUWQFk2ZreR8IQreZnMjsgjb74gb8nkNXCsTeVzz6Of5T-80KSLEwk7j8EjBOd5QbXMGaeEdYtYjdertZ_2Qa8Fetq3sTR74r9WUfBpy4LLuMAE6Kr09cIE4AQBiAX6qeyRTZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeA0JN3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA8gcEEIP6BNIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpY_IXtxc2bgwOaCR1odHRwczovL3d3dy5uZWJ1bHVzLmJpei9kZS9kZYAKA8gLAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQLiDRMI6LTtxc2bgwMVeSZVCB2GpQpG2BMMiBQB0BUBmBYBgBcBshceChwIABIUcHViLTMwMzkxOTk1MDM0MDM2MzQYmdIh&sigh=cxCNPbIO02s&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSGwAvHhf_H9i-T9-L_EfVa_e8E6CRZvlVgRoXeRgB&template_id=494&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 19 Dec 2023 13:28:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 7A18
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CrYe6kZqBZZaOMvnM1PIPhsuqsATO9IjudL6K-JvwEaOener_QBABINPLzjBglYKAgJgHoAHor-yIA8gBCakCAIgMvXBVsj7gAgCoAwHIA9sEqgSaAk_QqnEd2TCN1pLn3BDOYgM0Ilra...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213599129034509850243%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%...

0
0

100ms
56ms

Fetch
text/css

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213599129034509850243%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22823859176%22],%2222%22:[%22true%22],%224%22:[%2212-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212298244413749864897%22}&andc=true

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:50 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"13599129034509850243","debug_reporting":true,"destination":"https://nebulus.biz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["823859176"],"22":["true"],"4":["12-19"],"6":["true"]},"priority":"500","source_event_id":"12298244413749864897"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Dec 2023 13:28:50 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 19 Dec 2023 13:28:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13599129034509850243","debug_reporting":true,"destination":"https://nebulus.biz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["823859176"],"22":["true"],"4":["12-19"],"6":["true"]},"priority":"500","source_event_id":"12298244413749864897"}&andc=true
access-control-allow-origin: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame F516 51 KB
19 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:54:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16443
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 08:54:47 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame 4CA2 399 KB
135 KB 83ms
83ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

601aaa461c3b2b6a2d547ec3e1aa50b3daeffae324f0212c5c0cfb4bb4adda12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137965
x-xss-protection: 0
server: cafe
etag: 7239314478468436658
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 13:28:50 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A18 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoLCAEqB2Jhbm5lcjMKCggCKgZzZXJ2ZXIKDRAUIQAAAAAAufhAMAQKDRAVIQAAAAAAAC5AMAQKDRAWIQAAAAAAACBAMAQKDRAYIQAAgGZmLnJAMAQKDRAyIQAAAIDMzPQ_MAQKDRAzIQAAAICZmfk_MAQKDRA0IQAAAICZmfk_MAQKDRA1IQAAAICZmfk_MAQKDRA2IQAAAICZmfk_MAQKDRA3IQAAAICZmfk_MAQKDRA4IQAAAAAAAABAMAQKDRA5IQAAADAzMzZAMAQKDRA6IQAAAAAAgDdAMAQKDRA7IQAAAJmZaWZAMAQKDRA8IQAAAJmZaWZAMAQKDRA9IQAAADMzc2ZAMAQKDRA-IQAAgJmZsXFAMAQKDRA_IQAAgJmZsXFAMAQKDRBAIQAAgJmZYXJAMAQSGkNOYWFyc2JObTRNREZYa21WUWdkaHFVS1JnIhJncGEvbWF4aW1hbF92MV9vY2goDA==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d500f8b303efba9f5ab695bab8da4c89.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 355C 48 KB
17 KB 430ms
430ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992530259&bpp=121&bdt=178&idt=324&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809003%2C95320884%2C21065724&oid=2&pvsid=3463301039266083&tmod=1732282852&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.14ei4iedu2jz&fsb=1&dtd=330

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5884294479391638&plah=d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac8272370661a40dc8ae8a029a8375a1c23666109a4b715aa358891ede14493a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 17579
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 13:28:51 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 104ms
56ms Preflight
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 19 Dec 2023 13:28:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C77F 47 KB
17 KB 432ms
432ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046732&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992530227&bpp=102&bdt=158&idt=371&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079265%2C31079758%2C95320885&oid=2&pvsid=1124386423904263&tmod=2023263088&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.rrpf4hnzlvqe&fsb=1&dtd=380

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b23d7439f60c81cc5409857887f4a7cc80a331aea9994a6378d4f498ceda6ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 17221
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 13:28:51 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 177E 39 KB
16 KB 461ms
461ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046729&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992530338&bpp=152&bdt=82&idt=326&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079266%2C95320885&oid=2&pvsid=3606132586892117&tmod=1523838000&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6kxmn0evvl1u&fsb=1&dtd=332

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64a281ee45c0817256e309187dff138182cf054a8f78696be585c0496491354f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 16511
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 13:28:51 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame C26B 2 KB
3 KB 100ms
46ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1j7kb27bwrpehq9wy9kghecgpe3hk7fhj1bmthrmwxw5ncs6anpvyh2sqrar2yan2ge6weghj5spcsz1jqv5gz0ecbkmcbd01xfn9xm2ygkaevwv1yxzcg7mhrt8pw3kpwrxvz26fz3hkz5jy4fktr4zva07m2nn7afjdvvnra0sc6bk10gv060qp8njhg1vnd85vsdaje0nbxmq6sc5kmdr5p2dry23prtm30qcesababxpm9hdpjjhwkdwsqezd0cdf8s79xrk58n2jrd2wrxh5yvvteaxzw3wmsdh722x2p7shrerdtdtmaqb4j62yh3kg5qk6cefp2ee6nagnx563v1kf2n8qm9vcpdh1mxp5312bbzapyaehwzq14ney8ccxbv5mmg449sfafwew5rnrg3b20n8wekyv44mvrchs9dn6940x3jq2hr2k3qx7dm89an59m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBmDjkpqBZbaCKrTs_tMP5a2HkAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoE0AFP0O4hERuyz_9bzw8LRZsSLRsslQnYzl_Uh9yE5xXjQqPtofUF0JKYnyHozn0gMpuduN55tPOlz2tqEt_-wcjpvErKNAdEjUxsb72TjubiBA8vZrwjGBDSzgoHDVsWTjO-2OFATQB5eRsPB5JoN-_rYFHZRYMkggbL3ksD9QWOTRalHu52wYw-LoMNAQ-ZdrZyRmL3rgsX5IbPQeHyUytuKFTbY6slZzIhWp28xu9ae0972l1mKxGdw4unH2a3lo4IToJ9MeRbIhOgwRQ6fixwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY88Lexs2bgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Ein2OYZ7lDSPeUrzj4JD_lQ0ubQ%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992530259&bpp=121&bdt=178&idt=324&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809003%2C95320884%2C21065724&oid=2&pvsid=3463301039266083&tmod=1732282852&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.14ei4iedu2jz&fsb=1&dtd=330

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be1cd6cb66959a3d68138dd4bdbd4204a1727baaac5f234ff53d1c01a8fc133c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 837ffdb769551cbf-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 13:28:51 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B4AB 3 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 11:16:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7941
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 11:16:30 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1D73 1 KB
643 B 23ms
22ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85161
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Dec 2023 13:49:30 GMT
etag: 48472445140208031
expires: Tue, 19 Dec 2023 13:49:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B4AB 20 KB
8 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41672
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 01:54:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B4AB 0
0 77ms
29ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ5l25e4YvJsrXgx-Tr3CocxZGAYfeskpk7ML7yb6P0P4tfQsaWBZMfAL3ZfjP5HjGFK6AsernbLIvExQE65FjMcbwNRw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992530259&bpp=121&bdt=178&idt=324&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809003%2C95320884%2C21065724&oid=2&pvsid=3463301039266083&tmod=1732282852&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.14ei4iedu2jz&fsb=1&dtd=330
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B4AB 203 KB
64 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 13:28:51 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame EEF9 2 KB
1 KB 87ms
52ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1ja6arpmrxcg6trd213q0javdegknbgezvfkbrg838j7wm31hxgb4xxn5mycvdbt17xedvyp8w179kfgkehg8vjyf8wghmvznfqsv7xrc8xhtpbj1pcdc6fm7206twcmmd5byrvz22w9646jfe3enf8ew5nxtgzyjezwwn6sgwvesnca6mh8sxx050xg9h2c56nncjp87kk50egfeh3dc969vg7gmmwvxw6brg91w23hcg2hnwn4002ryrxfrferq4erb2tsr7pp1d5n0z3eb84hdwcdyexqqqzsb91405ervz54xmhgfh353vcw0hhebsmaxrrdnrf8vv8cyqk6pegqbmy154qktsvx6ka0m83heetpmqmtxkmp83r5q3xzkm1qdckav32rxt215488kg72kdycsgc8x20srghf0z7br4fdvsqs1d1etnz633s26tt1kgez&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMGH-kpqBZfuUK9eCngXSq6nwD5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAgCIDL1wVbI-qAMByAMCqgTTAU_QhI243KW7R0qqcbXpb2fzAJdJ-Hug_qKbATBIfvaVNOdkWpet7mY-KLq40MqiZJhMTVRYFLuZStIL8PjoVHkVSwm5E0anBo1HzqvMQuwOBUniwKMh96OuyJLF-b66fqbwtOHgpbFWwTAOPpgOaMxjDIsKbSQEbwe16Mc50df91au5DvGfvqy59OSdrezJ7oVZS_f6JZ2mhqx1WvAq347tZO8qzXWraPWsUFTyEj_LzGLQipFH0mfkHMBtlZCoGvQGj07etKfBrfhx4PId8huqT0OABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYg8nfxs2bgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3DfWg-kpOgKSp_fLx2YL4p7g5QHg%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046732&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992530227&bpp=102&bdt=158&idt=371&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079265%2C31079758%2C95320885&oid=2&pvsid=1124386423904263&tmod=2023263088&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.rrpf4hnzlvqe&fsb=1&dtd=380

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b60fdc02fa9ab4b53af7333760bb384dbc620ead72c41c04aacb9cae6e1485a0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 837ffdb769591cbf-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 13:28:51 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4976 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 11:16:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7941
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 11:16:30 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2765 1 KB
643 B 23ms
21ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85161
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Dec 2023 13:49:30 GMT
etag: 48472445140208031
expires: Tue, 19 Dec 2023 13:49:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 4976 20 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41672
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 01:54:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4976 0
0 60ms
31ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRqFYoceT8_S5OD-yzh6EhNmZstViOuhswYm39jArJKOazIMK3XgYpSI_q0Z3tlVeLL_85jR7w-YSId8bPNseTQt5aUJA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046732&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992530227&bpp=102&bdt=158&idt=371&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079265%2C31079758%2C95320885&oid=2&pvsid=1124386423904263&tmod=2023263088&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.rrpf4hnzlvqe&fsb=1&dtd=380
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4976 203 KB
64 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 13:28:51 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1D73
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEMYD_sVl-Lh5eMTf1229II&google_cver=1&google_push=AXcoOmSfwRyXdVkB4wM4783wSx1e19MDtEgNChFdsssz8uqRx9YhKUfV68YcR5q3_JqexRtq2VzTECOWzajm1GoBJPVJiEB...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSfwRyXdVkB4wM4783wSx1e19MDtEgNChFdsssz8uqRx9YhKUfV68YcR5q3_JqexRtq2VzTECOWzajm1GoBJPVJiEBa4f6xD4K6slSp-ir7e6F1h0l-Ps8ps-zGy0AvR...

170 B
188 B

34ms
33ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSfwRyXdVkB4wM4783wSx1e19MDtEgNChFdsssz8uqRx9YhKUfV68YcR5q3_JqexRtq2VzTECOWzajm1GoBJPVJiEBa4f6xD4K6slSp-ir7e6F1h0l-Ps8ps-zGy0AvR_OaSV2Dr7Eh93Vpw44_druL&google_hm=eS1heHZJN0pGRTJwRVlFVjE5Ti5Xd0RrQlVFSTMuOEJTZH5B

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 19 Dec 2023 13:28:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSfwRyXdVkB4wM4783wSx1e19MDtEgNChFdsssz8uqRx9YhKUfV68YcR5q3_JqexRtq2VzTECOWzajm1GoBJPVJiEBa4f6xD4K6slSp-ir7e6F1h0l-Ps8ps-zGy0AvR_OaSV2Dr7Eh93Vpw44_druL&google_hm=eS1heHZJN0pGRTJwRVlFVjE5Ti5Xd0RrQlVFSTMuOEJTZH5B
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 1D73 43 B
236 B 88ms
31ms Image
image/gif 35.227.252.103
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEMHvu2jOuJ8M-5_SeKs-etg&google_cver=1&google_push=AXcoOmRl254hcghxAj-hu69B9pg142YZWA3d9dacWGBfuIRxxPrfa3oQUqhiqSCs3xXfVWZO6FqFZzAfLdnl3iEQlPpN2Ll8H2DBeCi05zjN7L86ks2Y5u_qkrZ2KRnHFIXkCwFUeH4eHsNGvVMsVFXu612L
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992530259&bpp=121&bdt=178&idt=324&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809003%2C95320884%2C21065724&oid=2&pvsid=3463301039266083&tmod=1732282852&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.14ei4iedu2jz&fsb=1&dtd=330
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:51 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1D73
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOTeRNzg8Q8Zr_k7lh40_Bw&google_cver=1&google_push=AXcoOmTcjqTjMMOUmzThRU633t9SEfVZU2qRP3yBfmbcNGCqhBpKiHkM3RW_e11t7mA9IPdxmLg...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFDRFM2VkwtMjQtNDY5RA==&google_push=AXcoOmTcjqTjMMOUmzThRU633t9SEfVZU2qRP3yBfmbcNGCqhBpKiHkM3RW_e11t7mA9IPdxmLgMfiLQ26_MhaXItMUDIHVJnwNvR...

170 B
329 B

32ms
32ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFDRFM2VkwtMjQtNDY5RA==&google_push=AXcoOmTcjqTjMMOUmzThRU633t9SEfVZU2qRP3yBfmbcNGCqhBpKiHkM3RW_e11t7mA9IPdxmLgMfiLQ26_MhaXItMUDIHVJnwNvRUlqUqqXnogMV3H5ExoBbFugE5e11Ku_Igd70mg-iT819MN6DOcOkpyL

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFDRFM2VkwtMjQtNDY5RA==&google_push=AXcoOmTcjqTjMMOUmzThRU633t9SEfVZU2qRP3yBfmbcNGCqhBpKiHkM3RW_e11t7mA9IPdxmLgMfiLQ26_MhaXItMUDIHVJnwNvRUlqUqqXnogMV3H5ExoBbFugE5e11Ku_Igd70mg-iT819MN6DOcOkpyL
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1D73
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENmpximuHD9t1JS9nj6K0ec&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENmpximuHD9t1JS9nj6K0ec&google_push=AX...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENmpximuHD9t1JS9nj6K0ec&google_hm=ZYGak24RnfZ4sik8VVsHsQAACFAAAAIB&google_nid=index&google_push=AXcoOmS195ycOijsGKr351Xpn-o9tUOHtEfQ5...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENmpximuHD9t1JS9nj6K0ec&google_hm=ZYGak24RnfZ4sik8VVsHsQAACFAAAAIB&google_nid=index&google_push=AXcoOmS195ycOijsGKr351Xpn-o9tUOHtEfQ5J2XpkT3DmJksOQWDE5z7I177IuPvB8WuMfwPtiIE3xqtoGRn3IuFvbWaefqhlrMByakYWHM4GVD1ZGGLXGOa7jHk2NgZHDwLJDwirps5UU3In9C2MJ0Amp2

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HMwUu7xWqTRpjSWSTTUq7JlZKO8pxGPt%2FPGnBNgyDgJ0aHXl69uueGSgm2esoEmWNH8IZ%2BAeAHoup0E9SL08s%2FPO%2FmmWMYFYPc4J%2BowVuUCqoEGy4iDjGuOxOsKga%2B5lAgokelbd6LshsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENmpximuHD9t1JS9nj6K0ec&google_hm=ZYGak24RnfZ4sik8VVsHsQAACFAAAAIB&google_nid=index&google_push=AXcoOmS195ycOijsGKr351Xpn-o9tUOHtEfQ5J2XpkT3DmJksOQWDE5z7I177IuPvB8WuMfwPtiIE3xqtoGRn3IuFvbWaefqhlrMByakYWHM4GVD1ZGGLXGOa7jHk2NgZHDwLJDwirps5UU3In9C2MJ0Amp2
cache-control: no-cache
cf-ray: 837ffdb80c2558de-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame 1D73 0
238 B 98ms
33ms Image
text/plain 2600:9000:211e:3600:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESENmbi8bdaq5RyqDgQdzYPk0&google_cver=1&google_push=AXcoOmSYAoOdtYrZYcuJSAenniQmstAzE4jogQ_7CBngWhFYrlHu2D8GWZu5jDrGkwZM-yKxAVfQ5e_bj1qbVtm-nsae5fpAm4qxsC6yHxevoNnqQMsGRUnkvqF-e9JWm52aUP-LvEhnCc3T76mEZS51yssD
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992530259&bpp=121&bdt=178&idt=324&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809003%2C95320884%2C21065724&oid=2&pvsid=3463301039266083&tmod=1732282852&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.14ei4iedu2jz&fsb=1&dtd=330
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3600:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
cache-control: no-cache, must-revalidate
via: 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 4LBPaHlU4YIqoXZHU1cYpq1Sfcec8LFhNPEzWVgjdMZU3QbOKSp8ew==
x-cache: Miss from cloudfront

GET
H2

200

/
onetag-sys.com/match/ Frame 1D73
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBxXBYK244M0kjeHJL5CMF4&google_cver=1&google_push=AXcoOmQMMTqJnjG6Do8fy-crQF9_5aSEuOf297PZ-9h9fEmt7ihkt_4iqsxtmiJDMpJv8WcIr2QjnjjfGM0...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQMMTqJnjG6Do8fy-crQF9_5aSEuOf297PZ-9h9fEmt7ihkt_4iqsxtmiJDMpJv8WcIr2QjnjjfGM0ATvRd9tK20ktXJupNKD8U8IF5xRGdPenhoMOi...
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

25ms
20ms

Image
text/plain

51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Protocol

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1D73
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=8c00e809-1747-432b-a00d-0f655c169d8c&google_cver=1&google_gid=CAESEMT1coLx2LI5vch2TrA4jPA&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
188 B

34ms
34ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=8c00e809-1747-432b-a00d-0f655c169d8c&google_cver=1&google_gid=CAESEMT1coLx2LI5vch2TrA4jPA&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQVzdbgCELTaNjK-JuCl6yItFgpcfAoMf4y0SWPoRwGfXJZe5PHYLXSC2TUIADochYTBEElPhfHr_7qfEecmfnB8cOIk3vj7pusf7NXRq3Ence0UyBlg742a8buAmtzDM0MtADmYYyUu9rHz7uN3j2rrQ&gdpr=${GDPR}

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=8c00e809-1747-432b-a00d-0f655c169d8c&google_cver=1&google_gid=CAESEMT1coLx2LI5vch2TrA4jPA&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQVzdbgCELTaNjK-JuCl6yItFgpcfAoMf4y0SWPoRwGfXJZe5PHYLXSC2TUIADochYTBEElPhfHr_7qfEecmfnB8cOIk3vj7pusf7NXRq3Ence0UyBlg742a8buAmtzDM0MtADmYYyUu9rHz7uN3j2rrQ&gdpr=${GDPR}
date: Tue, 19 Dec 2023 13:28:51 GMT
server: _
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1D73 0
130 B 86ms
30ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IIfdlX7aS4kIHrVZ_QAf2hrdqXT9bwZsl1YFdMREyiSLKp_10ADwsBoLU_p3UBRDLPOxeYFv0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame 2765 35 B
463 B 75ms
23ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIHXBRHTAGzz_V6Kej7MfN8&google_cver=1&google_push=AXcoOmQh3fIW_L3dumNXqgi1M8ElZI6smkYBoj-e1pQ70TacUQQ9xDm5exim5G29ElF4_CQz3xIzvsgrGvmv9iRnj_Fs0nLMQg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:51 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 2765 0
104 B 267ms
119ms Image
text/plain 2a02:fa8:8806:21::1720
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECOb5_W1ODdp689XXtTmUME&google_cver=1&google_push=AXcoOmQmx1z_DjuLkIYlMtRFIswFjLe5EJnNbcwsI3GdCZte1Lg7Yn3BorJq7Z4sJHl1MRI0HtIxuXe65eWZj3LxG2i4LfB84A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046732&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992530227&bpp=102&bdt=158&idt=371&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079265%2C31079758%2C95320885&oid=2&pvsid=1124386423904263&tmod=2023263088&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.rrpf4hnzlvqe&fsb=1&dtd=380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:21::1720 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:51 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 2765 70 B
149 B 140ms
46ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDQZohqX96vaqJOekfT3LKI&google_cver=1&google_push=AXcoOmRDMK2aciWEGuucsFNowV-qfZT85FYwYbLLqqsJGVy7qcGAb5XUi4MMYj4A0So6lwsr9-YBqkBiScl1y6kQoBhYdYVrFwU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046732&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992530227&bpp=102&bdt=158&idt=371&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079265%2C31079758%2C95320885&oid=2&pvsid=1124386423904263&tmod=2023263088&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.rrpf4hnzlvqe&fsb=1&dtd=380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 dds
rtb.openx.net/sync/ Frame 2765 43 B
94 B 70ms
32ms Image
image/gif 35.227.252.103
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEMHvu2jOuJ8M-5_SeKs-etg&google_cver=1&google_push=AXcoOmTRPWy1cY8A1TX_s31Xu892bPlGFmO99cy3sS2435rhlpITxmJxfton5yf2tuAkTIMGRq5XoeGj5HuU0S3PJTbGigCkBeA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046732&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992530227&bpp=102&bdt=158&idt=371&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079265%2C31079758%2C95320885&oid=2&pvsid=1124386423904263&tmod=2023263088&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.rrpf4hnzlvqe&fsb=1&dtd=380
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:51 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2765
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGpQ1oINF75SjAxFKtcIivQ&google_cver=1&google_push=AXcoOmT6gIZ6HnKMC5aFd-rkjFjlsQ9vmp-5-PkM5VfCFiyQiUNZ1yo6dKCzaegvRTkhalDZu4coXInuGzxX2a84p...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGpQ1oINF75SjAxFKtcIivQ&google_cver=1&google_push=AXcoOmT6gIZ6HnKMC5aFd-rkjFjlsQ9vmp-5-PkM5VfCFiyQiUNZ1yo6dKCzaegvRTkhalDZu4coXInuGzxX2a84p...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmT6gIZ6HnKMC5aFd-rkjFjlsQ9vmp-5-PkM5VfCFiyQiUNZ1yo6dKCzaegvRTkhalDZu4coXInuGzxX2a84pg6e7fbytmE&google_hm=H2OopGZHFL2Y1Z6PRDCVZbru

170 B
188 B

41ms
41ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmT6gIZ6HnKMC5aFd-rkjFjlsQ9vmp-5-PkM5VfCFiyQiUNZ1yo6dKCzaegvRTkhalDZu4coXInuGzxX2a84pg6e7fbytmE&google_hm=H2OopGZHFL2Y1Z6PRDCVZbru

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 19 Dec 2023 13:28:51 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmT6gIZ6HnKMC5aFd-rkjFjlsQ9vmp-5-PkM5VfCFiyQiUNZ1yo6dKCzaegvRTkhalDZu4coXInuGzxX2a84pg6e7fbytmE&google_hm=H2OopGZHFL2Y1Z6PRDCVZbru
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2765
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESED...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmTrVBHs4Ae9VEdK-evf-DOtfIIw2KlaLNOJhrLLjuBQJwh0x9DnJAu4bCPdgkkSPMGU2CBiBEvA9XPA4N72KUsHqymPvh8&redir=https%3A%2F%2Fcm.g.double...
https://sync.targeting.unrulymedia.com/csync/RX-55c12365-48ab-4514-8b37-6dbc05cf5842-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTrVBHs4Ae9VEdK-evf-...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTrVBHs4Ae9VEdK-evf-DOtfIIw2KlaLNOJhrLLjuBQJwh0x9DnJAu4bCPdgkkSPMGU2CBiBEvA9XPA4N72KUsHqymPvh8&google_hm=A1XBI2VIq0UUizdtvAXPWEI

170 B
188 B

47ms
41ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTrVBHs4Ae9VEdK-evf-DOtfIIw2KlaLNOJhrLLjuBQJwh0x9DnJAu4bCPdgkkSPMGU2CBiBEvA9XPA4N72KUsHqymPvh8&google_hm=A1XBI2VIq0UUizdtvAXPWEI

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTrVBHs4Ae9VEdK-evf-DOtfIIw2KlaLNOJhrLLjuBQJwh0x9DnJAu4bCPdgkkSPMGU2CBiBEvA9XPA4N72KUsHqymPvh8&google_hm=A1XBI2VIq0UUizdtvAXPWEI
date: Tue, 19 Dec 2023 13:28:51 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX55c1236548ab45148b376dbc05cf5842003
content-type: text/html

GET
H2

200

report
sync.teads.tv/um/ Frame 2765
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEArmzmPVO-pg...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQ9fH6fPNhzCY25im-g5Zm4DnWtMCqoKReJpUOfqGqflAJSzIq3Rx_TPzILP36Qm6C8NmouqUCXI1Nbo_uw5R34FWasi4YQ
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

122ms
122ms

Image
image/gif

2.19.245.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 2.19.245.101 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-245-101.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 19 Dec 2023 13:28:51 GMT
pragma: no-cache
date: Tue, 19 Dec 2023 13:28:51 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2765 0
49 B 70ms
33ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KH0oQh6NSxSpD53n9MLikz4_Gmpdoj26GO3HjlLqKjVElAWB7Peul9_usK3cNHneoPeagljg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 container.html Show response
d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1DF1 6 KB
3 KB 20ms
20ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 13:28:50 GMT
expires: Wed, 18 Dec 2024 13:28:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B4AB 0
19 B 64ms
64ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CbjfXkpqBZbaCKrTs_tMP5a2HkAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoEzQFP0O4hERuyz_9bzw8LRZsSLRsslQnYzl_Uh9yE5xXjQqPtofUF0JKYnyHozn0gMpuduN55tPOlz2tqEt_-wcjpvErKNAdEjUxsb72TjubiBA8vZrwjGBDSzgoHDVsWTjO-2OFATQB5eRsPB5JoN-_rYFHZRYMkggbL3ksD9QWOTRalHu52wYw-LoMNAQ-ZdrZyRmL3rgsX5IbPQeHyUytuKFTbY6slZ3Ajew9rP2gas8gzTIcvueOk14EKFUivSw7KBxCFpfp3OsZ8XlTygAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY88Lexs2bgwOACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTg4NDI5NDQ3OTM5MTYzOBiZ0iE&sigh=DovMBpq74_c&uach_m=%5BUACH%5D&cid=CAQSKQAvHhf_hiHG-W1j8-pc7MfoE7R1T8qnEQFu_uWEiwtWX_62rzxETpsuGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992530259&bpp=121&bdt=178&idt=324&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809003%2C95320884%2C21065724&oid=2&pvsid=3463301039266083&tmod=1732282852&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.14ei4iedu2jz&fsb=1&dtd=330
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 19 Dec 2023 13:28:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame B4AB 0
39 B 94ms
32ms Image
image/gif 2600:1901:0:76b9::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kbp7e7hsrmpy3w60d6jfy6erkt4p7fd4qfaesxeeew8sxa9a37ymgt38w6090m28a325gp50tcp9zhxs5baw6mk1pc8ctxj96a6k4q5n937z44f2vpkms8ccvm24a2mv4hbsgek2nsfn4h759dw2sjbn4c4w6se3nsfhdaveyc803az83wwxv0jb79qhag0795be5jb889s1725yj07shged4h7t6m9mxcqvacsa41y3c0bf84g19v0vjj7dyj2be28gswkjt7c88xye37k7kqrt9amz2kx3v2gt178ygq4wxknvzv5366j7ffhc0yyj2pdbkw8y6mdk01qr25gey7qqyf11bxf7s78h23ac9g0nevpr9djz91p9593agrw8remc7h0epfpgj8&b=ZYGakgAKgTYEf7Y0AAHW5e0pIk7vgvqAPcn6KQ&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=600&slotname=3654094576&adk=2450581954&adf=3173046731&pi=t.ma~as.3654094576&w=160&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992530259&bpp=121&bdt=178&idt=324&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31079438%2C44809003%2C95320884%2C21065724&oid=2&pvsid=3463301039266083&tmod=1732282852&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.14ei4iedu2jz&fsb=1&dtd=330
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 19 Dec 2023 13:28:51 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 177E 3 KB
1 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046729&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992530338&bpp=152&bdt=82&idt=326&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079266%2C95320885&oid=2&pvsid=3606132586892117&tmod=1523838000&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6kxmn0evvl1u&fsb=1&dtd=332

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 11:16:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7941
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 11:16:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 177E 20 KB
8 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41672
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 01:54:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 177E 0
0 30ms
28ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRoQfrIgQfX7vE2rLRpwQm_I9eLH7Fa-GhfcOYUPYyxcjUyQpIgE-TnMKoYP7ovnGX40z_FbQLIbiPJN930h8_SLXl7uw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046729&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992530338&bpp=152&bdt=82&idt=326&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079266%2C95320885&oid=2&pvsid=3606132586892117&tmod=1523838000&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6kxmn0evvl1u&fsb=1&dtd=332
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 177E 203 KB
64 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 13:28:51 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame C26B 115 KB
14 KB 33ms
32ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j7kb27bwrpehq9wy9kghecgpe3hk7fhj1bmthrmwxw5ncs6anpvyh2sqrar2yan2ge6weghj5spcsz1jqv5gz0ecbkmcbd01xfn9xm2ygkaevwv1yxzcg7mhrt8pw3kpwrxvz26fz3hkz5jy4fktr4zva07m2nn7afjdvvnra0sc6bk10gv060qp8njhg1vnd85vsdaje0nbxmq6sc5kmdr5p2dry23prtm30qcesababxpm9hdpjjhwkdwsqezd0cdf8s79xrk58n2jrd2wrxh5yvvteaxzw3wmsdh722x2p7shrerdtdtmaqb4j62yh3kg5qk6cefp2ee6nagnx563v1kf2n8qm9vcpdh1mxp5312bbzapyaehwzq14ney8ccxbv5mmg449sfafwew5rnrg3b20n8wekyv44mvrchs9dn6940x3jq2hr2k3qx7dm89an59m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBmDjkpqBZbaCKrTs_tMP5a2HkAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoE0AFP0O4hERuyz_9bzw8LRZsSLRsslQnYzl_Uh9yE5xXjQqPtofUF0JKYnyHozn0gMpuduN55tPOlz2tqEt_-wcjpvErKNAdEjUxsb72TjubiBA8vZrwjGBDSzgoHDVsWTjO-2OFATQB5eRsPB5JoN-_rYFHZRYMkggbL3ksD9QWOTRalHu52wYw-LoMNAQ-ZdrZyRmL3rgsX5IbPQeHyUytuKFTbY6slZzIhWp28xu9ae0972l1mKxGdw4unH2a3lo4IToJ9MeRbIhOgwRQ6fixwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY88Lexs2bgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Ein2OYZ7lDSPeUrzj4JD_lQ0ubQ%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1j7kb27bwrpehq9wy9kghecgpe3hk7fhj1bmthrmwxw5ncs6anpvyh2sqrar2yan2ge6weghj5spcsz1jqv5gz0ecbkmcbd01xfn9xm2ygkaevwv1yxzcg7mhrt8pw3kpwrxvz26fz3hkz5jy4fktr4zva07m2nn7afjdvvnra0sc6bk10gv060qp8njhg1vnd85vsdaje0nbxmq6sc5kmdr5p2dry23prtm30qcesababxpm9hdpjjhwkdwsqezd0cdf8s79xrk58n2jrd2wrxh5yvvteaxzw3wmsdh722x2p7shrerdtdtmaqb4j62yh3kg5qk6cefp2ee6nagnx563v1kf2n8qm9vcpdh1mxp5312bbzapyaehwzq14ney8ccxbv5mmg449sfafwew5rnrg3b20n8wekyv44mvrchs9dn6940x3jq2hr2k3qx7dm89an59m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBmDjkpqBZbaCKrTs_tMP5a2HkAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoE0AFP0O4hERuyz_9bzw8LRZsSLRsslQnYzl_Uh9yE5xXjQqPtofUF0JKYnyHozn0gMpuduN55tPOlz2tqEt_-wcjpvErKNAdEjUxsb72TjubiBA8vZrwjGBDSzgoHDVsWTjO-2OFATQB5eRsPB5JoN-_rYFHZRYMkggbL3ksD9QWOTRalHu52wYw-LoMNAQ-ZdrZyRmL3rgsX5IbPQeHyUytuKFTbY6slZzIhWp28xu9ae0972l1mKxGdw4unH2a3lo4IToJ9MeRbIhOgwRQ6fixwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY88Lexs2bgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Ein2OYZ7lDSPeUrzj4JD_lQ0ubQ%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 558256
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DwdxtvMeOdkZS6Bgcfk97K8pLZ1mD1HpcSwyOHAIj1%2FOGJi3cXO%2FTciwAKyc8pEoeLA%2BPqP%2F5gJhJcDlU8gpPWmckWu1%2BTGimnffNrtzXqAC3bYZ%2FU2IWHpi9tGFCo29edAJXbEjJ0w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 837ffdb7e9e21cbf-FRA
expires: Wed, 20 Dec 2023 13:28:51 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame C26B 24 KB
10 KB 34ms
33ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j7kb27bwrpehq9wy9kghecgpe3hk7fhj1bmthrmwxw5ncs6anpvyh2sqrar2yan2ge6weghj5spcsz1jqv5gz0ecbkmcbd01xfn9xm2ygkaevwv1yxzcg7mhrt8pw3kpwrxvz26fz3hkz5jy4fktr4zva07m2nn7afjdvvnra0sc6bk10gv060qp8njhg1vnd85vsdaje0nbxmq6sc5kmdr5p2dry23prtm30qcesababxpm9hdpjjhwkdwsqezd0cdf8s79xrk58n2jrd2wrxh5yvvteaxzw3wmsdh722x2p7shrerdtdtmaqb4j62yh3kg5qk6cefp2ee6nagnx563v1kf2n8qm9vcpdh1mxp5312bbzapyaehwzq14ney8ccxbv5mmg449sfafwew5rnrg3b20n8wekyv44mvrchs9dn6940x3jq2hr2k3qx7dm89an59m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBmDjkpqBZbaCKrTs_tMP5a2HkAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoE0AFP0O4hERuyz_9bzw8LRZsSLRsslQnYzl_Uh9yE5xXjQqPtofUF0JKYnyHozn0gMpuduN55tPOlz2tqEt_-wcjpvErKNAdEjUxsb72TjubiBA8vZrwjGBDSzgoHDVsWTjO-2OFATQB5eRsPB5JoN-_rYFHZRYMkggbL3ksD9QWOTRalHu52wYw-LoMNAQ-ZdrZyRmL3rgsX5IbPQeHyUytuKFTbY6slZzIhWp28xu9ae0972l1mKxGdw4unH2a3lo4IToJ9MeRbIhOgwRQ6fixwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY88Lexs2bgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Ein2OYZ7lDSPeUrzj4JD_lQ0ubQ%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 533642
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oo9bogDb6LPZ8kD%2BXXgflltQwg83JOWszsOZmgT4cblAs0EycT4c5qUfVzh66U7OxP%2FFeOfMyPXiljjwIzKEAoiZX6%2F4hVTbhlcHB%2BzWEs6uWgzm%2FhhUv3y%2F%2Bdjn1rOOfeAfr3o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 837ffdb7e9e51cbf-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 09:14:49 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4976 0
19 B 65ms
65ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRJakkpqBZfuUK9eCngXSq6nwD5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAgCIDL1wVbI-qAMByAMCqgTQAU_QhI243KW7R0qqcbXpb2fzAJdJ-Hug_qKbATBIfvaVNOdkWpet7mY-KLq40MqiZJhMTVRYFLuZStIL8PjoVHkVSwm5E0anBo1HzqvMQuwOBUniwKMh96OuyJLF-b66fqbwtOHgpbFWwTAOPpgOaMxjDIsKbSQEbwe16Mc50df91au5DvGfvqy59OSdrezJ7oVZS_f6JZ2mhqx1WvAq347tZO8qzXWraPWsElbTgOgySyIYDdnRCC527vl5nz2iNOzbD4yXJl9Vs9RpNS6CstOABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYg8nfxs2bgwOACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTg4NDI5NDQ3OTM5MTYzOBiZ0iE&sigh=uZ3TVERHXgI&uach_m=%5BUACH%5D&cid=CAQSKQAvHhf_icVLdp0n28HLKXxRM8nqlm5EZn-C1i2eZ5U-YImOfYJKOODSGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046732&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992530227&bpp=102&bdt=158&idt=371&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079265%2C31079758%2C95320885&oid=2&pvsid=1124386423904263&tmod=2023263088&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.rrpf4hnzlvqe&fsb=1&dtd=380
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 19 Dec 2023 13:28:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 4976 0
103 B 71ms
31ms Image
image/gif 2600:1901:0:76b9::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gd7nt466p7gwj28qg6d8vxr5wba5v4pgf9e1y3a34av128w0jzj2gncp22adnadqkv9b17bye0hc5kkegj360s495n2th76k05h1n2fa9mbzyzxtmvr0bjdpc753zgxq2nc56n64evxqsy9nd0dp55gq6y9ztavzg7ns9kw0k4b2j3943jqa6k7asx5vv1dc91m98h8by04j92xsssp7x64jcccpx6zezwmskxt77a3e2c6pqbkd4enbqz93c562y58bgwxk249x11fvgagr4x59mvtj01a165mdzrhfma3z3rz51c7d89y08dkg8rh2f814x6w0q3nxge5gdcb6bv5p271ha1trkkvw36py393z01ftqpxxs7e15h7avfbm7m9wn7q8spr2t0&b=ZYGakgAKynsKp4FXAApV0kWeFQWwCk8dWZiM-w&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=250&slotname=3654094576&adk=3159652572&adf=3173046732&pi=t.ma~as.3654094576&w=300&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992530227&bpp=102&bdt=158&idt=371&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079265%2C31079758%2C95320885&oid=2&pvsid=1124386423904263&tmod=2023263088&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.rrpf4hnzlvqe&fsb=1&dtd=380
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 19 Dec 2023 13:28:51 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame EEF9 115 KB
13 KB 33ms
33ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ja6arpmrxcg6trd213q0javdegknbgezvfkbrg838j7wm31hxgb4xxn5mycvdbt17xedvyp8w179kfgkehg8vjyf8wghmvznfqsv7xrc8xhtpbj1pcdc6fm7206twcmmd5byrvz22w9646jfe3enf8ew5nxtgzyjezwwn6sgwvesnca6mh8sxx050xg9h2c56nncjp87kk50egfeh3dc969vg7gmmwvxw6brg91w23hcg2hnwn4002ryrxfrferq4erb2tsr7pp1d5n0z3eb84hdwcdyexqqqzsb91405ervz54xmhgfh353vcw0hhebsmaxrrdnrf8vv8cyqk6pegqbmy154qktsvx6ka0m83heetpmqmtxkmp83r5q3xzkm1qdckav32rxt215488kg72kdycsgc8x20srghf0z7br4fdvsqs1d1etnz633s26tt1kgez&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMGH-kpqBZfuUK9eCngXSq6nwD5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAgCIDL1wVbI-qAMByAMCqgTTAU_QhI243KW7R0qqcbXpb2fzAJdJ-Hug_qKbATBIfvaVNOdkWpet7mY-KLq40MqiZJhMTVRYFLuZStIL8PjoVHkVSwm5E0anBo1HzqvMQuwOBUniwKMh96OuyJLF-b66fqbwtOHgpbFWwTAOPpgOaMxjDIsKbSQEbwe16Mc50df91au5DvGfvqy59OSdrezJ7oVZS_f6JZ2mhqx1WvAq347tZO8qzXWraPWsUFTyEj_LzGLQipFH0mfkHMBtlZCoGvQGj07etKfBrfhx4PId8huqT0OABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYg8nfxs2bgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3DfWg-kpOgKSp_fLx2YL4p7g5QHg%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1ja6arpmrxcg6trd213q0javdegknbgezvfkbrg838j7wm31hxgb4xxn5mycvdbt17xedvyp8w179kfgkehg8vjyf8wghmvznfqsv7xrc8xhtpbj1pcdc6fm7206twcmmd5byrvz22w9646jfe3enf8ew5nxtgzyjezwwn6sgwvesnca6mh8sxx050xg9h2c56nncjp87kk50egfeh3dc969vg7gmmwvxw6brg91w23hcg2hnwn4002ryrxfrferq4erb2tsr7pp1d5n0z3eb84hdwcdyexqqqzsb91405ervz54xmhgfh353vcw0hhebsmaxrrdnrf8vv8cyqk6pegqbmy154qktsvx6ka0m83heetpmqmtxkmp83r5q3xzkm1qdckav32rxt215488kg72kdycsgc8x20srghf0z7br4fdvsqs1d1etnz633s26tt1kgez&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMGH-kpqBZfuUK9eCngXSq6nwD5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAgCIDL1wVbI-qAMByAMCqgTTAU_QhI243KW7R0qqcbXpb2fzAJdJ-Hug_qKbATBIfvaVNOdkWpet7mY-KLq40MqiZJhMTVRYFLuZStIL8PjoVHkVSwm5E0anBo1HzqvMQuwOBUniwKMh96OuyJLF-b66fqbwtOHgpbFWwTAOPpgOaMxjDIsKbSQEbwe16Mc50df91au5DvGfvqy59OSdrezJ7oVZS_f6JZ2mhqx1WvAq347tZO8qzXWraPWsUFTyEj_LzGLQipFH0mfkHMBtlZCoGvQGj07etKfBrfhx4PId8huqT0OABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYg8nfxs2bgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3DfWg-kpOgKSp_fLx2YL4p7g5QHg%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 558256
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PmRX5f8aIBLSUe%2F74cQx1LELQuIuzBP0ZD%2BcEbS4QiCH9WKyFqRxV%2B1bsXt6WuSjkclxLOIqC6TrECWtzIYP1%2FaKNL7m5%2FYn826Vq6mzBxFMwaELfNO82gdAQxM%2FE4R4IvAZvbADVSk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 837ffdb809fc1cbf-FRA
expires: Wed, 20 Dec 2023 13:28:51 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame EEF9 24 KB
9 KB 32ms
32ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ja6arpmrxcg6trd213q0javdegknbgezvfkbrg838j7wm31hxgb4xxn5mycvdbt17xedvyp8w179kfgkehg8vjyf8wghmvznfqsv7xrc8xhtpbj1pcdc6fm7206twcmmd5byrvz22w9646jfe3enf8ew5nxtgzyjezwwn6sgwvesnca6mh8sxx050xg9h2c56nncjp87kk50egfeh3dc969vg7gmmwvxw6brg91w23hcg2hnwn4002ryrxfrferq4erb2tsr7pp1d5n0z3eb84hdwcdyexqqqzsb91405ervz54xmhgfh353vcw0hhebsmaxrrdnrf8vv8cyqk6pegqbmy154qktsvx6ka0m83heetpmqmtxkmp83r5q3xzkm1qdckav32rxt215488kg72kdycsgc8x20srghf0z7br4fdvsqs1d1etnz633s26tt1kgez&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMGH-kpqBZfuUK9eCngXSq6nwD5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAgCIDL1wVbI-qAMByAMCqgTTAU_QhI243KW7R0qqcbXpb2fzAJdJ-Hug_qKbATBIfvaVNOdkWpet7mY-KLq40MqiZJhMTVRYFLuZStIL8PjoVHkVSwm5E0anBo1HzqvMQuwOBUniwKMh96OuyJLF-b66fqbwtOHgpbFWwTAOPpgOaMxjDIsKbSQEbwe16Mc50df91au5DvGfvqy59OSdrezJ7oVZS_f6JZ2mhqx1WvAq347tZO8qzXWraPWsUFTyEj_LzGLQipFH0mfkHMBtlZCoGvQGj07etKfBrfhx4PId8huqT0OABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYg8nfxs2bgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3DfWg-kpOgKSp_fLx2YL4p7g5QHg%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 533642
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aLiiz202SXHgfgYpFAc3eZSkMlMPv5t1kCYezAPVd5ibbfMk6huhpVzmY0ecjYmf1qZkaXa8KpcHT6mjBYSLIA5%2BpbeLChDvFjCm8Cy%2FCD5oZxQypv9DZO0nXU5VAxOXpAn4qjU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 837ffdb809fd1cbf-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 09:14:49 GMT

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 58BC 2 KB
3 KB 50ms
50ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1htfyzsyd3ydj99zygtzv5mww3tjk1f85tqhpqyd9qzw2kgn4nye2tst1dmd1mtdxmgenb7js9hw5bmtgrppb47g9q9r747wtvy6jzcnj5exer3391sy3e2pk1kq099b1vp7gx7nk7mk2vnb5qg56nsj3dtg4qva9r49fhq5xznh5r43hprvp1z7gyphen3a078yvaanq0kab1hjxb97gvw452kz4x4a56rvvemw4th6d53ky0dkr49g7ggfxqdy273xnsjhgxb1t431pvj44wy9tcvmmt29p5dbjv7g4wa0vzwwfdxra8gpsmvvday4azkq5bdkfnmjkry8acrekbwakpt1zpbmd4k3c21mq5jkkn5xmy91gq78mtnpvjxt28tb0gv2bz38deqkkqx74071ba7bf4y89eszj4ewpcmktzwkzj9p0g27qzy5vnb0j4p9gajn&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-VNrkpqBZbnzLoDF_tMPl9axsAOQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoEzwFP0IBLb5qqUif6JYoNjnH5b7ip6Op5zAcn03jsCRnkB0lCtK36i31BL4mCSMlttUW-eT_W3l_vZh_4lTpGbdCUtYFCh2gMJeTy9FvKb3nJ8Jgh1FAmhOddU-Ey397zSI8A63YYNngto4kNdWBQcXilXkuCBdG3idOs1lCP4DLiIC67Iy-eANlatxrOF08AggVoVpLLGQtEJ4F9yBDrDoUzxgbcQOnAJ-BVMKUblcdDAygj3lSyQrkcLoHxNupjkHYM-2bwfbEFBafGFUsQ9iyABvra74OwvNiX7wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYus3jxs2bgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_18uW6PjgmqeaKPVGz--AfNhiEgcw%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f76bba7ff73fea1eeb20feb2309d526f21735db6048f54be6c503266ae9e7ef

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 837ffdb81850bbd3-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 13:28:51 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 68C5 1 KB
643 B 25ms
20ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85161
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Dec 2023 13:49:30 GMT
etag: 48472445140208031
expires: Tue, 19 Dec 2023 13:49:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 1DF1 2 KB
662 B 33ms
30ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 13:11:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Dec 2023 13:28:51 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 1DF1 2 KB
822 B 21ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41672
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 01:54:19 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 1DF1 23 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Jan 2024 23:00:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 1DF1 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 11:16:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7941
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 11:16:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 1DF1 20 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41672
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 01:54:19 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1DF1 203 KB
64 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 13:28:51 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 1DF1 37 KB
15 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84728
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 13:56:43 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 1DF1 28 KB
28 KB 28ms
21ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRfL3rq18n9KAN47vssaSeXbg26Mozm1-W6w1Bzr-JaWh1R5xoxY-M_wbNvJg&usqp=CAI

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

628c59f981225e7474edcf942e8ee8cccb89278b83750e4c8006aa75d7f9dc52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 10:43:28 GMT
x-content-type-options: nosniff
age: 96323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28680
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 08:02:34 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 17 Dec 2024 10:43:28 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 1DF1 29 KB
29 KB 27ms
21ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQlIb-Tc83fBTFG0sT5wK87x0AMnNRLKY4ysKJr8nHPzttTa2osu4Agk02wRw&usqp=CAI

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8102bbc40c56e9c1d59491b9b7c02a1547c0f98558c57cc275447173ad2d836a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 08:02:25 GMT
x-content-type-options: nosniff
age: 451586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29354
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 05:32:13 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 13 Dec 2024 08:02:25 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 1DF1 28 KB
28 KB 25ms
19ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRk097F23g6c9FYbptlhwhRqSxFIMrC-_K_c3f7PIPXtCRxd5_eNIq0rwI36_4&usqp=CAI

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9166139867849f520e589e2539331b7a59c0e2bd96b52c277d15461643b2ce9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 19:56:55 GMT
x-content-type-options: nosniff
age: 63116
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28277
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 04:22:49 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 17 Dec 2024 19:56:55 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 1DF1 25 KB
25 KB 34ms
29ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRNQ0-2xuZfNh2P99WmmEKD5vr3HPj7nmwR_MifsG6Cvpd8kvrtoDm6FA1-qWI&usqp=CAI

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a9b1eb15c0ab4bd7c37458f34ecce3d1fafc4c7837bc8d406af18cf1a6ce2f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 21:25:14 GMT
x-content-type-options: nosniff
age: 57817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25620
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 07:16:13 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 17 Dec 2024 21:25:14 GMT

GET
H3

200

4558490222349370582
tpc.googlesyndication.com/simgad/ Frame 1DF1
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODYxNuVDxDGCxjGCzIIQz3-g85c2Yg
https://tpc.googlesyndication.com/simgad/4558490222349370582

16 KB
16 KB

24ms
22ms

Image
image/png

2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4558490222349370582

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b960232209a48625cdde26c939de1bcfcbe82d31a7ee6960addfb3ecb34897f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 17 Dec 2024 15:50:27 GMT
date: Mon, 18 Dec 2023 15:50:27 GMT
x-content-type-options: nosniff
age: 77904
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16641
x-xss-protection: 0
last-modified: Mon, 09 May 2022 17:37:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

Redirect headers

date: Tue, 19 Dec 2023 08:51:39 GMT
x-content-type-options: nosniff
server: cafe
age: 16632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/4558490222349370582
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 18 Jan 2024 08:51:39 GMT

GET
H3 200 container.html Show response
d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8C8D 6 KB
3 KB 24ms
20ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 13:28:50 GMT
expires: Wed, 18 Dec 2024 13:28:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 177E 0
19 B 69ms
66ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CmoCAkpqBZbnzLoDF_tMPl9axsAOQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoEzAFP0IBLb5qqUif6JYoNjnH5b7ip6Op5zAcn03jsCRnkB0lCtK36i31BL4mCSMlttUW-eT_W3l_vZh_4lTpGbdCUtYFCh2gMJeTy9FvKb3nJ8Jgh1FAmhOddU-Ey397zSI8A63YYNngto4kNdWBQcXilXkuCBdG3idOs1lCP4DLiIC67Iy-eANlatxrOF08AggVoVpLLGQtEJ4F9yBDrDoUzxgbcQOnAZeJ0onLiEoeLhGC1BB0gsIAIJCz7GPK-ELRFaZ5kY50d0HtZVYOABvra74OwvNiX7wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYus3jxs2bgwOACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTg4NDI5NDQ3OTM5MTYzOBiZ0iE&sigh=psCfajYlbuc&uach_m=%5BUACH%5D&cid=CAQSKQAvHhf_u6KTnbERmfNqRt012xlZHOtISlV0mbJt6rgEznb75ftu9mvCGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046729&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992530338&bpp=152&bdt=82&idt=326&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079266%2C95320885&oid=2&pvsid=3606132586892117&tmod=1523838000&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6kxmn0evvl1u&fsb=1&dtd=332
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 19 Dec 2023 13:28:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 177E 0
39 B 35ms
32ms Image
image/gif 2600:1901:0:76b9::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1k867sbzhqzbf6nmm7bv71tdnpkta3m2cvtkfft9810kq6wsdsv28c067k8gzc4qkaad11sekas8ywjs9eb3baz7hck22kprwv3x89j27vr6k6mg2af05xrxwphp5xps3e5jnszm2sh1yft8s8pqf8dgrvkg1mbvvqhcyz563cfm13yrpcekktsbxdadqhf3rsaxh06ym9gmzpg12chftt7avbz48m76497dvw5bmpvfb9kk59k8qt27emh45wnxqyhjdkfeav94e48y37h11emg820bkhfqm73jtq7d5m8k8fnwhwvh5wzpdevghvzt1cvc08j1ybahtqdkjjyn307k3vv39wjpkn598kavc5qefzy3kwn89cpm3jqpz8zesn1z54j2cd3heq8&b=ZYGakgALubkEf6KAAAxrF5H2YV2p_vM2E7bXmA&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046729&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992530338&bpp=152&bdt=82&idt=326&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079266%2C95320885&oid=2&pvsid=3606132586892117&tmod=1523838000&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6kxmn0evvl1u&fsb=1&dtd=332
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 19 Dec 2023 13:28:51 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 58BC 115 KB
14 KB 36ms
36ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1htfyzsyd3ydj99zygtzv5mww3tjk1f85tqhpqyd9qzw2kgn4nye2tst1dmd1mtdxmgenb7js9hw5bmtgrppb47g9q9r747wtvy6jzcnj5exer3391sy3e2pk1kq099b1vp7gx7nk7mk2vnb5qg56nsj3dtg4qva9r49fhq5xznh5r43hprvp1z7gyphen3a078yvaanq0kab1hjxb97gvw452kz4x4a56rvvemw4th6d53ky0dkr49g7ggfxqdy273xnsjhgxb1t431pvj44wy9tcvmmt29p5dbjv7g4wa0vzwwfdxra8gpsmvvday4azkq5bdkfnmjkry8acrekbwakpt1zpbmd4k3c21mq5jkkn5xmy91gq78mtnpvjxt28tb0gv2bz38deqkkqx74071ba7bf4y89eszj4ewpcmktzwkzj9p0g27qzy5vnb0j4p9gajn&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-VNrkpqBZbnzLoDF_tMPl9axsAOQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoEzwFP0IBLb5qqUif6JYoNjnH5b7ip6Op5zAcn03jsCRnkB0lCtK36i31BL4mCSMlttUW-eT_W3l_vZh_4lTpGbdCUtYFCh2gMJeTy9FvKb3nJ8Jgh1FAmhOddU-Ey397zSI8A63YYNngto4kNdWBQcXilXkuCBdG3idOs1lCP4DLiIC67Iy-eANlatxrOF08AggVoVpLLGQtEJ4F9yBDrDoUzxgbcQOnAJ-BVMKUblcdDAygj3lSyQrkcLoHxNupjkHYM-2bwfbEFBafGFUsQ9iyABvra74OwvNiX7wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYus3jxs2bgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_18uW6PjgmqeaKPVGz--AfNhiEgcw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1htfyzsyd3ydj99zygtzv5mww3tjk1f85tqhpqyd9qzw2kgn4nye2tst1dmd1mtdxmgenb7js9hw5bmtgrppb47g9q9r747wtvy6jzcnj5exer3391sy3e2pk1kq099b1vp7gx7nk7mk2vnb5qg56nsj3dtg4qva9r49fhq5xznh5r43hprvp1z7gyphen3a078yvaanq0kab1hjxb97gvw452kz4x4a56rvvemw4th6d53ky0dkr49g7ggfxqdy273xnsjhgxb1t431pvj44wy9tcvmmt29p5dbjv7g4wa0vzwwfdxra8gpsmvvday4azkq5bdkfnmjkry8acrekbwakpt1zpbmd4k3c21mq5jkkn5xmy91gq78mtnpvjxt28tb0gv2bz38deqkkqx74071ba7bf4y89eszj4ewpcmktzwkzj9p0g27qzy5vnb0j4p9gajn&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-VNrkpqBZbnzLoDF_tMPl9axsAOQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoEzwFP0IBLb5qqUif6JYoNjnH5b7ip6Op5zAcn03jsCRnkB0lCtK36i31BL4mCSMlttUW-eT_W3l_vZh_4lTpGbdCUtYFCh2gMJeTy9FvKb3nJ8Jgh1FAmhOddU-Ey397zSI8A63YYNngto4kNdWBQcXilXkuCBdG3idOs1lCP4DLiIC67Iy-eANlatxrOF08AggVoVpLLGQtEJ4F9yBDrDoUzxgbcQOnAJ-BVMKUblcdDAygj3lSyQrkcLoHxNupjkHYM-2bwfbEFBafGFUsQ9iyABvra74OwvNiX7wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYus3jxs2bgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_18uW6PjgmqeaKPVGz--AfNhiEgcw%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1061255
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5k4gJ%2FAVMvM2pvTpHBJ9mfYJtlCN73IBRad3o7Tqzy%2FeV9r2%2BqK8nRE7UC8nzgyGnr1TATf1dmAMWesXF4cKmq8lbqxaz40hbDq8nToSGD2u%2BR4ZuH8MsSD6KJuN%2Fo2cYDcjtL7lT5Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 837ffdb8790bbbd3-FRA
expires: Wed, 20 Dec 2023 13:28:51 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 58BC 24 KB
10 KB 34ms
33ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1htfyzsyd3ydj99zygtzv5mww3tjk1f85tqhpqyd9qzw2kgn4nye2tst1dmd1mtdxmgenb7js9hw5bmtgrppb47g9q9r747wtvy6jzcnj5exer3391sy3e2pk1kq099b1vp7gx7nk7mk2vnb5qg56nsj3dtg4qva9r49fhq5xznh5r43hprvp1z7gyphen3a078yvaanq0kab1hjxb97gvw452kz4x4a56rvvemw4th6d53ky0dkr49g7ggfxqdy273xnsjhgxb1t431pvj44wy9tcvmmt29p5dbjv7g4wa0vzwwfdxra8gpsmvvday4azkq5bdkfnmjkry8acrekbwakpt1zpbmd4k3c21mq5jkkn5xmy91gq78mtnpvjxt28tb0gv2bz38deqkkqx74071ba7bf4y89eszj4ewpcmktzwkzj9p0g27qzy5vnb0j4p9gajn&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-VNrkpqBZbnzLoDF_tMPl9axsAOQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoEzwFP0IBLb5qqUif6JYoNjnH5b7ip6Op5zAcn03jsCRnkB0lCtK36i31BL4mCSMlttUW-eT_W3l_vZh_4lTpGbdCUtYFCh2gMJeTy9FvKb3nJ8Jgh1FAmhOddU-Ey397zSI8A63YYNngto4kNdWBQcXilXkuCBdG3idOs1lCP4DLiIC67Iy-eANlatxrOF08AggVoVpLLGQtEJ4F9yBDrDoUzxgbcQOnAJ-BVMKUblcdDAygj3lSyQrkcLoHxNupjkHYM-2bwfbEFBafGFUsQ9iyABvra74OwvNiX7wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYus3jxs2bgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_18uW6PjgmqeaKPVGz--AfNhiEgcw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 533642
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XklkyTpBLxK28DmKD5fClGFINpG0wwN8qs656bQVfEtYrWB7PZ%2BJs6rb%2F4KAYHgOzt3BapTtw7tLCTcJt%2BLkpPx0yhsk9ax%2BfRZjxxm4PdLYG%2FxYWqcD6i0S%2FbOP9EKkkmPhqhw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 837ffdb8790ebbd3-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 09:14:49 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 68C5 70 B
148 B 47ms
45ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDQZohqX96vaqJOekfT3LKI&google_cver=1&google_push=AXcoOmQ-6f8Xi1ds76sU2Kcp5OYWMy364RNtrCNYJkd-g48aamqAsKr1I4kjI5rBEm2wpO-dTYUU3dkAy-vN4D5Nj_FDRtWrgdGJU9Zo0FfaUmj64K0SYwlG-PSz8IpdtDqVTJhuqsP5uge_DWQojnayxNGj
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046729&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992530338&bpp=152&bdt=82&idt=326&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079266%2C95320885&oid=2&pvsid=3606132586892117&tmod=1523838000&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6kxmn0evvl1u&fsb=1&dtd=332
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 sync
x.bidswitch.net/ Frame 68C5 43 B
146 B 119ms
22ms Image
image/gif 18.197.41.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEG7nXsMCm1Ilrp-SIaMuO7k&google_cver=1&google_push=AXcoOmTT9VZTeUSaVhVDHWZyf_z8EF8uKA-ySdXArS3RPKJor0Ytd-4YjX2OMQGKykjLr-1Ee1OZbyEYQIZTTMeGwf0H2xAohxM82QSPaOuqgjeULsSuAml2iKCk98WxS7Fo-tgfD8_6wH8PgLMlf_ns5W1U
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046729&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992530338&bpp=152&bdt=82&idt=326&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079266%2C95320885&oid=2&pvsid=3606132586892117&tmod=1523838000&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6kxmn0evvl1u&fsb=1&dtd=332
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.41.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-41-124.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 68C5
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEASlT3Y7yFrK2qzuE1Zw2P0&google_cver=1&google_push=AXcoOmSN85Z5Qn4y9Zkz7_Ckco1U0d90A0MglJU5LD3w4ImNBE7S_ylf6f8xWmsrn2efiE0vmDOfpbrd...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEASlT3Y7yFrK2qzuE1Zw2P0&google_cver=1&google_push=AXcoOmSN85Z5Qn4y9Zkz7_Ckco1U0d90A0MglJU5LD3w4ImNBE7S_ylf6f8xWmsrn2efiE0vmDO...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg2NzIwNTQ2MTU2NTAzOTc2MA&google_push=AXcoOmSN85Z5Qn4y9Zkz7_Ckco1U0d90A0MglJU5LD3w4ImNBE7S_ylf6f8xWmsrn2efiE0vmDOfpb...

170 B
188 B

35ms
35ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg2NzIwNTQ2MTU2NTAzOTc2MA&google_push=AXcoOmSN85Z5Qn4y9Zkz7_Ckco1U0d90A0MglJU5LD3w4ImNBE7S_ylf6f8xWmsrn2efiE0vmDOfpbrdr8znZRKV0y0VVzEpJGsGBB04D64w1fDSm2fBQXKNaOeKtWCweFrBqzIHxmH1kO4J8raTH65kQ6uY

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg2NzIwNTQ2MTU2NTAzOTc2MA&google_push=AXcoOmSN85Z5Qn4y9Zkz7_Ckco1U0d90A0MglJU5LD3w4ImNBE7S_ylf6f8xWmsrn2efiE0vmDOfpbrdr8znZRKV0y0VVzEpJGsGBB04D64w1fDSm2fBQXKNaOeKtWCweFrBqzIHxmH1kO4J8raTH65kQ6uY
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 68C5
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENmpximuHD9t1JS9nj6K0ec&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENmpximuHD9t1JS9nj6K0ec&google_hm=ZYGak24RnfZ4sik8VVsHsQAACFAAAAIB&google_nid=index&google_push=AXcoOmSbob_KEfFvhYAO89Sl7M13O5yf6WHc7...

170 B
188 B

37ms
37ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENmpximuHD9t1JS9nj6K0ec&google_hm=ZYGak24RnfZ4sik8VVsHsQAACFAAAAIB&google_nid=index&google_push=AXcoOmSbob_KEfFvhYAO89Sl7M13O5yf6WHc76GugefqZxKWkbt1nrLPybp3yjS3S-seFUQIKqPMdjNB_9Kd1hkz6lMVjcWK7JLtus2KlCJ1ZKIFANdsUsjLnWPwSKgCE1Do93T-A-ydQlgrYhcJZW3BF7do

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rsHRXHSvBB%2Bo%2BgfTQt5md1EZTW2b3obNMy7LKjseB6lu4KtmTEL9kh5hS%2BEbcCGqBCAzsh7RAE0EqgGLmcy6yrB24oXdNZ0hj2mN34T%2BmwJhIIdyuZyzHu3g5D9zHqjecN9GfVDE%2FldBMw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENmpximuHD9t1JS9nj6K0ec&google_hm=ZYGak24RnfZ4sik8VVsHsQAACFAAAAIB&google_nid=index&google_push=AXcoOmSbob_KEfFvhYAO89Sl7M13O5yf6WHc76GugefqZxKWkbt1nrLPybp3yjS3S-seFUQIKqPMdjNB_9Kd1hkz6lMVjcWK7JLtus2KlCJ1ZKIFANdsUsjLnWPwSKgCE1Do93T-A-ydQlgrYhcJZW3BF7do
cache-control: no-cache
cf-ray: 837ffdb88cd92671-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 68C5
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGpQ1oINF75SjAxFKtcIivQ&google_cver=1&google_push=AXcoOmSFTeNGzZlbEB7tFlcG92R-hnJw8Gkgl8S-UMYW_YH3Bsmb5TAWHn6tpl_im_kZ_bXge7OPeZROoDtCc6nrj...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSFTeNGzZlbEB7tFlcG92R-hnJw8Gkgl8S-UMYW_YH3Bsmb5TAWHn6tpl_im_kZ_bXge7OPeZROoDtCc6nrjmlEDp16gU90wCfFayacCcSc-ZRuojY34Si5M31AMMe2z...

170 B
188 B

34ms
34ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSFTeNGzZlbEB7tFlcG92R-hnJw8Gkgl8S-UMYW_YH3Bsmb5TAWHn6tpl_im_kZ_bXge7OPeZROoDtCc6nrjmlEDp16gU90wCfFayacCcSc-ZRuojY34Si5M31AMMe2zUssZRO1S-_LTrWmiDuu0SSB&google_hm=H2OopGZHFL2Y1Z6PRDCVZbru

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 19 Dec 2023 13:28:51 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSFTeNGzZlbEB7tFlcG92R-hnJw8Gkgl8S-UMYW_YH3Bsmb5TAWHn6tpl_im_kZ_bXge7OPeZROoDtCc6nrjmlEDp16gU90wCfFayacCcSc-ZRuojY34Si5M31AMMe2zUssZRO1S-_LTrWmiDuu0SSB&google_hm=H2OopGZHFL2Y1Z6PRDCVZbru
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 68C5 0
45 B 243ms
26ms Image
text/plain 81.17.55.170
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEOZspfgDP1wnd9m1X3PKOic&google_cver=1&google_push=AXcoOmRScxtSV-kGTzg20_Kz53kMQiWUoXg6qCqBorS6Uvby2nFp3syIGk2rMVLskUoKLfhV_AhQhHepyureaxg3ccOrMJdl6nQYJWb-dNnuLXgOai6VfPvZ8E8nXUeJ6sr-ei2vHju7myvN7w-I0g_4JVmI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046729&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992530338&bpp=152&bdt=82&idt=326&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079266%2C95320885&oid=2&pvsid=3606132586892117&tmod=1523838000&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6kxmn0evvl1u&fsb=1&dtd=332
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.170 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:50 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 68C5
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBxXBYK244M0kjeHJL5CMF4&google_cver=1&google_push=AXcoOmSnxjZlgIqOGY-6CZQOolvfw62N8HA3N20kyFVXknod693C1Iugmd_6noiX_9XqNxNnp9mmhmzLuXJ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSnxjZlgIqOGY-6CZQOolvfw62N8HA3N20kyFVXknod693C1Iugmd_6noiX_9XqNxNnp9mmhmzLuXJIrapC5zYvjptT0TtfEK7zRcy6dezgEHG6Ydvy...
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

20ms
20ms

Image
text/plain

51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Protocol

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:51 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 68C5 0
12 B 50ms
50ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LVNy2l1KMFwLUmCK8Bpkqqy67UGYQxLCsefioPGbP3_3sA6zYqbY-xJVlG21N4k9tih5Gzcw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 62BA 0
0 57ms
57ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssb7_7szokz-R0Macr30wSucyU8rPLjGBEqH46YKMzZQPHfHyug7gNivUYrNBk-qHcw-WTA-8tb4j3rwkKSQR6plpEdx89M4JlahW-XL8kku39uXSs0RfcUKV9Y4Q60D3h2bILEBWgFAgGtY1Yq9CN56e82NbsoaA1574spOPuSobjKsuDP9HcNCuUH83BQhgi6HHg96mh00xH_TBjNqQIvUA08X0puL75lIy0NJc2WqZVSxeyu-L7GrH9rIxqgJ-clwoTp9VYNgTL4zo753e3QfF_x8iqyo1hNNnxrHT1adTDf7xTNT78TuepVCzORempd5eMnN_6-DNPG0CZwpLg-VzxcnPdnWL9tRddqaswBpcp7mfngot8-RXFKTl_YXI2ZoQ6InEDyDys7fQPC-A&sai=AMfl-YS6IhbRxjxcjYWf4YPB83V2eSFuCdILhJb7TkqVIRRK0_QZ98aNCJIbRxsNXwB8no7xObN8NOF3kQbItqY&sig=Cg0ArKJSzHW2xUiWORNNEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Dec 2023 13:28:51 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 62BA 16 KB
12 KB 115ms
72ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24d55fd10e1f583d982282c0aa2808f8ec3c926196acae4d30825087631aabfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12227
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 983F 0
0 57ms
57ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsttycOVO5ENkqQDHGI2gK09BInZl9P06wsKzanmaxQrnikeYkKdEsrDxpslBCoFrvaWiByS0BJ07Kndg0FbTyLwdwi5pk7fNgP6hrgR-65c8LYSkcS_pWpNZ-xK0j-cHdo1vDAM3YQClFYOAB2tsHj00xf5RSHqGdi7ynVXMi9OBop9_q1sJDgoPYdAfuAozujkxh4T05MQeU409FI1E2PWsiCqN_1caM-JcqwL7uMG9HInpZ1dwTQoJaboJCP-6czr-f0FGVfOP1RgBkZ9KpftEUgk83qRk54rUoi6urbRvRqY9lm5jU0PznBP6dmMrSwxU3r_qO6Wq4E2mOIOjaaU8OKwVYCEIj9KjUp86VECyuQrKqRWZHzrtKFVNo05GhFaGeJTgk6GO3AKA0dPeA&sai=AMfl-YSGh5znCaoLKkE9eKl0k_h9-Vc5cpxvkaWBw5MA1GUCmYwV0Y9bOlm3NTB0NmQJB7aJdH79z-70W-AL5C0&sig=Cg0ArKJSzOYFoZHbkr11EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Dec 2023 13:28:51 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 983F 16 KB
12 KB 112ms
71ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d272a62db237475ced121d23058f0a3856f59d43ca636903c5206fe12417fb71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12228
x-xss-protection: 0

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame F321 2 KB
1 KB 46ms
45ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1807715
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 837ffdb88926bbd3-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Tue, 19 Dec 2023 13:28:51 GMT
expires: Tue, 28 Nov 2023 16:19:58 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nOocyajzGZPDsYY0xDuPz%2FRNC66rQT3qrFtwnGWRvwinZYlE3OPJw7S5fj2ZfEBFFQc86qbrQ5p3Lwn8FDk4jw0O%2F6%2BMDeOLzLOmmVITeTvDPMourXnCPabWnYOZr4MyJwgnQHU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 4289 2 KB
1 KB 46ms
46ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1807715
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 837ffdb88928bbd3-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Tue, 19 Dec 2023 13:28:51 GMT
expires: Tue, 28 Nov 2023 16:19:58 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pcFgga3r12JH8NsxtGK2elY0BLmJ1CgapNjrNw41a%2F3PjBBdqWGMv%2ByCDaLlEx4KUaZoFG7KY%2FH2%2FIiaOohIy5eaI0OlfOjNXsP3u5i26Azjv7%2FdOtn2vj2PtHcEloliHiR85bc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 1DF1 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d701f54286b5f0fb34fabb487e3bebcd361e2e2807ceeaf2d3738f0efb8bd90

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 8C8D 24 KB
6 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 01:36:29 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 8C8D 25 KB
10 KB 96ms
96ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c93dd298a227decbcbc5fcc458c787f081db10425e322950458c08e0656384d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10277
x-xss-protection: 0
server: cafe
etag: 8188157995017847591
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 13:28:51 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8C8D 203 KB
64 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 13:28:51 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 1DF1 20 KB
20 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 10:23:28 GMT
x-content-type-options: nosniff
age: 97523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 10:23:28 GMT

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 55ms
55ms Preflight
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=COy6tkpqBZZLfKsPC7gOqwp-wAc70iO50vor4m_ARo56d6v9AEAEg08vOMGCVgoCAmAegAeiv7IgDyAEJqQIAiAy9cFWyPuACAKgDAcgD2wSqBJoCT9Bh0bdoHUjzpP6yiO410-sUMZnmhPMGA4St7zHWGZU_kApRw6wVYLQI7A6c_YckNVCqRnUeWMP68tMxwEn_DDSCMOZh2AYDUKhe7qQnWqDbFPbLpYWPSgSn1L0QqVgODfSp4NiHkS9sHBoEXdiGYLbCZ549ffZbOJxChofMTsh8VaocIeaP9qo3q_2IDYGJaS0fpRgdRfq5UDYEYP_Wr3uBEzHoEN_byPsTzTPgQgByA-LANd7uVHvZuoTMlOGTtRuiGq-qyDFjM3GIsxxdqp67I55i2t6DTJAbjKuLVVPSL2tRKWve-8Loh6Dvcrx1H3BIB4xf5bK3GGYKPY7CCRXh9AX79uaqGBjYNSrSDD9OsDiSjcnhzl0ewAToqvT1wgTgBAGIBfqp7JFNkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4DQk3eoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQqfUE0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljL_-3FzZuDA5oJHWh0dHBzOi8vd3d3Lm5lYnVsdXMuYml6L2RlL2RlgAoDyAsBogwUKhIKEOS0sQLutbECtbixAru7sQLiDRMI9Knuxc2bgwMVQ6F7Ch0q4QcW2BMMiBQB0BUBmBYBgBcBshceChwIABIUcHViLTMwMzkxOTk1MDM0MDM2MzQYmdIh&sigh=do7hIDlT0QQ&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSGwAvHhf_sg5db1X8AQb5WzvaEYiKHODR9wzKSRgB&template_id=494&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 19 Dec 2023 13:28:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 1DF1
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=COy6tkpqBZZLfKsPC7gOqwp-wAc70iO50vor4m_ARo56d6v9AEAEg08vOMGCVgoCAmAegAeiv7IgDyAEJqQIAiAy9cFWyPuACAKgDAcgD2wSqBJoCT9Bh0bdoHUjzpP6yiO410-sUMZnm...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226260286297222306358%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%2...

0
0

57ms
56ms

Fetch
text/css

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226260286297222306358%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22823859176%22],%2222%22:[%22true%22],%224%22:[%2212-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210789102694540996945%22}&andc=true

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"6260286297222306358","debug_reporting":true,"destination":"https://nebulus.biz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["823859176"],"22":["true"],"4":["12-19"],"6":["true"]},"priority":"500","source_event_id":"10789102694540996945"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Dec 2023 13:28:51 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 19 Dec 2023 13:28:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"6260286297222306358","debug_reporting":true,"destination":"https://nebulus.biz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["823859176"],"22":["true"],"4":["12-19"],"6":["true"]},"priority":"500","source_event_id":"10789102694540996945"}&andc=true
access-control-allow-origin: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 7933 51 KB
19 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:54:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 08:54:47 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8C8D 0
26 B 58ms
58ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYZ9P-EOT8-w17krn_eJsSYUWeYoW-cCjxpqnyDdafJ0KAzWLKmlcSAPRUbcHhS6a2dhWNyFXrmxeCddjs2CDsrBmcxpo-fG9KjChAMnLO41qzsqeyaIIb5e96Zuf7apk7iNMtH7zXQJnLYqlDl8cW5JeWSzeaRF5C-dS8pTVQf0tFK_r4JnShBbVZkh7dk2k2HNVbbtNi-xampnG26MzrRWk64Ln1NwDNe7rhZNWGPTNn1gRCYmyYjgc52a20_HG22K7QhrcoQHK6ESB3rwa7sPC2Z17x4M65G9zR2YI7nd7IcMImL8Io8Kk7dy3QgIKShhzF16aVHRtgt0jHHQsHYeJy7I5_EodTMb7RuVPfJ1Z2nVY15IQnCZOjU0aJtQTqqDPg_C_F99BoWGc&sai=AMfl-YTMgC5cqevwwhShyiidIVw2U1wngu-TW0Thuj2kRywi3VF7p5L1ZRyu3AwVt3zyYXLB5k4aRo4Nfhe94Dg&sig=Cg0ArKJSzISYYmm2eOlqEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4CA2 0
0 60ms
59ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1cJnDnpP1PNYd3sgnU4F9JoXSQwGyEF9iAsLRMCQHQ1_8nJROQkAiZnILyhjbw5CcS0Acn5RHR4sjQP0Rif3FvHVDXmsCbiL0c-J-vgZld1ugUF2vQUOgOsogaeCHQfARmecgYDyWg70Kg1iO4JbUULgUHBbqAKnWCgZh9SHC_deIyugOntOfiuSPfu5sfgzwNpBdHvP4IqxiqaTQYkBlryapAJnHR2E9RywIXO9iu5WYojf74o9PZOVOAF_jk--ptfATDD52XIBz5ruWbRQTFB52FL1NLuQSqFmXaYBiTrbGxbL5-YBpb3RQp79MeC_z9_5ztMv3F5TjIBGTwA98mNnC_dPGo7_ZcG0C5EttI_oGNDl9QFo99I2YNB67Ag_7PcMssseB0iy_jj3VEA&sai=AMfl-YSxjmif0GogiUlCWObT5C0_OxeXph9bV0qRwSTJzO1MsjmteD4B4RSYPeVrwlDq_uVSzjEWhKcBmBRSyG8&sig=Cg0ArKJSzOXi2kUsAnwAEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Dec 2023 13:28:51 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4CA2 16 KB
12 KB 71ms
70ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

989f8a7168be5e4fed8f3f3510943cd0d9be975efb198199462728197c655d25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12141
x-xss-protection: 0

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame A15B 2 KB
1 KB 41ms
41ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1807715
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 837ffdb92a20bbd3-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Tue, 19 Dec 2023 13:28:51 GMT
expires: Tue, 28 Nov 2023 16:19:58 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b9IGB%2FHc2Jvqtx6vQFpt9bdgXwrkRg3EX5Z42%2FyRjw2vOayJU%2B9rDkHvYOxICW6f4fGklFOOS6tfcLkOI12Hs4PXa6RcwrcaZ%2BX6jSBlJphcA1F2EJejvap4INdTf%2BZZj1WRq0Y%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame C26B 2 KB
2 KB 52ms
52ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afae2eac90554df2efe3fce7d0734924c3d2a81ee2dd8f8b64c56441f4611f52

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0YaY%2F%2FWmNqc0fKFgvzLJMDw%2Bf2OU%2B34V599HwA0OM1M9UQlpcMwhuWdF5MQYcQS%2FoyoNNjLh7Pf6LOdFcYn0M9HN%2FXZhCF%2BZZkMRkA8lgaUea1GMYw744N9MkTYulWEIRo7TiTI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 837ffdba282e5d92-FRA
x-backend-server: aa-reachservice-group-europe-west1-q8vt
alt-svc: h3=":443"; ma=86400

POST
H3 200 rs Show response
ad4m.at/ Frame EEF9 1 KB
1 KB 54ms
54ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0154da7354c2bc2bce4b0e9bcaa8b9f755668dc8df2d4a10c2e1bdfe875f1aa3

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OtqS1fPYaYMAjdD%2BhVtAQgXxTYghcOW7d5pd4WulrQDxf%2B3OKVA4%2B5f3hS3ViXRdcYp78chwJb%2Bl32mFcHtxlUMdbgEIoBeMxGG6WO1wP87%2Bie4RZx7BIgp2ntdYOcOyINAtmUM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 837ffdba28305d92-FRA
x-backend-server: aa-reachservice-group-europe-west1-q8vt
alt-svc: h3=":443"; ma=86400

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 983F 17 KB
6 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 13:28:51 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 62BA 17 KB
6 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 13:28:51 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8C8D 145 KB
50 KB 97ms
97ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

874d0e0e601ca825c511edf171d530a06c8deb3899a707649e2888170b2c19b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51247
x-xss-protection: 0
server: cafe
etag: 12878017045444381551
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 13:28:51 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4CA2 17 KB
6 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 13:28:51 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 57ms
56ms Preflight
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 19 Dec 2023 13:28:51 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7A5C 6 KB
3 KB 20ms
20ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 13:28:50 GMT
expires: Wed, 18 Dec 2024 13:28:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 145ms
45ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 837ffdb9dfdd5d92-FRA
content-length: 24
content-type: text/plain
date: Tue, 19 Dec 2023 13:28:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1oQLB%2F0tWbir7%2F3OBQ6uLpbhPEnn82zOnbvdVeOCrAYAHLl%2FFmnAuETPQ3gfEQUXXFaxuW7gKG4p8t4WUKbapAiZZwLskgiZlKwWTNknkc6M0qCz2ltT7SQvIJnLKx2hxwR4XAU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-q8vt

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 145ms
47ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 837ffdb9dfde5d92-FRA
content-length: 24
content-type: text/plain
date: Tue, 19 Dec 2023 13:28:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HifCxoy0fcAiSAh9rQ%2FssH0Vficv2dc6W0LIllJReh1R3wa34IhzidlYxKZiv6cmzJyZA8o83crWpEthAWfkUIeofQzpsGv8OS26YOX4RRd1Xk3tOwyRNBFSP0wyYTXSApXO4Ts%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-q8vt

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 91BA 13 KB
5 KB 22ms
22ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7939
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 11:16:32 GMT
expires: Wed, 18 Dec 2024 11:16:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BC21 829 B
560 B 32ms
32ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

26e4b525d5e224065fb46cee16b16e7056c7820d2136e1d8203c9dbb28b6bb1e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Yj4qTEmn5GHS6TzF1csNWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Yj4qTEmn5GHS6TzF1csNWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 13:28:51 GMT
expires: Tue, 19 Dec 2023 13:28:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9C90 13 KB
5 KB 22ms
22ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7939
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 11:16:32 GMT
expires: Wed, 18 Dec 2024 11:16:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0D6D 829 B
559 B 32ms
31ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d10cfef260ae720a44f10e8ae68267aafe5037ea7ecdaf8b0acc2ba5aa2971b9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-boofjfVATLZoGemTLv6EdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-boofjfVATLZoGemTLv6EdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 13:28:51 GMT
expires: Tue, 19 Dec 2023 13:28:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F81A 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7939
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 11:16:32 GMT
expires: Wed, 18 Dec 2024 11:16:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4644 829 B
562 B 31ms
31ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

610bdc4a664ee94aa9cc90f26d530b23ce49a6ec6827aeeb6d6101b2da641e84

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VB3HSqjwKDrk6fWm84m82g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-VB3HSqjwKDrk6fWm84m82g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 13:28:51 GMT
expires: Tue, 19 Dec 2023 13:28:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 47ms
47ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 837ffdb9eff05d92-FRA
content-length: 24
content-type: text/plain
date: Tue, 19 Dec 2023 13:28:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SVFWRiLCO9oqAUyw0MJ86bhzVJzt9l4Mn2cW7nB8GGfmHO4RyagsAWHqZ2f4FtlJefNBP5y68pud1%2BXfP4wI9f3GgO%2BmNlqa7U%2BArvAbaUfN3tqwTNjT3Fxvo4Ga8jgjnluUf%2Fg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-q8vt

POST
H3 200 rs Show response
ad4m.at/ Frame 58BC 1 KB
1 KB 48ms
48ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 388033aa75c99cb1710580cdc2d21cce0125ddbfbf182abeb442368a7fbd5b7a

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ri0k5yiNgllkLP6gOgwGYh4hyElPiKmHRLma1D4tfsRjadr%2BtJ005bR%2FSY1RhIqvPZ2jmGn%2BQqL0pDRZzb9bzO%2Fl3%2BJuUCokQGnrlBiD7ji5HLhuaK8g0Gg36WaiVWsGrsiemc8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 837ffdba383e5d92-FRA
x-backend-server: aa-reachservice-group-europe-west1-q8vt
alt-svc: h3=":443"; ma=86400

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame 8C8D 399 KB
135 KB 90ms
89ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

657f06943a34735f0a25f30c9ea05c15e24c0985bbdb771e615182b03e03fa9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137959
x-xss-protection: 0
server: cafe
etag: 4616032106021055364
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 13:28:51 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7A5C 24 KB
6 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 01:36:29 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 7A5C 25 KB
10 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8d1dcfecd75072e5d920d31a9965c616a7a09d98ecd25071e3d62b2aff4329b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10281
x-xss-protection: 0
server: cafe
etag: 5813878685834827952
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 13:28:51 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7A5C 203 KB
64 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 13:28:51 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BC21 0
0 55ms
54ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=1124386423904263&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0D6D 0
0 55ms
55ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=3463301039266083&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4644 0
0 56ms
55ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=3606132586892117&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 91BA 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 09:20:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14924
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 09:20:07 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 9C90 39 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 09:20:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14924
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 09:20:07 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame F81A 39 KB
15 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 09:20:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14924
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 09:20:07 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7A5C 0
26 B 58ms
57ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstD7YGHfuJ9RIkLfnPT6OYrgHjPnGMLnCMU_6jXj0I_ZsocLy-kCyydwB_tQYyN3j5ADA93KTnuaiGq5NRVD-HDgSxd6JiH_lQ553BsQm9d-kzdf-R8Sddh5YrO2rEJDmGYtbElOgoDAhPgQdc__hsN9QAmsTnfFU5Iyi45wjuII6JK--RLVpnqX5WnYTOHMSbYR5LHl0vGoKRqKDxFI1QoG513Sz7EAwgsmfo3m-U6uGDaA5s7rIH7x8tMD0esMpw5cCgnXviZJonwrw8UY4gkJZuipXUf3ux4cyJb_Ikbe0HdX4Oxc1_eW1eBeFIzp5To1yc11H1nYesbZh4-zXAk9ut64JKh3LksUbyew__sOP-OQTbNK33zX4Oxtn_B0_w2G_AUmmNb3PtwrSA&sai=AMfl-YT91hOvJ9Z-PptDUGnsjUp75WbSd-myu_xqfKuTRkW_GTObp6Ljf0ZS9jjspEAA0S5QeqHS_fKlXWTxRtU&sig=Cg0ArKJSzGwcci7VBaz2EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame B862 9 KB
4 KB 48ms
48ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=120&d=600&e=&g=575e5c1ffc8d8a17e99e8fa86b7ec98e%2F7039146224033364183&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702992531550&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqpvjzh7r4pbb5mhmv4az93a0y7dv76xng9gftgtr347qdb0t0wpm23rwkd3ngy22zn31k1mvenayb90dbh4558cz9g2w7jx5r7rg1tytjn7sx5t9r8b16y9ky5qgt2yj1yspgdwzr3earrxvx634jjfrprn93sk29r1tm38yy8416rthp2rvysmyrhema99k9bjqjgsesey1b47ggyqbpzzad0jgehb7g98xeqsfnp6zw0cdjf0ksz1j1rsqnzt43hkhw1022svpngfemwpntp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBmDjkpqBZbaCKrTs_tMP5a2HkAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoE0AFP0O4hERuyz_9bzw8LRZsSLRsslQnYzl_Uh9yE5xXjQqPtofUF0JKYnyHozn0gMpuduN55tPOlz2tqEt_-wcjpvErKNAdEjUxsb72TjubiBA8vZrwjGBDSzgoHDVsWTjO-2OFATQB5eRsPB5JoN-_rYFHZRYMkggbL3ksD9QWOTRalHu52wYw-LoMNAQ-ZdrZyRmL3rgsX5IbPQeHyUytuKFTbY6slZzIhWp28xu9ae0972l1mKxGdw4unH2a3lo4IToJ9MeRbIhOgwRQ6fixwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY88Lexs2bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Ein2OYZ7lDSPeUrzj4JD_lQ0ubQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e6be9fc4ce7407c9c61a5b6ef8f57827eb630a17ca2c3915a16195bcf511add

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1j7kb27bwrpehq9wy9kghecgpe3hk7fhj1bmthrmwxw5ncs6anpvyh2sqrar2yan2ge6weghj5spcsz1jqv5gz0ecbkmcbd01xfn9xm2ygkaevwv1yxzcg7mhrt8pw3kpwrxvz26fz3hkz5jy4fktr4zva07m2nn7afjdvvnra0sc6bk10gv060qp8njhg1vnd85vsdaje0nbxmq6sc5kmdr5p2dry23prtm30qcesababxpm9hdpjjhwkdwsqezd0cdf8s79xrk58n2jrd2wrxh5yvvteaxzw3wmsdh722x2p7shrerdtdtmaqb4j62yh3kg5qk6cefp2ee6nagnx563v1kf2n8qm9vcpdh1mxp5312bbzapyaehwzq14ney8ccxbv5mmg449sfafwew5rnrg3b20n8wekyv44mvrchs9dn6940x3jq2hr2k3qx7dm89an59m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBmDjkpqBZbaCKrTs_tMP5a2HkAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoE0AFP0O4hERuyz_9bzw8LRZsSLRsslQnYzl_Uh9yE5xXjQqPtofUF0JKYnyHozn0gMpuduN55tPOlz2tqEt_-wcjpvErKNAdEjUxsb72TjubiBA8vZrwjGBDSzgoHDVsWTjO-2OFATQB5eRsPB5JoN-_rYFHZRYMkggbL3ksD9QWOTRalHu52wYw-LoMNAQ-ZdrZyRmL3rgsX5IbPQeHyUytuKFTbY6slZzIhWp28xu9ae0972l1mKxGdw4unH2a3lo4IToJ9MeRbIhOgwRQ6fixwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY88Lexs2bgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Ein2OYZ7lDSPeUrzj4JD_lQ0ubQ%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 837ffdba8d04bbd3-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 13:28:51 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 4C17 3 KB
3 KB 51ms
51ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=34719&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=300&d=50&e=&g=82a2f3f0760066a9a7baefac43cd36a9%2F4739944954464993950&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702992531554&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gt65m2zajz2vh8hmmwstbjc18rvb6gz1xxtyb0np0ptpn17d8v5hzmjx2c9skhjpjxcwjrhk05gfdr274y83gd42m1efwnsf9rt8710ark2jpgy6x5x0nv4j7gqqva3525n0wsf8wxnx3bxkvfc6erapnc39vqe640p9jp4ysybnnmav2xf6hbaptc5cyhqck74qqkzydcgtp5b59arfxta0pcsp30wsrrj7wd0j5vtynyhrb027hetprjfjayn5pzy2n1mpx8afa59xe93sx35%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMGH-kpqBZfuUK9eCngXSq6nwD5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAgCIDL1wVbI-qAMByAMCqgTTAU_QhI243KW7R0qqcbXpb2fzAJdJ-Hug_qKbATBIfvaVNOdkWpet7mY-KLq40MqiZJhMTVRYFLuZStIL8PjoVHkVSwm5E0anBo1HzqvMQuwOBUniwKMh96OuyJLF-b66fqbwtOHgpbFWwTAOPpgOaMxjDIsKbSQEbwe16Mc50df91au5DvGfvqy59OSdrezJ7oVZS_f6JZ2mhqx1WvAq347tZO8qzXWraPWsUFTyEj_LzGLQipFH0mfkHMBtlZCoGvQGj07etKfBrfhx4PId8huqT0OABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYg8nfxs2bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3DfWg-kpOgKSp_fLx2YL4p7g5QHg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

780f26a815b945503629646bb8be45faa9545284bdb98e00c98f3ce1e67a10bd

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1ja6arpmrxcg6trd213q0javdegknbgezvfkbrg838j7wm31hxgb4xxn5mycvdbt17xedvyp8w179kfgkehg8vjyf8wghmvznfqsv7xrc8xhtpbj1pcdc6fm7206twcmmd5byrvz22w9646jfe3enf8ew5nxtgzyjezwwn6sgwvesnca6mh8sxx050xg9h2c56nncjp87kk50egfeh3dc969vg7gmmwvxw6brg91w23hcg2hnwn4002ryrxfrferq4erb2tsr7pp1d5n0z3eb84hdwcdyexqqqzsb91405ervz54xmhgfh353vcw0hhebsmaxrrdnrf8vv8cyqk6pegqbmy154qktsvx6ka0m83heetpmqmtxkmp83r5q3xzkm1qdckav32rxt215488kg72kdycsgc8x20srghf0z7br4fdvsqs1d1etnz633s26tt1kgez&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMGH-kpqBZfuUK9eCngXSq6nwD5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAgCIDL1wVbI-qAMByAMCqgTTAU_QhI243KW7R0qqcbXpb2fzAJdJ-Hug_qKbATBIfvaVNOdkWpet7mY-KLq40MqiZJhMTVRYFLuZStIL8PjoVHkVSwm5E0anBo1HzqvMQuwOBUniwKMh96OuyJLF-b66fqbwtOHgpbFWwTAOPpgOaMxjDIsKbSQEbwe16Mc50df91au5DvGfvqy59OSdrezJ7oVZS_f6JZ2mhqx1WvAq347tZO8qzXWraPWsUFTyEj_LzGLQipFH0mfkHMBtlZCoGvQGj07etKfBrfhx4PId8huqT0OABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYg8nfxs2bgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3DfWg-kpOgKSp_fLx2YL4p7g5QHg%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 837ffdba8d08bbd3-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 13:28:51 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame F817 3 KB
3 KB 53ms
52ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=19769&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd&c=320&d=50&e=&g=04c2c2fc5112ef957fba8b5ff16b90e7%2F15119798499113095724&i=21630&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702992531558&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h41hyrfzzcnjmk013376tqwngqn76h5nxf6v28crepc5nyf67vnbermka0qq8met76bqaxqebq71f16bx93vdfx3gt3h05vy1fnb13rp04ch5jkgs701gzzhk21xyr0b57kxbzk4be1k9s5s58zbcbywgx27htzfmh5tv2sbe6nqwwf004k64spkasnkq0awp3qa10akd5jrj8zet9782xtd3ah5qp3rts9skv2vpjsrrfde9b15m0y63vtv56t6cv89b8sygqy2kp6m943wfb8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-VNrkpqBZbnzLoDF_tMPl9axsAOQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoEzwFP0IBLb5qqUif6JYoNjnH5b7ip6Op5zAcn03jsCRnkB0lCtK36i31BL4mCSMlttUW-eT_W3l_vZh_4lTpGbdCUtYFCh2gMJeTy9FvKb3nJ8Jgh1FAmhOddU-Ey397zSI8A63YYNngto4kNdWBQcXilXkuCBdG3idOs1lCP4DLiIC67Iy-eANlatxrOF08AggVoVpLLGQtEJ4F9yBDrDoUzxgbcQOnAJ-BVMKUblcdDAygj3lSyQrkcLoHxNupjkHYM-2bwfbEFBafGFUsQ9iyABvra74OwvNiX7wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYus3jxs2bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_18uW6PjgmqeaKPVGz--AfNhiEgcw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a509cdf4895ab4f5b828241f2d2f4725570e1e641df0c1878a230c19250d567

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1htfyzsyd3ydj99zygtzv5mww3tjk1f85tqhpqyd9qzw2kgn4nye2tst1dmd1mtdxmgenb7js9hw5bmtgrppb47g9q9r747wtvy6jzcnj5exer3391sy3e2pk1kq099b1vp7gx7nk7mk2vnb5qg56nsj3dtg4qva9r49fhq5xznh5r43hprvp1z7gyphen3a078yvaanq0kab1hjxb97gvw452kz4x4a56rvvemw4th6d53ky0dkr49g7ggfxqdy273xnsjhgxb1t431pvj44wy9tcvmmt29p5dbjv7g4wa0vzwwfdxra8gpsmvvday4azkq5bdkfnmjkry8acrekbwakpt1zpbmd4k3c21mq5jkkn5xmy91gq78mtnpvjxt28tb0gv2bz38deqkkqx74071ba7bf4y89eszj4ewpcmktzwkzj9p0g27qzy5vnb0j4p9gajn&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-VNrkpqBZbnzLoDF_tMPl9axsAOQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoEzwFP0IBLb5qqUif6JYoNjnH5b7ip6Op5zAcn03jsCRnkB0lCtK36i31BL4mCSMlttUW-eT_W3l_vZh_4lTpGbdCUtYFCh2gMJeTy9FvKb3nJ8Jgh1FAmhOddU-Ey397zSI8A63YYNngto4kNdWBQcXilXkuCBdG3idOs1lCP4DLiIC67Iy-eANlatxrOF08AggVoVpLLGQtEJ4F9yBDrDoUzxgbcQOnAJ-BVMKUblcdDAygj3lSyQrkcLoHxNupjkHYM-2bwfbEFBafGFUsQ9iyABvra74OwvNiX7wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYus3jxs2bgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_18uW6PjgmqeaKPVGz--AfNhiEgcw%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 837ffdba8d0bbbd3-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 13:28:51 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7A5C 145 KB
50 KB 101ms
101ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4caa391874afacd6b0d5d2a894882403a726b3a1a3aadb9eb7cf7e320bd5d3fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51248
x-xss-protection: 0
server: cafe
etag: 17917788373178521461
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 13:28:51 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame B862 115 KB
14 KB 36ms
36ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=120&d=600&e=&g=575e5c1ffc8d8a17e99e8fa86b7ec98e%2F7039146224033364183&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702992531550&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqpvjzh7r4pbb5mhmv4az93a0y7dv76xng9gftgtr347qdb0t0wpm23rwkd3ngy22zn31k1mvenayb90dbh4558cz9g2w7jx5r7rg1tytjn7sx5t9r8b16y9ky5qgt2yj1yspgdwzr3earrxvx634jjfrprn93sk29r1tm38yy8416rthp2rvysmyrhema99k9bjqjgsesey1b47ggyqbpzzad0jgehb7g98xeqsfnp6zw0cdjf0ksz1j1rsqnzt43hkhw1022svpngfemwpntp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBmDjkpqBZbaCKrTs_tMP5a2HkAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoE0AFP0O4hERuyz_9bzw8LRZsSLRsslQnYzl_Uh9yE5xXjQqPtofUF0JKYnyHozn0gMpuduN55tPOlz2tqEt_-wcjpvErKNAdEjUxsb72TjubiBA8vZrwjGBDSzgoHDVsWTjO-2OFATQB5eRsPB5JoN-_rYFHZRYMkggbL3ksD9QWOTRalHu52wYw-LoMNAQ-ZdrZyRmL3rgsX5IbPQeHyUytuKFTbY6slZzIhWp28xu9ae0972l1mKxGdw4unH2a3lo4IToJ9MeRbIhOgwRQ6fixwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY88Lexs2bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Ein2OYZ7lDSPeUrzj4JD_lQ0ubQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=120&d=600&e=&g=575e5c1ffc8d8a17e99e8fa86b7ec98e%2F7039146224033364183&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702992531550&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqpvjzh7r4pbb5mhmv4az93a0y7dv76xng9gftgtr347qdb0t0wpm23rwkd3ngy22zn31k1mvenayb90dbh4558cz9g2w7jx5r7rg1tytjn7sx5t9r8b16y9ky5qgt2yj1yspgdwzr3earrxvx634jjfrprn93sk29r1tm38yy8416rthp2rvysmyrhema99k9bjqjgsesey1b47ggyqbpzzad0jgehb7g98xeqsfnp6zw0cdjf0ksz1j1rsqnzt43hkhw1022svpngfemwpntp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBmDjkpqBZbaCKrTs_tMP5a2HkAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoE0AFP0O4hERuyz_9bzw8LRZsSLRsslQnYzl_Uh9yE5xXjQqPtofUF0JKYnyHozn0gMpuduN55tPOlz2tqEt_-wcjpvErKNAdEjUxsb72TjubiBA8vZrwjGBDSzgoHDVsWTjO-2OFATQB5eRsPB5JoN-_rYFHZRYMkggbL3ksD9QWOTRalHu52wYw-LoMNAQ-ZdrZyRmL3rgsX5IbPQeHyUytuKFTbY6slZzIhWp28xu9ae0972l1mKxGdw4unH2a3lo4IToJ9MeRbIhOgwRQ6fixwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY88Lexs2bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Ein2OYZ7lDSPeUrzj4JD_lQ0ubQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1061255
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EztWIiCpZonuOOGtLxOI8Obo%2B7NMTsHnEfryztCYhTm7KpCzNUbWS410MptmNtHNrD%2BVDtZLvCHJwDSJGaU1kjOhzgL8x5BUrhIX8oKL6JJDfE9AuFxiyNcdTdTwYBGyXHFJSx2%2FsuE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 837ffdbafdcdbbd3-FRA
expires: Wed, 20 Dec 2023 13:28:51 GMT

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame B862 9 KB
9 KB 48ms
38ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=120&d=600&e=&g=575e5c1ffc8d8a17e99e8fa86b7ec98e%2F7039146224033364183&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702992531550&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqpvjzh7r4pbb5mhmv4az93a0y7dv76xng9gftgtr347qdb0t0wpm23rwkd3ngy22zn31k1mvenayb90dbh4558cz9g2w7jx5r7rg1tytjn7sx5t9r8b16y9ky5qgt2yj1yspgdwzr3earrxvx634jjfrprn93sk29r1tm38yy8416rthp2rvysmyrhema99k9bjqjgsesey1b47ggyqbpzzad0jgehb7g98xeqsfnp6zw0cdjf0ksz1j1rsqnzt43hkhw1022svpngfemwpntp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBmDjkpqBZbaCKrTs_tMP5a2HkAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoE0AFP0O4hERuyz_9bzw8LRZsSLRsslQnYzl_Uh9yE5xXjQqPtofUF0JKYnyHozn0gMpuduN55tPOlz2tqEt_-wcjpvErKNAdEjUxsb72TjubiBA8vZrwjGBDSzgoHDVsWTjO-2OFATQB5eRsPB5JoN-_rYFHZRYMkggbL3ksD9QWOTRalHu52wYw-LoMNAQ-ZdrZyRmL3rgsX5IbPQeHyUytuKFTbY6slZzIhWp28xu9ae0972l1mKxGdw4unH2a3lo4IToJ9MeRbIhOgwRQ6fixwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY88Lexs2bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Ein2OYZ7lDSPeUrzj4JD_lQ0ubQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1755286
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 8772
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:13:38 GMT
server: cloudflare
etag: "15b1f39d668aa86c2ba2ba17d94cc733"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A5%2BF8dWAGXeE6aqSm0KP2hEFBiT9vsUYRaPkcyLKiT%2B58t20BK6I6cZcsuPNbKQ9eeGCQfhBkgep9dTxNbdOuh5NI7cgnXLOhrylwXWQ8ozf33p9J4wdt60PKHW8AqBFbk2xR4%2FXPqwace%2F7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837ffdbb0d361cbf-FRA

GET
H2 200 2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
assets.ad4m.at/ Frame B862 32 KB
33 KB 68ms
58ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=120&d=600&e=&g=575e5c1ffc8d8a17e99e8fa86b7ec98e%2F7039146224033364183&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702992531550&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqpvjzh7r4pbb5mhmv4az93a0y7dv76xng9gftgtr347qdb0t0wpm23rwkd3ngy22zn31k1mvenayb90dbh4558cz9g2w7jx5r7rg1tytjn7sx5t9r8b16y9ky5qgt2yj1yspgdwzr3earrxvx634jjfrprn93sk29r1tm38yy8416rthp2rvysmyrhema99k9bjqjgsesey1b47ggyqbpzzad0jgehb7g98xeqsfnp6zw0cdjf0ksz1j1rsqnzt43hkhw1022svpngfemwpntp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBmDjkpqBZbaCKrTs_tMP5a2HkAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoE0AFP0O4hERuyz_9bzw8LRZsSLRsslQnYzl_Uh9yE5xXjQqPtofUF0JKYnyHozn0gMpuduN55tPOlz2tqEt_-wcjpvErKNAdEjUxsb72TjubiBA8vZrwjGBDSzgoHDVsWTjO-2OFATQB5eRsPB5JoN-_rYFHZRYMkggbL3ksD9QWOTRalHu52wYw-LoMNAQ-ZdrZyRmL3rgsX5IbPQeHyUytuKFTbY6slZzIhWp28xu9ae0972l1mKxGdw4unH2a3lo4IToJ9MeRbIhOgwRQ6fixwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY88Lexs2bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Ein2OYZ7lDSPeUrzj4JD_lQ0ubQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e23b6f4539643a37f0d615a630a76fc48571ebb8b0a9219ad38b4827a60ee18c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3475289
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 33043
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:07:19 GMT
server: cloudflare
etag: "4248eb804269666620fb86952a326d7e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eSIarjgxMKg3mBN4ZZbA3oZ6GEkZmlpk0YCIj0zZc%2F4%2FgBiNSrh3Qrl28u%2BDGxjkP4%2FRz%2Fmx78tNZpBdIOkV8gxpv8jdFkvPpHA8iEJbniye7deFS3cU14gQ17n1091eVpOr%2FibcaLjd7joQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837ffdbb0d391cbf-FRA

GET
H2 200 2aed39855b5f46b7651ba591340f258c
pv.medialead.de/trck/epv/ Frame B862 0
327 B 357ms
32ms Image
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/epv/2aed39855b5f46b7651ba591340f258c?t=htlp&subid=wkzMotivBoneidKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25boneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=120&d=600&e=&g=575e5c1ffc8d8a17e99e8fa86b7ec98e%2F7039146224033364183&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702992531550&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqpvjzh7r4pbb5mhmv4az93a0y7dv76xng9gftgtr347qdb0t0wpm23rwkd3ngy22zn31k1mvenayb90dbh4558cz9g2w7jx5r7rg1tytjn7sx5t9r8b16y9ky5qgt2yj1yspgdwzr3earrxvx634jjfrprn93sk29r1tm38yy8416rthp2rvysmyrhema99k9bjqjgsesey1b47ggyqbpzzad0jgehb7g98xeqsfnp6zw0cdjf0ksz1j1rsqnzt43hkhw1022svpngfemwpntp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBmDjkpqBZbaCKrTs_tMP5a2HkAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoE0AFP0O4hERuyz_9bzw8LRZsSLRsslQnYzl_Uh9yE5xXjQqPtofUF0JKYnyHozn0gMpuduN55tPOlz2tqEt_-wcjpvErKNAdEjUxsb72TjubiBA8vZrwjGBDSzgoHDVsWTjO-2OFATQB5eRsPB5JoN-_rYFHZRYMkggbL3ksD9QWOTRalHu52wYw-LoMNAQ-ZdrZyRmL3rgsX5IbPQeHyUytuKFTbY6slZzIhWp28xu9ae0972l1mKxGdw4unH2a3lo4IToJ9MeRbIhOgwRQ6fixwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY88Lexs2bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Ein2OYZ7lDSPeUrzj4JD_lQ0ubQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:52 GMT
attribution-reporting-register-source: {"source_event_id":"17200573720103333","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame B862 4 KB
4 KB 47ms
46ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=120&d=600&e=&g=575e5c1ffc8d8a17e99e8fa86b7ec98e%2F7039146224033364183&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702992531550&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqpvjzh7r4pbb5mhmv4az93a0y7dv76xng9gftgtr347qdb0t0wpm23rwkd3ngy22zn31k1mvenayb90dbh4558cz9g2w7jx5r7rg1tytjn7sx5t9r8b16y9ky5qgt2yj1yspgdwzr3earrxvx634jjfrprn93sk29r1tm38yy8416rthp2rvysmyrhema99k9bjqjgsesey1b47ggyqbpzzad0jgehb7g98xeqsfnp6zw0cdjf0ksz1j1rsqnzt43hkhw1022svpngfemwpntp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBmDjkpqBZbaCKrTs_tMP5a2HkAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoE0AFP0O4hERuyz_9bzw8LRZsSLRsslQnYzl_Uh9yE5xXjQqPtofUF0JKYnyHozn0gMpuduN55tPOlz2tqEt_-wcjpvErKNAdEjUxsb72TjubiBA8vZrwjGBDSzgoHDVsWTjO-2OFATQB5eRsPB5JoN-_rYFHZRYMkggbL3ksD9QWOTRalHu52wYw-LoMNAQ-ZdrZyRmL3rgsX5IbPQeHyUytuKFTbY6slZzIhWp28xu9ae0972l1mKxGdw4unH2a3lo4IToJ9MeRbIhOgwRQ6fixwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY88Lexs2bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Ein2OYZ7lDSPeUrzj4JD_lQ0ubQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 415056
cf-polished: qual=85, origFmt=jpeg, origSize=7258
alt-svc: h3=":443"; ma=86400
content-length: 4294
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 09:56:16 GMT
server: cloudflare
etag: "679602b08629bcaaabfcfad4e68fe53a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oj4LypkaDj4ueuJdSC%2FsbQJed0Nu4RmjyDqQEjhpU1RpIpfI2J6EjVSywvGZL8PB4n%2BFza3zQa%2FZyvDxfVhXcr3jQYx8tZtYfEWi6VxRPhMVy%2F%2BhzZvcI6UlFkhV%2FxYPIZJnXk%2F2gMPlfuap"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837ffdbb1d4a1cbf-FRA

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame B862 15 KB
16 KB 49ms
48ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=120&d=600&e=&g=575e5c1ffc8d8a17e99e8fa86b7ec98e%2F7039146224033364183&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702992531550&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqpvjzh7r4pbb5mhmv4az93a0y7dv76xng9gftgtr347qdb0t0wpm23rwkd3ngy22zn31k1mvenayb90dbh4558cz9g2w7jx5r7rg1tytjn7sx5t9r8b16y9ky5qgt2yj1yspgdwzr3earrxvx634jjfrprn93sk29r1tm38yy8416rthp2rvysmyrhema99k9bjqjgsesey1b47ggyqbpzzad0jgehb7g98xeqsfnp6zw0cdjf0ksz1j1rsqnzt43hkhw1022svpngfemwpntp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBmDjkpqBZbaCKrTs_tMP5a2HkAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoE0AFP0O4hERuyz_9bzw8LRZsSLRsslQnYzl_Uh9yE5xXjQqPtofUF0JKYnyHozn0gMpuduN55tPOlz2tqEt_-wcjpvErKNAdEjUxsb72TjubiBA8vZrwjGBDSzgoHDVsWTjO-2OFATQB5eRsPB5JoN-_rYFHZRYMkggbL3ksD9QWOTRalHu52wYw-LoMNAQ-ZdrZyRmL3rgsX5IbPQeHyUytuKFTbY6slZzIhWp28xu9ae0972l1mKxGdw4unH2a3lo4IToJ9MeRbIhOgwRQ6fixwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY88Lexs2bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Ein2OYZ7lDSPeUrzj4JD_lQ0ubQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 957127
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 15521
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:09:52 GMT
server: cloudflare
etag: "269bd58060bc660c3aec98b388bae571"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CphY%2BkCGf7X52D54AD3vTlxrWQgXTvgP%2BlKCJlwCx8HVpsq1pWtFEqf83bKFYHXyGARyjXrAw1nWpOo7DR%2FGYkGHruKt7bXraLsCnT9nY35p1UV5sb9YVgwLj8ChvMSYfy8i8cMnoaNsWROd"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837ffdbb1d4b1cbf-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame B862 43 B
704 B 114ms
58ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=120&d=600&e=&g=575e5c1ffc8d8a17e99e8fa86b7ec98e%2F7039146224033364183&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702992531550&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqpvjzh7r4pbb5mhmv4az93a0y7dv76xng9gftgtr347qdb0t0wpm23rwkd3ngy22zn31k1mvenayb90dbh4558cz9g2w7jx5r7rg1tytjn7sx5t9r8b16y9ky5qgt2yj1yspgdwzr3earrxvx634jjfrprn93sk29r1tm38yy8416rthp2rvysmyrhema99k9bjqjgsesey1b47ggyqbpzzad0jgehb7g98xeqsfnp6zw0cdjf0ksz1j1rsqnzt43hkhw1022svpngfemwpntp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBmDjkpqBZbaCKrTs_tMP5a2HkAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoE0AFP0O4hERuyz_9bzw8LRZsSLRsslQnYzl_Uh9yE5xXjQqPtofUF0JKYnyHozn0gMpuduN55tPOlz2tqEt_-wcjpvErKNAdEjUxsb72TjubiBA8vZrwjGBDSzgoHDVsWTjO-2OFATQB5eRsPB5JoN-_rYFHZRYMkggbL3ksD9QWOTRalHu52wYw-LoMNAQ-ZdrZyRmL3rgsX5IbPQeHyUytuKFTbY6slZzIhWp28xu9ae0972l1mKxGdw4unH2a3lo4IToJ9MeRbIhOgwRQ6fixwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY88Lexs2bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Ein2OYZ7lDSPeUrzj4JD_lQ0ubQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Dec 2023 13:28:51 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame B862 2 KB
2 KB 48ms
47ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=120&d=600&e=&g=575e5c1ffc8d8a17e99e8fa86b7ec98e%2F7039146224033364183&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702992531550&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqpvjzh7r4pbb5mhmv4az93a0y7dv76xng9gftgtr347qdb0t0wpm23rwkd3ngy22zn31k1mvenayb90dbh4558cz9g2w7jx5r7rg1tytjn7sx5t9r8b16y9ky5qgt2yj1yspgdwzr3earrxvx634jjfrprn93sk29r1tm38yy8416rthp2rvysmyrhema99k9bjqjgsesey1b47ggyqbpzzad0jgehb7g98xeqsfnp6zw0cdjf0ksz1j1rsqnzt43hkhw1022svpngfemwpntp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBmDjkpqBZbaCKrTs_tMP5a2HkAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoE0AFP0O4hERuyz_9bzw8LRZsSLRsslQnYzl_Uh9yE5xXjQqPtofUF0JKYnyHozn0gMpuduN55tPOlz2tqEt_-wcjpvErKNAdEjUxsb72TjubiBA8vZrwjGBDSzgoHDVsWTjO-2OFATQB5eRsPB5JoN-_rYFHZRYMkggbL3ksD9QWOTRalHu52wYw-LoMNAQ-ZdrZyRmL3rgsX5IbPQeHyUytuKFTbY6slZzIhWp28xu9ae0972l1mKxGdw4unH2a3lo4IToJ9MeRbIhOgwRQ6fixwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY88Lexs2bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Ein2OYZ7lDSPeUrzj4JD_lQ0ubQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 417783
cf-polished: origFmt=png, origSize=2170
alt-svc: h3=":443"; ma=86400
content-length: 1662
cf-bgj: imgq:85,h2pri
last-modified: Mon, 13 Nov 2023 08:38:25 GMT
server: cloudflare
etag: "4721aa7c2d5fa652c8092463f9a485bd"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VDI8u8SiRc5UY0G1bhxBd5OOcZ9lIfElti6RW%2BOnLynvmqLjPEOTn0hGTA7uKfT5G2edlUuqOEtjUIrT18Sx2V6PDmpBvmwx2bByzq7horSAOvEOoisqbyooPtOH5G1i3A2fSak5%2FzO19jo0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837ffdbb1d4e1cbf-FRA

GET
H2 200 B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame B862 23 KB
23 KB 49ms
48ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=120&d=600&e=&g=575e5c1ffc8d8a17e99e8fa86b7ec98e%2F7039146224033364183&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702992531550&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jqpvjzh7r4pbb5mhmv4az93a0y7dv76xng9gftgtr347qdb0t0wpm23rwkd3ngy22zn31k1mvenayb90dbh4558cz9g2w7jx5r7rg1tytjn7sx5t9r8b16y9ky5qgt2yj1yspgdwzr3earrxvx634jjfrprn93sk29r1tm38yy8416rthp2rvysmyrhema99k9bjqjgsesey1b47ggyqbpzzad0jgehb7g98xeqsfnp6zw0cdjf0ksz1j1rsqnzt43hkhw1022svpngfemwpntp%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCBmDjkpqBZbaCKrTs_tMP5a2HkAmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoE0AFP0O4hERuyz_9bzw8LRZsSLRsslQnYzl_Uh9yE5xXjQqPtofUF0JKYnyHozn0gMpuduN55tPOlz2tqEt_-wcjpvErKNAdEjUxsb72TjubiBA8vZrwjGBDSzgoHDVsWTjO-2OFATQB5eRsPB5JoN-_rYFHZRYMkggbL3ksD9QWOTRalHu52wYw-LoMNAQ-ZdrZyRmL3rgsX5IbPQeHyUytuKFTbY6slZzIhWp28xu9ae0972l1mKxGdw4unH2a3lo4IToJ9MeRbIhOgwRQ6fixwgAbv2uO31rnFt3WgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY88Lexs2bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2Ein2OYZ7lDSPeUrzj4JD_lQ0ubQ%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3475213
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 23392
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:08:23 GMT
server: cloudflare
etag: "faa9f958d13ef03f911b71f117846705"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wjpZNQ68v6ITpeC%2F9uULboiN2ha2bbIkKttQwz%2BO%2BPD0MXWb%2BDpJwMC%2BJH4amLna7ZTz93MzM85zK9rKGQ3laSu1Ihsu7YuZEXwKfhqdr0OOzGtDD9%2F6ctmTOM3QkU%2BF4RQwmVFBzO%2BRWIQk"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837ffdbb1d501cbf-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame B862 43 B
704 B 135ms
80ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Dec 2023 13:28:51 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 4C17 115 KB
14 KB 41ms
40ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=300&d=50&e=&g=82a2f3f0760066a9a7baefac43cd36a9%2F4739944954464993950&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702992531554&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gt65m2zajz2vh8hmmwstbjc18rvb6gz1xxtyb0np0ptpn17d8v5hzmjx2c9skhjpjxcwjrhk05gfdr274y83gd42m1efwnsf9rt8710ark2jpgy6x5x0nv4j7gqqva3525n0wsf8wxnx3bxkvfc6erapnc39vqe640p9jp4ysybnnmav2xf6hbaptc5cyhqck74qqkzydcgtp5b59arfxta0pcsp30wsrrj7wd0j5vtynyhrb027hetprjfjayn5pzy2n1mpx8afa59xe93sx35%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMGH-kpqBZfuUK9eCngXSq6nwD5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAgCIDL1wVbI-qAMByAMCqgTTAU_QhI243KW7R0qqcbXpb2fzAJdJ-Hug_qKbATBIfvaVNOdkWpet7mY-KLq40MqiZJhMTVRYFLuZStIL8PjoVHkVSwm5E0anBo1HzqvMQuwOBUniwKMh96OuyJLF-b66fqbwtOHgpbFWwTAOPpgOaMxjDIsKbSQEbwe16Mc50df91au5DvGfvqy59OSdrezJ7oVZS_f6JZ2mhqx1WvAq347tZO8qzXWraPWsUFTyEj_LzGLQipFH0mfkHMBtlZCoGvQGj07etKfBrfhx4PId8huqT0OABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYg8nfxs2bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3DfWg-kpOgKSp_fLx2YL4p7g5QHg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=34719&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=300&d=50&e=&g=82a2f3f0760066a9a7baefac43cd36a9%2F4739944954464993950&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702992531554&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gt65m2zajz2vh8hmmwstbjc18rvb6gz1xxtyb0np0ptpn17d8v5hzmjx2c9skhjpjxcwjrhk05gfdr274y83gd42m1efwnsf9rt8710ark2jpgy6x5x0nv4j7gqqva3525n0wsf8wxnx3bxkvfc6erapnc39vqe640p9jp4ysybnnmav2xf6hbaptc5cyhqck74qqkzydcgtp5b59arfxta0pcsp30wsrrj7wd0j5vtynyhrb027hetprjfjayn5pzy2n1mpx8afa59xe93sx35%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMGH-kpqBZfuUK9eCngXSq6nwD5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAgCIDL1wVbI-qAMByAMCqgTTAU_QhI243KW7R0qqcbXpb2fzAJdJ-Hug_qKbATBIfvaVNOdkWpet7mY-KLq40MqiZJhMTVRYFLuZStIL8PjoVHkVSwm5E0anBo1HzqvMQuwOBUniwKMh96OuyJLF-b66fqbwtOHgpbFWwTAOPpgOaMxjDIsKbSQEbwe16Mc50df91au5DvGfvqy59OSdrezJ7oVZS_f6JZ2mhqx1WvAq347tZO8qzXWraPWsUFTyEj_LzGLQipFH0mfkHMBtlZCoGvQGj07etKfBrfhx4PId8huqT0OABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYg8nfxs2bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3DfWg-kpOgKSp_fLx2YL4p7g5QHg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1061255
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHzH7E8jSr%2FBG9rTSsmZuKOv9UwhK7iX76wnsWVN4aWV2b9ypI55AvMgNJ4SBnDlduDFM2k5%2B%2BvCq7FrZqq1y14veNssnZQPuoVs7PuUhne1qIVtJqKIM9zzvUwigVfw88tivDbJpS0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 837ffdbafdd9bbd3-FRA
expires: Wed, 20 Dec 2023 13:28:51 GMT

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 4C17 9 KB
9 KB 45ms
37ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=300&d=50&e=&g=82a2f3f0760066a9a7baefac43cd36a9%2F4739944954464993950&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702992531554&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gt65m2zajz2vh8hmmwstbjc18rvb6gz1xxtyb0np0ptpn17d8v5hzmjx2c9skhjpjxcwjrhk05gfdr274y83gd42m1efwnsf9rt8710ark2jpgy6x5x0nv4j7gqqva3525n0wsf8wxnx3bxkvfc6erapnc39vqe640p9jp4ysybnnmav2xf6hbaptc5cyhqck74qqkzydcgtp5b59arfxta0pcsp30wsrrj7wd0j5vtynyhrb027hetprjfjayn5pzy2n1mpx8afa59xe93sx35%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMGH-kpqBZfuUK9eCngXSq6nwD5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAgCIDL1wVbI-qAMByAMCqgTTAU_QhI243KW7R0qqcbXpb2fzAJdJ-Hug_qKbATBIfvaVNOdkWpet7mY-KLq40MqiZJhMTVRYFLuZStIL8PjoVHkVSwm5E0anBo1HzqvMQuwOBUniwKMh96OuyJLF-b66fqbwtOHgpbFWwTAOPpgOaMxjDIsKbSQEbwe16Mc50df91au5DvGfvqy59OSdrezJ7oVZS_f6JZ2mhqx1WvAq347tZO8qzXWraPWsUFTyEj_LzGLQipFH0mfkHMBtlZCoGvQGj07etKfBrfhx4PId8huqT0OABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYg8nfxs2bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3DfWg-kpOgKSp_fLx2YL4p7g5QHg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1755286
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 8772
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:13:38 GMT
server: cloudflare
etag: "15b1f39d668aa86c2ba2ba17d94cc733"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xsM2uTmQ0%2FhpwYTNfdjU4pChCvm46HHsI04%2F4CxlC1f0ZNODw5AIqjZ80HFB84ce48w7rCXwgKuxgw3KyMubXqjwpT2d4Sh1%2FVMxDrz7D5na4ilXLHvXGZEddvgTPon2ukMNde2TocNUejjL"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837ffdbb0d321cbf-FRA

GET
H2 200 2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
assets.ad4m.at/ Frame 4C17 32 KB
33 KB 47ms
40ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=300&d=50&e=&g=82a2f3f0760066a9a7baefac43cd36a9%2F4739944954464993950&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702992531554&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gt65m2zajz2vh8hmmwstbjc18rvb6gz1xxtyb0np0ptpn17d8v5hzmjx2c9skhjpjxcwjrhk05gfdr274y83gd42m1efwnsf9rt8710ark2jpgy6x5x0nv4j7gqqva3525n0wsf8wxnx3bxkvfc6erapnc39vqe640p9jp4ysybnnmav2xf6hbaptc5cyhqck74qqkzydcgtp5b59arfxta0pcsp30wsrrj7wd0j5vtynyhrb027hetprjfjayn5pzy2n1mpx8afa59xe93sx35%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMGH-kpqBZfuUK9eCngXSq6nwD5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAgCIDL1wVbI-qAMByAMCqgTTAU_QhI243KW7R0qqcbXpb2fzAJdJ-Hug_qKbATBIfvaVNOdkWpet7mY-KLq40MqiZJhMTVRYFLuZStIL8PjoVHkVSwm5E0anBo1HzqvMQuwOBUniwKMh96OuyJLF-b66fqbwtOHgpbFWwTAOPpgOaMxjDIsKbSQEbwe16Mc50df91au5DvGfvqy59OSdrezJ7oVZS_f6JZ2mhqx1WvAq347tZO8qzXWraPWsUFTyEj_LzGLQipFH0mfkHMBtlZCoGvQGj07etKfBrfhx4PId8huqT0OABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYg8nfxs2bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3DfWg-kpOgKSp_fLx2YL4p7g5QHg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e23b6f4539643a37f0d615a630a76fc48571ebb8b0a9219ad38b4827a60ee18c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3475289
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 33043
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:07:19 GMT
server: cloudflare
etag: "4248eb804269666620fb86952a326d7e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h3VC4v30xSpMDZZ5CFwI6Qo3NksYyzkk499INDeTrOhFGMLquYJQN8hufwP6AkiqCIHR1Qlu%2F%2F%2BItWSFL0U0YwRff7zGw%2BssHJN3gCTueggkvx0SM4e2Ue%2B6wgVARVS0TkLbAb2HzzpE1%2FDJ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837ffdbb0d351cbf-FRA

GET
H2 200 2aed39855b5f46b7651ba591340f258c
pv.medialead.de/trck/epv/ Frame 4C17 0
326 B 357ms
32ms Image
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/epv/2aed39855b5f46b7651ba591340f258c?t=htlp&subid=wkzMotivBoneidKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25boneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye&c=300&d=50&e=&g=82a2f3f0760066a9a7baefac43cd36a9%2F4739944954464993950&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702992531554&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gt65m2zajz2vh8hmmwstbjc18rvb6gz1xxtyb0np0ptpn17d8v5hzmjx2c9skhjpjxcwjrhk05gfdr274y83gd42m1efwnsf9rt8710ark2jpgy6x5x0nv4j7gqqva3525n0wsf8wxnx3bxkvfc6erapnc39vqe640p9jp4ysybnnmav2xf6hbaptc5cyhqck74qqkzydcgtp5b59arfxta0pcsp30wsrrj7wd0j5vtynyhrb027hetprjfjayn5pzy2n1mpx8afa59xe93sx35%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCMGH-kpqBZfuUK9eCngXSq6nwD5DhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAgCIDL1wVbI-qAMByAMCqgTTAU_QhI243KW7R0qqcbXpb2fzAJdJ-Hug_qKbATBIfvaVNOdkWpet7mY-KLq40MqiZJhMTVRYFLuZStIL8PjoVHkVSwm5E0anBo1HzqvMQuwOBUniwKMh96OuyJLF-b66fqbwtOHgpbFWwTAOPpgOaMxjDIsKbSQEbwe16Mc50df91au5DvGfvqy59OSdrezJ7oVZS_f6JZ2mhqx1WvAq347tZO8qzXWraPWsUFTyEj_LzGLQipFH0mfkHMBtlZCoGvQGj07etKfBrfhx4PId8huqT0OABpqW_rH7lvf1yAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYg8nfxs2bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3DfWg-kpOgKSp_fLx2YL4p7g5QHg%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:52 GMT
attribution-reporting-register-source: {"source_event_id":"17200573720103333","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame F817 115 KB
14 KB 54ms
53ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd&c=320&d=50&e=&g=04c2c2fc5112ef957fba8b5ff16b90e7%2F15119798499113095724&i=21630&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702992531558&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h41hyrfzzcnjmk013376tqwngqn76h5nxf6v28crepc5nyf67vnbermka0qq8met76bqaxqebq71f16bx93vdfx3gt3h05vy1fnb13rp04ch5jkgs701gzzhk21xyr0b57kxbzk4be1k9s5s58zbcbywgx27htzfmh5tv2sbe6nqwwf004k64spkasnkq0awp3qa10akd5jrj8zet9782xtd3ah5qp3rts9skv2vpjsrrfde9b15m0y63vtv56t6cv89b8sygqy2kp6m943wfb8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-VNrkpqBZbnzLoDF_tMPl9axsAOQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoEzwFP0IBLb5qqUif6JYoNjnH5b7ip6Op5zAcn03jsCRnkB0lCtK36i31BL4mCSMlttUW-eT_W3l_vZh_4lTpGbdCUtYFCh2gMJeTy9FvKb3nJ8Jgh1FAmhOddU-Ey397zSI8A63YYNngto4kNdWBQcXilXkuCBdG3idOs1lCP4DLiIC67Iy-eANlatxrOF08AggVoVpLLGQtEJ4F9yBDrDoUzxgbcQOnAJ-BVMKUblcdDAygj3lSyQrkcLoHxNupjkHYM-2bwfbEFBafGFUsQ9iyABvra74OwvNiX7wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYus3jxs2bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_18uW6PjgmqeaKPVGz--AfNhiEgcw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=19769&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd&c=320&d=50&e=&g=04c2c2fc5112ef957fba8b5ff16b90e7%2F15119798499113095724&i=21630&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702992531558&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h41hyrfzzcnjmk013376tqwngqn76h5nxf6v28crepc5nyf67vnbermka0qq8met76bqaxqebq71f16bx93vdfx3gt3h05vy1fnb13rp04ch5jkgs701gzzhk21xyr0b57kxbzk4be1k9s5s58zbcbywgx27htzfmh5tv2sbe6nqwwf004k64spkasnkq0awp3qa10akd5jrj8zet9782xtd3ah5qp3rts9skv2vpjsrrfde9b15m0y63vtv56t6cv89b8sygqy2kp6m943wfb8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-VNrkpqBZbnzLoDF_tMPl9axsAOQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoEzwFP0IBLb5qqUif6JYoNjnH5b7ip6Op5zAcn03jsCRnkB0lCtK36i31BL4mCSMlttUW-eT_W3l_vZh_4lTpGbdCUtYFCh2gMJeTy9FvKb3nJ8Jgh1FAmhOddU-Ey397zSI8A63YYNngto4kNdWBQcXilXkuCBdG3idOs1lCP4DLiIC67Iy-eANlatxrOF08AggVoVpLLGQtEJ4F9yBDrDoUzxgbcQOnAJ-BVMKUblcdDAygj3lSyQrkcLoHxNupjkHYM-2bwfbEFBafGFUsQ9iyABvra74OwvNiX7wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYus3jxs2bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_18uW6PjgmqeaKPVGz--AfNhiEgcw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1061255
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TCmfCuw%2FAdjrfHdlrfgV4rYC1lc%2F5oN3nFzTiCOraqW7dJ7smD2pF2B2LloT4V1sak1tHTAp1YoRm9Op7AUuGxUNukXbNrsOd35SGYVHwD%2BBnJOqdz5Or1%2FPiQvEn2WT4f6oyYgZsUQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 837ffdbafde2bbd3-FRA
expires: Wed, 20 Dec 2023 13:28:51 GMT

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame F817 4 KB
5 KB 61ms
56ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd&c=320&d=50&e=&g=04c2c2fc5112ef957fba8b5ff16b90e7%2F15119798499113095724&i=21630&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702992531558&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h41hyrfzzcnjmk013376tqwngqn76h5nxf6v28crepc5nyf67vnbermka0qq8met76bqaxqebq71f16bx93vdfx3gt3h05vy1fnb13rp04ch5jkgs701gzzhk21xyr0b57kxbzk4be1k9s5s58zbcbywgx27htzfmh5tv2sbe6nqwwf004k64spkasnkq0awp3qa10akd5jrj8zet9782xtd3ah5qp3rts9skv2vpjsrrfde9b15m0y63vtv56t6cv89b8sygqy2kp6m943wfb8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-VNrkpqBZbnzLoDF_tMPl9axsAOQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoEzwFP0IBLb5qqUif6JYoNjnH5b7ip6Op5zAcn03jsCRnkB0lCtK36i31BL4mCSMlttUW-eT_W3l_vZh_4lTpGbdCUtYFCh2gMJeTy9FvKb3nJ8Jgh1FAmhOddU-Ey397zSI8A63YYNngto4kNdWBQcXilXkuCBdG3idOs1lCP4DLiIC67Iy-eANlatxrOF08AggVoVpLLGQtEJ4F9yBDrDoUzxgbcQOnAJ-BVMKUblcdDAygj3lSyQrkcLoHxNupjkHYM-2bwfbEFBafGFUsQ9iyABvra74OwvNiX7wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYus3jxs2bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_18uW6PjgmqeaKPVGz--AfNhiEgcw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 415056
cf-polished: qual=85, origFmt=jpeg, origSize=7258
alt-svc: h3=":443"; ma=86400
content-length: 4294
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 09:56:16 GMT
server: cloudflare
etag: "679602b08629bcaaabfcfad4e68fe53a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Id1vX543j7RWI6mRpVpEt3JJQyXQ7chAHBzkcCgVsHm7zTXqfc0RCN8TcnuobRusBd1tUMvMBbY%2BOjj8RQA44Mh5LcEd3prAv%2BgqBMsbVcp9fUbrsHdRxwr2G98glgVJc4JWLBMBom0VglTu"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837ffdbb0d3b1cbf-FRA

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame F817 15 KB
16 KB 41ms
36ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd&c=320&d=50&e=&g=04c2c2fc5112ef957fba8b5ff16b90e7%2F15119798499113095724&i=21630&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702992531558&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h41hyrfzzcnjmk013376tqwngqn76h5nxf6v28crepc5nyf67vnbermka0qq8met76bqaxqebq71f16bx93vdfx3gt3h05vy1fnb13rp04ch5jkgs701gzzhk21xyr0b57kxbzk4be1k9s5s58zbcbywgx27htzfmh5tv2sbe6nqwwf004k64spkasnkq0awp3qa10akd5jrj8zet9782xtd3ah5qp3rts9skv2vpjsrrfde9b15m0y63vtv56t6cv89b8sygqy2kp6m943wfb8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-VNrkpqBZbnzLoDF_tMPl9axsAOQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoEzwFP0IBLb5qqUif6JYoNjnH5b7ip6Op5zAcn03jsCRnkB0lCtK36i31BL4mCSMlttUW-eT_W3l_vZh_4lTpGbdCUtYFCh2gMJeTy9FvKb3nJ8Jgh1FAmhOddU-Ey397zSI8A63YYNngto4kNdWBQcXilXkuCBdG3idOs1lCP4DLiIC67Iy-eANlatxrOF08AggVoVpLLGQtEJ4F9yBDrDoUzxgbcQOnAJ-BVMKUblcdDAygj3lSyQrkcLoHxNupjkHYM-2bwfbEFBafGFUsQ9iyABvra74OwvNiX7wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYus3jxs2bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_18uW6PjgmqeaKPVGz--AfNhiEgcw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 957127
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 15521
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:09:52 GMT
server: cloudflare
etag: "269bd58060bc660c3aec98b388bae571"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fk2Dz%2BIzF2kHYmzUFBNWYfs893SdKElcbreZMIAQlwdFfZpvfIeXKvMxsnpN5HSwERMjv9CEcnb3K0hOTBgOtu7zNv8N9qgBlZQD%2F%2BT%2Fz%2Fyf8iKowW7ljzKO1QOnRh%2Bfu9d3qaFM043k7ySf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837ffdbb0d3a1cbf-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame F817 43 B
704 B 171ms
117ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769&b=jk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7&f=xmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd&c=320&d=50&e=&g=04c2c2fc5112ef957fba8b5ff16b90e7%2F15119798499113095724&i=21630&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1702992531558&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h41hyrfzzcnjmk013376tqwngqn76h5nxf6v28crepc5nyf67vnbermka0qq8met76bqaxqebq71f16bx93vdfx3gt3h05vy1fnb13rp04ch5jkgs701gzzhk21xyr0b57kxbzk4be1k9s5s58zbcbywgx27htzfmh5tv2sbe6nqwwf004k64spkasnkq0awp3qa10akd5jrj8zet9782xtd3ah5qp3rts9skv2vpjsrrfde9b15m0y63vtv56t6cv89b8sygqy2kp6m943wfb8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC-VNrkpqBZbnzLoDF_tMPl9axsAOQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoEzwFP0IBLb5qqUif6JYoNjnH5b7ip6Op5zAcn03jsCRnkB0lCtK36i31BL4mCSMlttUW-eT_W3l_vZh_4lTpGbdCUtYFCh2gMJeTy9FvKb3nJ8Jgh1FAmhOddU-Ey397zSI8A63YYNngto4kNdWBQcXilXkuCBdG3idOs1lCP4DLiIC67Iy-eANlatxrOF08AggVoVpLLGQtEJ4F9yBDrDoUzxgbcQOnAJ-BVMKUblcdDAygj3lSyQrkcLoHxNupjkHYM-2bwfbEFBafGFUsQ9iyABvra74OwvNiX7wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYus3jxs2bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_18uW6PjgmqeaKPVGz--AfNhiEgcw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Dec 2023 13:28:51 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 91BA 0
10 B 22ms
22ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3EHEzA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9C90 0
10 B 22ms
22ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?FSIu4Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F81A 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?6JbsKA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3A01 603 B
65 B 528ms
527ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=100&slotname=3654094576&adk=193636013&adf=3173046727&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992531396&bpp=116&bdt=106&idt=363&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079980%2C42531514%2C42531705%2C95320884&oid=2&pvsid=3070742680505491&tmod=896271259&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.g4xc33er71j0&fsb=1&dtd=365

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 13:28:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame 7A5C 399 KB
135 KB 84ms
84ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3654fdc8bbe4f55644ae047081eda8ce9e5532dedfb86df23519fb6e7b5419e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137962
x-xss-protection: 0
server: cafe
etag: 15976714756569914186
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 13:28:51 GMT

GET
H3 200 container.html Show response
d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 518D 6 KB
3 KB 20ms
20ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 13:28:50 GMT
expires: Wed, 18 Dec 2024 13:28:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 518D 24 KB
6 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 01:36:29 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 518D 25 KB
10 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8d1dcfecd75072e5d920d31a9965c616a7a09d98ecd25071e3d62b2aff4329b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10281
x-xss-protection: 0
server: cafe
etag: 5813878685834827952
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 13:28:51 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 518D 203 KB
64 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 13:28:51 GMT

GET
H3 200 container.html Show response
d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FC67 6 KB
3 KB 20ms
20ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xgcartoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 13:28:50 GMT
expires: Wed, 18 Dec 2024 13:28:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 518D 0
26 B 65ms
65ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-_L_5ZjDlswH1Ztb4ART3A5eNWGjND0XxaSj6zlllq5scC_ji9OwZZEEGKi5pmBZx_ofYCtnERjUcxRxoFX-pmIXsdTNXRi0SzPRWXk7SBghZmZpa4C0248_5rtxj7TXVh6htg709xFLL8SAhaI-P-D6X4XmtV04NppVNiyJ7Lkmq3ubFPMMJYs7hhxJPOROamFKNBaBS0nTYfFwSV5gAfIqThqaZxmDR4POwJqu16NR-ntd2hMo_f8zx5-0rqFdfy9_0_54M7xJAtK3IM3RsiYv3-u2Xa37f6ayhyiVNs7nUGmjqbqBZLrI3bvLfEZTDHMGLqEZGdujW8zzLVv6XGuVOZBDAebyGs91MLkqaO6qsb_2b49A&sai=AMfl-YTAyoak3suL0cHqi7S6pCwf1hRTADUdVMy7t-BXkVNm3W6i9Bl3vGIcSarCK-eW7ipAny8CXwYXIGMJOKE&sig=Cg0ArKJSzGzTKSJQPaPrEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FC67 2 KB
822 B 22ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41672
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 01:54:19 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame FC67 23 KB
9 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Jan 2024 23:00:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FC67 3 KB
1 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 11:16:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7941
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 11:16:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FC67 20 KB
8 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41672
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 01:54:19 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame FC67 203 KB
64 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 13:28:51 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame FC67 37 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84728
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 13:56:43 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame FC67 28 KB
28 KB 25ms
24ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRfL3rq18n9KAN47vssaSeXbg26Mozm1-W6w1Bzr-JaWh1R5xoxY-M_wbNvJg&usqp=CAI

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

628c59f981225e7474edcf942e8ee8cccb89278b83750e4c8006aa75d7f9dc52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 10:43:28 GMT
x-content-type-options: nosniff
age: 96323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28680
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 08:02:34 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 17 Dec 2024 10:43:28 GMT

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame FC67 29 KB
29 KB 26ms
25ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQlIb-Tc83fBTFG0sT5wK87x0AMnNRLKY4ysKJr8nHPzttTa2osu4Agk02wRw&usqp=CAI

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8102bbc40c56e9c1d59491b9b7c02a1547c0f98558c57cc275447173ad2d836a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 08:02:25 GMT
x-content-type-options: nosniff
age: 451586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29354
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 05:32:13 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 13 Dec 2024 08:02:25 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame FC67 25 KB
25 KB 35ms
34ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRNQ0-2xuZfNh2P99WmmEKD5vr3HPj7nmwR_MifsG6Cvpd8kvrtoDm6FA1-qWI&usqp=CAI

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a9b1eb15c0ab4bd7c37458f34ecce3d1fafc4c7837bc8d406af18cf1a6ce2f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 21:25:14 GMT
x-content-type-options: nosniff
age: 57817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25620
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 07:16:13 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 17 Dec 2024 21:25:14 GMT

GET
H3 200 shopping
encrypted-tbn0.gstatic.com/ Frame FC67 28 KB
28 KB 24ms
23ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRk097F23g6c9FYbptlhwhRqSxFIMrC-_K_c3f7PIPXtCRxd5_eNIq0rwI36_4&usqp=CAI

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9166139867849f520e589e2539331b7a59c0e2bd96b52c277d15461643b2ce9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 19:56:55 GMT
x-content-type-options: nosniff
age: 63116
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28277
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 04:22:49 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 17 Dec 2024 19:56:55 GMT

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame FC67 33 KB
33 KB 40ms
39ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRRdpVKbGqc0LCXWPSHBe3tsgUtziy84iM-l99Yeu5zONCASvBlaeCgQQbKZqY&usqp=CAI

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09ff515b348a4ce7cdd1d76d114395a8702e8f438157fadf05239ad980bb416a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 20:52:55 GMT
x-content-type-options: nosniff
age: 59756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33426
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 08:04:11 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 17 Dec 2024 20:52:55 GMT

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame FC67 32 KB
32 KB 32ms
31ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQfrEK6R0YDY20I9r1XJCowuTECuast6twW-JhoqXgJKErjNuV96OJvm7Pmi1c&usqp=CAI

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44d3841af6833efbffb0cffba7ad72c14c7e398d2ad9a600bff96f888dde894d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 01:16:04 GMT
x-content-type-options: nosniff
age: 303167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32945
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 05:29:30 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 15 Dec 2024 01:16:04 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame FC67 33 KB
33 KB 28ms
28ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSq47Jly13gtxJpswhB9Enyx4qoYib1qswOp7PWawzDmuVcN4VodbNBRA3uqw&usqp=CAI

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93737113c851f8b04daa3b1b47c0e1aa9788ba2cbe7cd2c2dd3d6e8757c39104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:37:07 GMT
x-content-type-options: nosniff
age: 114704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33328
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 07:55:06 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 17 Dec 2024 05:37:07 GMT

GET
H3

200

4558490222349370582
tpc.googlesyndication.com/simgad/ Frame FC67
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODYxNuVDxDGCxjGCzIIQz3-g85c2Yg
https://tpc.googlesyndication.com/simgad/4558490222349370582

16 KB
16 KB

27ms
21ms

Image
image/png

2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4558490222349370582

Requested by

Host: d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
URL: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b960232209a48625cdde26c939de1bcfcbe82d31a7ee6960addfb3ecb34897f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 17 Dec 2024 15:50:27 GMT
date: Mon, 18 Dec 2023 15:50:27 GMT
x-content-type-options: nosniff
age: 77904
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16641
x-xss-protection: 0
last-modified: Mon, 09 May 2022 17:37:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

Redirect headers

date: Tue, 19 Dec 2023 08:51:39 GMT
x-content-type-options: nosniff
server: cafe
age: 16632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/4558490222349370582
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 18 Jan 2024 08:51:39 GMT

GET
DATA 200
OK truncated
/ Frame FC67 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 538b02504c41e14ccce9818aeaaf9ee6e917db20ba4548fd10bb1c28dd3f25c6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 518D 145 KB
50 KB 90ms
84ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b41b08a177a2b27244894854a59687a06593f89f5d691f5ee2151d6a0927a919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51251
x-xss-protection: 0
server: cafe
etag: 18138569582624637645
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 13:28:51 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 456A 39 KB
16 KB 402ms
401ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992531635&bpp=138&bdt=105&idt=340&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C95320885&oid=2&pvsid=2417075223100956&tmod=1972741523&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.3n5avnf8mfgx&fsb=1&dtd=345

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c8ff803e96d4d73b55b0454c35abe2a4344296878079358b87714a7db9e55bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 16798
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 13:28:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 518D 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f04ba1b77511a11124ca2b976fc47318dec9399e257157ac6fcec78d15225fe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame FC67
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=COGavk5qBZermG-7G1PIPuYy6oAHO9IjudL6K-JvwEaOener_QBABINPLzjBglYKAgJgHoAHor-yIA8gBCakCAIgMvXBVsj7gAgCoAwHIA9sEqgSZAk_QQ4bc_DorjpStPq2ZjHSDawsp...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211342364959018316003%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%...

0
0

57ms
56ms

Fetch
text/css

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211342364959018316003%22,%22debug_reporting%22:true,%22destination%22:%22https://nebulus.biz%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22823859176%22],%2222%22:[%22true%22],%224%22:[%2212-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225976240902245503457%22}&andc=true

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:52 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"11342364959018316003","debug_reporting":true,"destination":"https://nebulus.biz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["823859176"],"22":["true"],"4":["12-19"],"6":["true"]},"priority":"500","source_event_id":"5976240902245503457"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Dec 2023 13:28:52 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 19 Dec 2023 13:28:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11342364959018316003","debug_reporting":true,"destination":"https://nebulus.biz","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["823859176"],"22":["true"],"4":["12-19"],"6":["true"]},"priority":"500","source_event_id":"5976240902245503457"}&andc=true
access-control-allow-origin: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 55ms
55ms Preflight
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=COGavk5qBZermG-7G1PIPuYy6oAHO9IjudL6K-JvwEaOener_QBABINPLzjBglYKAgJgHoAHor-yIA8gBCakCAIgMvXBVsj7gAgCoAwHIA9sEqgSZAk_QQ4bc_DorjpStPq2ZjHSDawspIrWpdQ0-yH6mkRdqp8k1VJgGFsvPtbpJz6f96FYI8arO2rTYCTothLlPAAJD-348pEW2BbXMmrDglrZxpry2PAxyk3kVPfqCVcCc04I2DSsF2ezRq3r8BCGtnOLy03FccnLevhRtCaNoW5KpnLztY4ooY5gIymjK7_7B4oxcSfudlcbrTjyvNoqLOrfJhDLBk7uaWXsmwE7WLG_zjmVj3gIr3fKpMjfcy0LgPKYRm6Ba35hirj6dVPMUxCEmGJdV68HrJIdQVdNGgUMk1DxH__pbUQ-p73NSuoujAb6qHfO6aHZL2BqAfIpCluHU6cazQB05VbXDSsPzOdcIg3PqWjXIh0prwAToqvT1wgTgBAGIBfqp7JFNkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4DQk3eoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQ78QC0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOljjn-7FzZuDA5oJHWh0dHBzOi8vd3d3Lm5lYnVsdXMuYml6L2RlL2RlgAoDyAsBogwcKhoKGOS0sQLutbECtbixAuS0sQLutbECu7uxAuINEwij3u7FzZuDAxVuI1UIHTmGDhTYEwyIFAHQFQGYFgGAFwGyFx4KHAgAEhRwdWItMzAzOTE5OTUwMzQwMzYzNBiZ0iGyGAMiAQA&sigh=QcszVsKzvcA&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSGwAvHhf_JgAZ-7TB9qmHJTsLqIvcPVgxzH0IMRgB&template_id=494&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 19 Dec 2023 13:28:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 86D7 51 KB
19 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: www.xgcartoon.com
URL: https://www.xgcartoon.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:54:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16445
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 08:54:47 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ Frame 518D 399 KB
135 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

657f06943a34735f0a25f30c9ea05c15e24c0985bbdb771e615182b03e03fa9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137959
x-xss-protection: 0
server: cafe
etag: 4616032106021055364
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 13:28:52 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 56ms
56ms Preflight
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 19 Dec 2023 13:28:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 983F 0
0 57ms
57ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=1124386423904263&bg=!d3SldDvNAAY3kmNgF5I7ADQBe5WfOLzWlKk_zc0190uK377bVXsgBhRUMabf5aNZj0L2AbVf3aOosPtJcyY_3AXAahytAgAAAIpSAAAAAWgBB5kDS2_MF9cLX5IWf67ndIf3RzZ79yPc6LWLf3hMojiun-BtfUDBVW5Cy0KWclVntOv4WhtG9iKu48XNGAzaonMBUYbRZpinZsIj5dKdtrBsdAzOB1AO18jn--66UQQe1dI0w8TO6IivW7z_-J31MOKFzdvQqYA_kGC8n4XY7jAHn3hqE5PswlUTyR562cgiypVkAMORAFYKuZiLavz0ZCxKAa7whNrXy55iIbOlNlUmMpXbgEzoP90KFseX-CLUk2LP9lJb-eJ_A1AZyWByuhZaxY6QKzBiIlKm0eKa9clvu77xFKfaLR6fuOezxf7vTvTWPX98Xz_c18GEDqBaL5ciIe_riyLRBtsvTwXKqh8_8W0fHtDD-pM1yDGdsuCZCI8SpU5dmfUtWft1BvyjhBIMZ6xw05lnEOcVUEnvQ8K16nwX_oXskOm0r--Mq8Vyr5oBe3vlR2WnZba-2bbdvyB6uNRrXfZA4AIU2m_14QmF1aLSK2oqFfnXXe3XUFrvDZp0MyQu5TId-dpQJ4F3EHfHAi3HQGCTx0vhS-ZlmBmfXXGTbxBOVA8aj0iTH74-a7CUSB2mpkR2Ti1Ra68kqak638gmbj1gyjozXLMto5ZEp5VkWFR50KogKfHLt20in8sKwcf1myVW9E12ItM-0mP5OE8mhlAmcJYRYfJ5Eu3BCvOhzf1eKsUFuwaPScbNN6G9QpdUsZ4OxCNanjt3jXKbHCxxMpIB3mXjL5eGkymVQXO9yvyhmrOY-FmdT-ZSC90tcp-MypfhOEPFqEtoyqan5xxVxBimOZ2xcg8gr7ZshKyO6PY8R5U7k7MNa-xZuDKJmkNvZp1u37ypjGmF_GMjM8qStKRv2xGghf3k8U_SOrGHVy8rRmiEuQrCKYEGx_oKGN3HGdCKnuCB57y3HkNg8E8vUsrWkAJnt2YZDsTNkHTlEgbYQ4J3BzkpHw_GqXZVbSnnVH0p0UpBYnurvx_Z3sne0cohiwDa-P7XqdP8dJt7iJZTbWa2pEF1xJ2K4W9ggxhaJ8gxEk3ubh6yGRvXnj3R0IfD9Kpt4V_-K3GTcEJ52t0mbs_99LeFj-j4l9e3r0A3GXXSmA3L0kbiIrKNZi9gJDUqedZf4ykKjA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 62BA 0
0 57ms
57ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=3463301039266083&bg=!AQKlAk3NAAY3kmNgF5I7ADQBe5WfOJrIpMBBpAjNXeo2XkmMIIBipwLVJu9gXfMYmZd9RyAGQ74CYq-dFWBp7d8eDgdRAgAAAJdSAAAAAWgBB5kDVH-vDey2MUx0xwgdwnbLSQzPRm9wllU7SNhg0K_62di0kRT30zw0qKWseOvGJ0J6XMNtHmbJnIVss8LDM5ZlgrE8v10TSyHBrJl4tT7dMLV0TCOEIZWX1lAtZ_wfmj_FNjkoi_AAUFAa4YPX_jvNEeFAI8-Mbt4gAJRSOHcyRxBj-SBObTVxbxsZJ6tpsCB-ZHaE12K_e7Lz5DzWtGzGUTyDqilKOy4Xny3eaw41UPlSyh3NO0RDCMBPTcfJO68NQ3DgHsBM2qabnkOqrIfLeNgJENEvB78BGoTu2jGPN6SmxEcwozdS4TMS6mYma9Q_xWc4ycXvbq8vCAS-eEG3ndp9G5lTHQdnX6jEjloIOV711r15F8vvksvP0o1x0RDiKelE-WMFcYNm7w2NIl5Hkq_WcUKF5LVhYlvz4t5SG4ZzlTmr21OxAyzNpwd3f9As50kwrYNSC78rmuvvOzwUe6B5r_D3-JSi06LLVzqNqLOThAqxejdku-sbYzxceu8fhoVHKOgOioaI2DBVx5dzRTD_zazFBfmpYYx5hoJRfzdYvsPp0FJgo6nIucCUB6MiGG8Xea6iHNyVVfaIgrTi4Q1GnrJnYMPhEy3ui72xawJ69W2K5R-9ZR96DERuQtcKvruGvmx1C-nV-QAKDwduz5zwLmbdurDf5e1IPOEhdGtHpE2zm8XBKGp2O-FLbCxIED4Q21KPMYsZUghVmKdP13GXMWEWsiAHN6gOIP7gz3PsQj3tXkO3CSuAxn5a3XfHsTkF3Ii5qZ4W1UgIksN8yq4nGENms1tlbaqf4_e4xSV2pFGEIwkGkzBgAZRdnjA23kXil6n6L1cY45lNcwB8xzDEI08PGXZ9opLUa7dBMaSf9sxF0YVXIiBs9iU-11lCnUHzDRZSmCGIFxKtHUvSVofvliX7TiF1Ojn2e-G1etw9ZPPJ-NGmgwzvWbdSdg-z69vRZro6uA-NW_etvB59VNVWUcqSeKto_VMdzfuEhTW6soIzrMl92nCxWdhDMaNueueSxhaBxtkuwWnXXrNG1vGgYAQ7RGaMcCMpesi4Q-k2zBr9752sEW7s2HslFPhy4pRANXgyQWlr8kyck7_eeRyJpe0PEid76EEMRaz2rG14vV8DNA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5192 38 KB
16 KB 409ms
408ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046725&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992531939&bpp=126&bdt=89&idt=363&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1910587181&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320377%2C95320868%2C95320884&oid=2&pvsid=3459210345517852&tmod=1566219697&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.zho22i8nz53m&fsb=1&dtd=368

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe773bf6d489549e8867fecbcf67da262edd5d5530424ff2f151e82feb528d2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 16263
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 13:28:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8C8D 0
0 57ms
57ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsseFZ5FS7mTRknGeuHRlFbEbpdWE6OLIIZk0WyC08aFatQ5Utv8p2FfPmnMMVVZLWyFcoh5Kk0R1YI8EeGAsM5t8XED4rYZCpWXrYXbUrpnh6If23FYv02E2QZ9-YaavsNr9BREqSMM4xJn0uIBPOt6vFmxLdJfBS2o-qGSqHTbNneCbkTNhEoSvv__w89fwBxBg2Hc9ni3AvL9e38doBmQAt0fH9QhO2U5Xtqxuc9OKY6uJrIVJry2jyH3lr2tQl5aKZSdOm2HyxJmn8Q3vkxSYYL_KRe0scypa-OCLZWJTFegRzSkF-sfezSmw5TDJ2MNEo8XfL0BxaagI-QZxOsjoSmlNyc4crfdkrmsRZzyB4yI5g0bT8LeNCkFQPbZMvj9c2gf-g6Vp9gWibxtsg&sai=AMfl-YRSsXEhd9PCV3dF4HQwlRQmwwEUXXH1JKLzChuOkRBpXtajf0ZOOQv-poK1Wuh5i8kDNIRhawJLOLMbIN8&sig=Cg0ArKJSzH6RrmUn9OkYEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Dec 2023 13:28:52 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8C8D 16 KB
12 KB 72ms
72ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

417823dde6bd23c1c42930a1a36e850148e826c50bed34988c797c33b89b3d88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12243
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4CA2 0
0 58ms
58ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=3606132586892117&bg=!UVKlUh3NAAY3kmNgF5I7ADQBe5WfOAmc3_b4BvRwjEG_1R8DxS_zMCGm-CXEw6luKE1_yxbBWFmtejOoZrauFkwZlOW4AgAAAJFSAAAAAmgBBwoAK6HrmGL2csy0kPwbY0q77xHWrHtxNv4JR0ApNmYy7JCOq2NLDasBQ0rMVceZAzN0tTh-PeZysiUn0Q6l91O1ScTltF3aAqG3fG_WTpy33-vXbPNZg02S9YBScraMUWacfI3HZ49e3PdQPCtB66F--EwrB78n3AhvejtNiuklRet_Kt7QOx-7tt4IAOTtKdQjyNuiBjCIR17IY6SjuU1z6-6eAM5DPKRFNfSSiHH4rW3m8d2qXcxRuxYumUdcgjfhzXAeVqAd6gfK-JwVJF1GfIjb4O4GNfLTJJgIhChGvkWLdrH3OzTAibFt2oJueaZ42meDmDsICAaunjsh02VRjBYK8oXsHlt34v-sq7EYvuC1qXQjOAUN3qVC66bdU_Yoo1OD6qXZOQAliHYre9xrMTmLnrJjd_rtShDSrt4Ptu_WgPlPV3jwsDms7pJfh7DecNPZf-Ns4wCOkllBcRHeY7EQjBu_vLKPIQKJkz5Yp3MgRrYGs-IjKBFA6uAhwaeEzQ4jYd-hwYJqhcem4GhOJNtattdhtoWCWAQBmlySejsccUrmW4akpt_IvkSWRprvAHlO2E_0T5wSndQI0U-Yv0m2AdZbwFKPIf7M31g4e-La-jFwscntijR68AmymL1M_bm2cpYuEevXQOSuxHvHaJecYXGGcd2H9ijBdrQoA-LJu3nhd4-3OP6VsQelDXYpZvQdoeqYD7E035L4LyT7ce_hgwj-M12F_P2O3MEl_llFLD_oEZYuZbquyqdndk7oLjXYEbls6R8-5oBSxiSm5sJdFOU0Cwq3x1QTtxpiVwueeolvcdTE20wjZCU9ZWRUx27ydXiQry-X2L_NeMNQLmlkop40tQp7UvHAzKxYrBwHTW_WXbqKxWTu1VjPexh03iqyGP-KodcolPCZhCwInhNJlEiy2k2xLDIinsh7ExJRhjSyWkU2LWcyonSk2QnO1Xmap5UZ_aXT3FJwni9DYXk7PHhXm70HszjjVn0YtAn6BeanUV0EZ9yIF5v74Ghvlp3k2Jly3vmLo1khF_RgTpCsO3aoG8No7CypxuO6Fu309Vb1ytFz8BHP22jlDrtS20J9SMzq4r6SK2gJDGyjxZUq7OqXOO6Rt9f3wossOBVOsTiVT9AvOIzyLLhEk8U74P8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8C8D 17 KB
6 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 13:28:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 456A 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992531635&bpp=138&bdt=105&idt=340&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C95320885&oid=2&pvsid=2417075223100956&tmod=1972741523&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.3n5avnf8mfgx&fsb=1&dtd=345

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 11:16:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7942
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 11:16:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 456A 20 KB
8 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992531635&bpp=138&bdt=105&idt=340&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C95320885&oid=2&pvsid=2417075223100956&tmod=1972741523&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.3n5avnf8mfgx&fsb=1&dtd=345

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41673
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 01:54:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 456A 0
0 29ms
29ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSkMuzcCt5p33Lp_PY3RacqKK-2PKHWpRwDg62eRadWzgp6rfT9fiSO4gHUAgt5V2YIHwbIuPIWbHHWzAUnNds3tB-QVw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992531635&bpp=138&bdt=105&idt=340&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C95320885&oid=2&pvsid=2417075223100956&tmod=1972741523&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.3n5avnf8mfgx&fsb=1&dtd=345
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 456A 203 KB
64 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992531635&bpp=138&bdt=105&idt=340&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C95320885&oid=2&pvsid=2417075223100956&tmod=1972741523&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.3n5avnf8mfgx&fsb=1&dtd=345

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 13:28:52 GMT

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 64E2 2 KB
2 KB 55ms
54ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1kpyqspz84xzrrpk8n5kn6g22qbg54pm14166fdwngp936rbykwfe0bdjsbya7568nk00ehw4m9a96wb808m8b9a5mx8zm001nv0n04xtswvj9djy0kzynyst7qj9yxhct8h0p0zdzs4b3kkptb4mwkmcjen493tzs5knq7vtqtpxb3b5tjtts5mb8pgnb4ke7t3jf61wnxb66wvear7wkd3xpzt8srgmrcq4rsm4n0hhbx5a7wj3m2jay0cmevvmz9c4t3rknmh3cw2ab44naqdxd5zzt41bxe1yswbmrfxev8kwhezgnbhnjtp00mt01x4fnkgqpmx3ezctq5a0czv063c92s4dkqd64bec17yfmkmakpw18w0p78pe9d2s3bzg0z71rr9vwce8w11n44tbt7rf0b5t33z88km62bms2xt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_-JTlJqBZYTMBIKVigPdjqDwDJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAgCIDL1wVbI-qAMByAMCqgTPAU_QK8x4WPxNOsZQhaQFpX_Yq_axQIIUrDI7iHuzRodNh8BLPvv5ephT25a13FRAK8HTt3__Y6c8HOpSC0B6gnXC870pS-Pmu-QDmYl_h8v0XJNHY2ygqa1lvd_vAlvO5ViQEpiXc2vj6J4BqsWVqRBA52bgMSAWF0qdQUcDQOzhAOydnksYH63isibApcwAnfOTZhE85isIPHHh5XaVvbBSe3zgZbkkD-I1jvGILPAQniMCfHee3_I0Xmf4CKyNnVNn74qk1psFtVpmpC0a2oAG6M3OyvrOxsHXAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliIpbPHzZuDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_13Iqwx-xAu05b2ZmEEIzv3423Miw%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992531635&bpp=138&bdt=105&idt=340&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C95320885&oid=2&pvsid=2417075223100956&tmod=1972741523&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.3n5avnf8mfgx&fsb=1&dtd=345

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d203cdd85598d9b239cea8b7a4de019002720afc086f326f045c1778507fef0e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 837ffdbf9b60bbd3-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 13:28:52 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0C39 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992531635&bpp=138&bdt=105&idt=340&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C95320885&oid=2&pvsid=2417075223100956&tmod=1972741523&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.3n5avnf8mfgx&fsb=1&dtd=345

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85162
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Dec 2023 13:49:30 GMT
etag: 48472445140208031
expires: Tue, 19 Dec 2023 13:49:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0C39
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEJqRPY2YB7ROCA11-74CfAg&google_cver=1&google_push=AXcoOmT1ZziQt9cReqi3X-t8qDltAnm1ixH7NMPvvlJkPhIPK55HRqLn6b1bL3h_1Vw6zf8hPbMKdWxVIgLatZTV17D863fqOTECjo...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BD3554EA92ED4A3CBBF6CD013D5E4A81&google_push=AXcoOmT1ZziQt9cReqi3X-t8qDltAnm1ixH7NMPvvlJkPhIPK55HRqLn6b1bL3h_1Vw6zf8hPbMKdWxVIgLatZT...

170 B
188 B

34ms
33ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BD3554EA92ED4A3CBBF6CD013D5E4A81&google_push=AXcoOmT1ZziQt9cReqi3X-t8qDltAnm1ixH7NMPvvlJkPhIPK55HRqLn6b1bL3h_1Vw6zf8hPbMKdWxVIgLatZTV17D863fqOTECjoXSrDqiA5woyo6kOr6kbuTRL-aFlKSHVWixz6GILwJVj6ksbD8nqqs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992531635&bpp=138&bdt=105&idt=340&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C95320885&oid=2&pvsid=2417075223100956&tmod=1972741523&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.3n5avnf8mfgx&fsb=1&dtd=345

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 19 Dec 2023 13:28:52 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BD3554EA92ED4A3CBBF6CD013D5E4A81&google_push=AXcoOmT1ZziQt9cReqi3X-t8qDltAnm1ixH7NMPvvlJkPhIPK55HRqLn6b1bL3h_1Vw6zf8hPbMKdWxVIgLatZTV17D863fqOTECjoXSrDqiA5woyo6kOr6kbuTRL-aFlKSHVWixz6GILwJVj6ksbD8nqqs
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 18 Dec 2023 13:28:52 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0C39
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENmpximuHD9t1JS9nj6K0ec&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENmpximuHD9t1JS9nj6K0ec&google_hm=ZYGak24RnfZ4sik8VVsHsQAACFAAAAIB&google_nid=index&google_push=AXcoOmQLo5_029TBN259v6VDbP1IwtU-y2Knj...

170 B
188 B

46ms
46ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENmpximuHD9t1JS9nj6K0ec&google_hm=ZYGak24RnfZ4sik8VVsHsQAACFAAAAIB&google_nid=index&google_push=AXcoOmQLo5_029TBN259v6VDbP1IwtU-y2Knjmw0zCK5spX3D9WYdoym5AQwh0MpZKZNmVyy44oOmSkwwKrT_3GQttzv1OmbkMreJxlQxHssEaAuY6wn5Wbc0HL1ylyhxfjIstfXXGpvsAmE5cfNO95jeR0L

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992531635&bpp=138&bdt=105&idt=340&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C95320885&oid=2&pvsid=2417075223100956&tmod=1972741523&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.3n5avnf8mfgx&fsb=1&dtd=345

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RQhiXiYweN2Hx2Ad3kdI0%2BOBKwBMzNrT2Xz57zcgT%2BZKVRnAG%2Bts0IQma8GaXA5jeqxJ1LLeT19oBWr%2F124tDkQwc4aYjKRurPI7u3oE77hTgusmSdOKQoo2ZZ4xLoHhl2OW49SccCQgXA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENmpximuHD9t1JS9nj6K0ec&google_hm=ZYGak24RnfZ4sik8VVsHsQAACFAAAAIB&google_nid=index&google_push=AXcoOmQLo5_029TBN259v6VDbP1IwtU-y2Knjmw0zCK5spX3D9WYdoym5AQwh0MpZKZNmVyy44oOmSkwwKrT_3GQttzv1OmbkMreJxlQxHssEaAuY6wn5Wbc0HL1ylyhxfjIstfXXGpvsAmE5cfNO95jeR0L
cache-control: no-cache
cf-ray: 837ffdbfc9c62671-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0C39
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGpQ1oINF75SjAxFKtcIivQ&google_cver=1&google_push=AXcoOmSJ8Os8ij3l_52jyPakU9TThyH1cM_WCqjemsPhW1JYjIWKtmIALYTCTRgsrqWfu7oKnzzfs3kzRkKSdyWD4...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSJ8Os8ij3l_52jyPakU9TThyH1cM_WCqjemsPhW1JYjIWKtmIALYTCTRgsrqWfu7oKnzzfs3kzRkKSdyWD4vkvAZ78U09jpuxaEC4kdz-tGqmwELhsogcSbdaOFGK8Q...

170 B
188 B

36ms
35ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSJ8Os8ij3l_52jyPakU9TThyH1cM_WCqjemsPhW1JYjIWKtmIALYTCTRgsrqWfu7oKnzzfs3kzRkKSdyWD4vkvAZ78U09jpuxaEC4kdz-tGqmwELhsogcSbdaOFGK8QOlSyXi1ljfaMNq1apzWX0_Z&google_hm=H2OopGZHFL2Y1Z6PRDCVZbru

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992531635&bpp=138&bdt=105&idt=340&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C95320885&oid=2&pvsid=2417075223100956&tmod=1972741523&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.3n5avnf8mfgx&fsb=1&dtd=345

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 19 Dec 2023 13:28:52 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmSJ8Os8ij3l_52jyPakU9TThyH1cM_WCqjemsPhW1JYjIWKtmIALYTCTRgsrqWfu7oKnzzfs3kzRkKSdyWD4vkvAZ78U09jpuxaEC4kdz-tGqmwELhsogcSbdaOFGK8QOlSyXi1ljfaMNq1apzWX0_Z&google_hm=H2OopGZHFL2Y1Z6PRDCVZbru
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 200 ebda
match.360yield.com/match/ Frame 0C39 43 B
199 B 149ms
48ms Image
image/gif 34.255.77.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESELzitZAJzx41Q7HdYiGAJA8&google_cver=1&google_push=AXcoOmTyzhRHECSROZHXewkS3azXKp-dSgZ9SJl6jYB0TEt99_QXm-B-WTCZsOkyRC7L-UHijeH3VnX7mrO0YK_VvW4unv7bjTh-w_iGEFXA5_V43KNflf0BXa7jPTa_Ep9DgpxOv8V154Lt6QYI50KJ1RUM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992531635&bpp=138&bdt=105&idt=340&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C95320885&oid=2&pvsid=2417075223100956&tmod=1972741523&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.3n5avnf8mfgx&fsb=1&dtd=345
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.255.77.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-77-250.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 19 Dec 2023 13:28:52 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

report
sync.teads.tv/um/ Frame 0C39
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEArmzmPVO-pg...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmS9lzZjgUpP-WhnV9jtFDO-eFlc48J3qc23MkAYtmS1kg_6qmufdTopOxcy343qEq_NphHDTv2kBc0ebyr90E8au-FiAiDhSUZeXUjMAxno2zLol...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

53ms
53ms

Image
image/gif

2.19.245.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992531635&bpp=138&bdt=105&idt=340&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C95320885&oid=2&pvsid=2417075223100956&tmod=1972741523&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.3n5avnf8mfgx&fsb=1&dtd=345
Protocol: H2
Server: 2.19.245.101 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-245-101.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 19 Dec 2023 13:28:52 GMT
pragma: no-cache
date: Tue, 19 Dec 2023 13:28:52 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0C39
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEPw8PMwefAaZY0kFEDfWg-Q&google_cver=1&google_push=AXcoOmSNJM-2ZJaTX...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEPw8PMwefAaZY0kFEDfWg-Q%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzA0MzY3Mjc3MTY2MjIzMzEwMQ%3D%3D&google_gid=CAESEPw8PMwefAaZY0kFEDfWg-Q&google_cver=1&google_push=AXcoOmSNJM-2ZJaTXoWmxu-R8boR2HQxiI...

170 B
188 B

36ms
36ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzA0MzY3Mjc3MTY2MjIzMzEwMQ%3D%3D&google_gid=CAESEPw8PMwefAaZY0kFEDfWg-Q&google_cver=1&google_push=AXcoOmSNJM-2ZJaTXoWmxu-R8boR2HQxiIrrZR108S1_QS8Qll_JfzkvLPhai7f4CErxAbqHrZOL15vGfN5z6SmO26NpMq6Ve-MfaoyZxJZVhBHbIefFtThCYzbn8ICMK1TrYS7-xepE0iQcGXMZTprytilp

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992531635&bpp=138&bdt=105&idt=340&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C95320885&oid=2&pvsid=2417075223100956&tmod=1972741523&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.3n5avnf8mfgx&fsb=1&dtd=345

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:52 GMT
an-x-request-uuid: ba1f76dc-05c8-4304-ae96-b30b9355288b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NzA0MzY3Mjc3MTY2MjIzMzEwMQ%3D%3D&google_gid=CAESEPw8PMwefAaZY0kFEDfWg-Q&google_cver=1&google_push=AXcoOmSNJM-2ZJaTXoWmxu-R8boR2HQxiIrrZR108S1_QS8Qll_JfzkvLPhai7f4CErxAbqHrZOL15vGfN5z6SmO26NpMq6Ve-MfaoyZxJZVhBHbIefFtThCYzbn8ICMK1TrYS7-xepE0iQcGXMZTprytilp
x-proxy-origin: 84.19.175.165; 84.19.175.165; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0C39
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=8c00e809-1747-432b-a00d-0f655c169d8c&google_cver=1&google_gid=CAESEMT1coLx2LI5vch2TrA4jPA&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
188 B

34ms
34ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=8c00e809-1747-432b-a00d-0f655c169d8c&google_cver=1&google_gid=CAESEMT1coLx2LI5vch2TrA4jPA&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTajCwLVgoevhIq7YyTlOjR-7Oq4IY0sQuTf4ipnd22XjPHDxZop7SY_BpuxgHo3kJ5NnUN_I7vU5GpwO3EFkQUBOleMzA3wVgjEcjg6tT5XQoWibohpIuLQg-dunAVHzaPWrKOuAolh2_4XEYs8kjctQ&gdpr=${GDPR}

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992531635&bpp=138&bdt=105&idt=340&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C95320885&oid=2&pvsid=2417075223100956&tmod=1972741523&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.3n5avnf8mfgx&fsb=1&dtd=345

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=8c00e809-1747-432b-a00d-0f655c169d8c&google_cver=1&google_gid=CAESEMT1coLx2LI5vch2TrA4jPA&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTajCwLVgoevhIq7YyTlOjR-7Oq4IY0sQuTf4ipnd22XjPHDxZop7SY_BpuxgHo3kJ5NnUN_I7vU5GpwO3EFkQUBOleMzA3wVgjEcjg6tT5XQoWibohpIuLQg-dunAVHzaPWrKOuAolh2_4XEYs8kjctQ&gdpr=${GDPR}
date: Tue, 19 Dec 2023 13:28:52 GMT
server: _
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0C39 0
12 B 31ms
30ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LLQObCquq5v6grLg5Rd28P61DxtQa8bWL26bPspCbRzljJaku0NZZnYhsIFl6DrfceiD09D6cD

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992531635&bpp=138&bdt=105&idt=340&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C95320885&oid=2&pvsid=2417075223100956&tmod=1972741523&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.3n5avnf8mfgx&fsb=1&dtd=345

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:52 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2B1C 13 KB
5 KB 21ms
21ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7940
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 11:16:32 GMT
expires: Wed, 18 Dec 2024 11:16:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6384 829 B
560 B 33ms
33ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

903e80743f2a6631edd7d0bf3d209a3b8d301d76f82c8c47537bd4bfe8f98b65

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-prMmpVCD9WNUeP5Adzv1Jg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-prMmpVCD9WNUeP5Adzv1Jg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 13:28:52 GMT
expires: Tue, 19 Dec 2023 13:28:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 64E2 115 KB
14 KB 40ms
40ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kpyqspz84xzrrpk8n5kn6g22qbg54pm14166fdwngp936rbykwfe0bdjsbya7568nk00ehw4m9a96wb808m8b9a5mx8zm001nv0n04xtswvj9djy0kzynyst7qj9yxhct8h0p0zdzs4b3kkptb4mwkmcjen493tzs5knq7vtqtpxb3b5tjtts5mb8pgnb4ke7t3jf61wnxb66wvear7wkd3xpzt8srgmrcq4rsm4n0hhbx5a7wj3m2jay0cmevvmz9c4t3rknmh3cw2ab44naqdxd5zzt41bxe1yswbmrfxev8kwhezgnbhnjtp00mt01x4fnkgqpmx3ezctq5a0czv063c92s4dkqd64bec17yfmkmakpw18w0p78pe9d2s3bzg0z71rr9vwce8w11n44tbt7rf0b5t33z88km62bms2xt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_-JTlJqBZYTMBIKVigPdjqDwDJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAgCIDL1wVbI-qAMByAMCqgTPAU_QK8x4WPxNOsZQhaQFpX_Yq_axQIIUrDI7iHuzRodNh8BLPvv5ephT25a13FRAK8HTt3__Y6c8HOpSC0B6gnXC870pS-Pmu-QDmYl_h8v0XJNHY2ygqa1lvd_vAlvO5ViQEpiXc2vj6J4BqsWVqRBA52bgMSAWF0qdQUcDQOzhAOydnksYH63isibApcwAnfOTZhE85isIPHHh5XaVvbBSe3zgZbkkD-I1jvGILPAQniMCfHee3_I0Xmf4CKyNnVNn74qk1psFtVpmpC0a2oAG6M3OyvrOxsHXAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliIpbPHzZuDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_13Iqwx-xAu05b2ZmEEIzv3423Miw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kpyqspz84xzrrpk8n5kn6g22qbg54pm14166fdwngp936rbykwfe0bdjsbya7568nk00ehw4m9a96wb808m8b9a5mx8zm001nv0n04xtswvj9djy0kzynyst7qj9yxhct8h0p0zdzs4b3kkptb4mwkmcjen493tzs5knq7vtqtpxb3b5tjtts5mb8pgnb4ke7t3jf61wnxb66wvear7wkd3xpzt8srgmrcq4rsm4n0hhbx5a7wj3m2jay0cmevvmz9c4t3rknmh3cw2ab44naqdxd5zzt41bxe1yswbmrfxev8kwhezgnbhnjtp00mt01x4fnkgqpmx3ezctq5a0czv063c92s4dkqd64bec17yfmkmakpw18w0p78pe9d2s3bzg0z71rr9vwce8w11n44tbt7rf0b5t33z88km62bms2xt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_-JTlJqBZYTMBIKVigPdjqDwDJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAgCIDL1wVbI-qAMByAMCqgTPAU_QK8x4WPxNOsZQhaQFpX_Yq_axQIIUrDI7iHuzRodNh8BLPvv5ephT25a13FRAK8HTt3__Y6c8HOpSC0B6gnXC870pS-Pmu-QDmYl_h8v0XJNHY2ygqa1lvd_vAlvO5ViQEpiXc2vj6J4BqsWVqRBA52bgMSAWF0qdQUcDQOzhAOydnksYH63isibApcwAnfOTZhE85isIPHHh5XaVvbBSe3zgZbkkD-I1jvGILPAQniMCfHee3_I0Xmf4CKyNnVNn74qk1psFtVpmpC0a2oAG6M3OyvrOxsHXAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliIpbPHzZuDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_13Iqwx-xAu05b2ZmEEIzv3423Miw%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1061256
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=egSMvZ0lfVA7gKpk2%2Fo%2BjmppFqPqAOSql6wKk9W102hBhVVJCq%2F3W%2BKwXUA27Wcc5G7tJ4zoIXUiDjmJdCWtqY2oYm1j%2F6mIOs1uiIHGVaicD79wBHFf99HbSBIU33RG8%2FmVBEAT2Oc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 837ffdbffbd5bbd3-FRA
expires: Wed, 20 Dec 2023 13:28:52 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 64E2 24 KB
10 KB 38ms
37ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kpyqspz84xzrrpk8n5kn6g22qbg54pm14166fdwngp936rbykwfe0bdjsbya7568nk00ehw4m9a96wb808m8b9a5mx8zm001nv0n04xtswvj9djy0kzynyst7qj9yxhct8h0p0zdzs4b3kkptb4mwkmcjen493tzs5knq7vtqtpxb3b5tjtts5mb8pgnb4ke7t3jf61wnxb66wvear7wkd3xpzt8srgmrcq4rsm4n0hhbx5a7wj3m2jay0cmevvmz9c4t3rknmh3cw2ab44naqdxd5zzt41bxe1yswbmrfxev8kwhezgnbhnjtp00mt01x4fnkgqpmx3ezctq5a0czv063c92s4dkqd64bec17yfmkmakpw18w0p78pe9d2s3bzg0z71rr9vwce8w11n44tbt7rf0b5t33z88km62bms2xt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_-JTlJqBZYTMBIKVigPdjqDwDJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAgCIDL1wVbI-qAMByAMCqgTPAU_QK8x4WPxNOsZQhaQFpX_Yq_axQIIUrDI7iHuzRodNh8BLPvv5ephT25a13FRAK8HTt3__Y6c8HOpSC0B6gnXC870pS-Pmu-QDmYl_h8v0XJNHY2ygqa1lvd_vAlvO5ViQEpiXc2vj6J4BqsWVqRBA52bgMSAWF0qdQUcDQOzhAOydnksYH63isibApcwAnfOTZhE85isIPHHh5XaVvbBSe3zgZbkkD-I1jvGILPAQniMCfHee3_I0Xmf4CKyNnVNn74qk1psFtVpmpC0a2oAG6M3OyvrOxsHXAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliIpbPHzZuDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_13Iqwx-xAu05b2ZmEEIzv3423Miw%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 533643
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xj1hW8PWVTnrpA77UOe5XheZxmDn5oVR6Tosc0stAqZ%2BOhfSc70jamVf1t4sP38VdQQUaLlSSnsH0k0TganlVuwnGGRn0NJc8VK%2FZDjWZIpk0u1x6tl5CUyyKqcMbHheWP%2BXOeA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 837ffdbffbd6bbd3-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 09:14:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6384 0
0 54ms
54ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=3070742680505491&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 2B1C 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 09:20:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 09:20:07 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 456A 0
19 B 64ms
63ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4bg-lJqBZYTMBIKVigPdjqDwDJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAgCIDL1wVbI-qAMByAMCqgTMAU_QK8x4WPxNOsZQhaQFpX_Yq_axQIIUrDI7iHuzRodNh8BLPvv5ephT25a13FRAK8HTt3__Y6c8HOpSC0B6gnXC870pS-Pmu-QDmYl_h8v0XJNHY2ygqa1lvd_vAlvO5ViQEpiXc2vj6J4BqsWVqRBA52bgMSAWF0qdQUcDQOzhAOydnksYH63isibApcwAnfOTZhE85isIPHHh5XaVvbBSe3zgZblmDcOnWQgPbDiX1rXYNeVs5uY-823WEHENXxr1Fx66-oPQacUmbIAG6M3OyvrOxsHXAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliIpbPHzZuDA4AKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi01ODg0Mjk0NDc5MzkxNjM4GJnSIQ&sigh=3kUjHIaRzcE&uach_m=%5BUACH%5D&cid=CAQSKQAvHhf_IIKkG8sqcanGjrL0hHvyt53IYcX8eLZxU0FHB7O_h8UzdLbtGAE&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992531635&bpp=138&bdt=105&idt=340&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C95320885&oid=2&pvsid=2417075223100956&tmod=1972741523&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.3n5avnf8mfgx&fsb=1&dtd=345

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992531635&bpp=138&bdt=105&idt=340&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C95320885&oid=2&pvsid=2417075223100956&tmod=1972741523&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.3n5avnf8mfgx&fsb=1&dtd=345
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 19 Dec 2023 13:28:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 456A 0
39 B 33ms
32ms Image
image/gif 2600:1901:0:76b9::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1ks4p34m9a1ed7gemrdczsphr73s7j89j7v9hd1gvz83cv0swq4e81z1m19463tkmbkw67edpsj31e9j43myq8ny83b0qverdwszteqckdj2st3cvwrqpzfz53nncd20nxh2vzfgbascmsef4w1672qqm1mxhc3qhpkdzkay0ex0660yvas26w2cdgm8nwd9zv795qd97s9m70b3hvwqb00f4wt4yg4mt7jyk74jvaczathzktdk3mpnwh703pwjdff7xj3p10557e1d5wz1fjzk1fyx0efgntxat0rq3r1f0vq2q0y1fe5tfk0jayjwvqw3xgc6ha29jvh9myy7z7hh8gt7xapgs9jgdr5jdty87prqqe940qm7hv7jjcp9m833y0gnvr&b=ZYGalAABJgQKYoqCAAgHXTvcTrxn1-WrClAnaQ&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=50&slotname=3654094576&adk=4084513633&adf=3173046726&pi=t.ma~as.3654094576&w=320&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992531635&bpp=138&bdt=105&idt=340&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=2547597292&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079758%2C95320885&oid=2&pvsid=2417075223100956&tmod=1972741523&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.3n5avnf8mfgx&fsb=1&dtd=345
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 19 Dec 2023 13:28:52 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame D9C7 2 KB
1 KB 38ms
38ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1807716
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 837ffdc05c42bbd3-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Tue, 19 Dec 2023 13:28:52 GMT
expires: Tue, 28 Nov 2023 16:19:58 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YmkAkYX%2BjAGIQIoxf8aaRjFT8tyC8WrdZ9cbzqrDUMl%2Bno1N2DfY5tFrcXscs5PKRbOWIlBCu6z3%2BZNa7RHCMnrqSY%2FZlq8ggGPBBzqxmD9ZR5QhvbMj%2FLcIvHuB6od%2FR7QM%2BOE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2B1C 0
11 B 21ms
21ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?A2mUbg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 rs Show response
ad4m.at/ Frame 64E2 1 KB
1 KB 67ms
67ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf9b056ab56944f3ca3595b79ce510cdddeb83dcea2844e4b6ad145e39cbb3dd

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 19 Dec 2023 13:28:52 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0W2NvYX2QybmNsCxUrGyflXjoF2Fg4EzIjOG7FYP%2BLSW3ZOQ4W5KWq%2FgQ1JZRzTQgP7ZhQWXEHHh3kOAXU8C%2B7UgcUIvr9Bokn664bhjTqWng7mLI0THM5GcmyHROh2MCC2pDPs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 837ffdc0ef0a5d92-FRA
x-backend-server: aa-reachservice-group-europe-west1-q8vt
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 45ms
45ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 837ffdc0aead5d92-FRA
content-length: 24
content-type: text/plain
date: Tue, 19 Dec 2023 13:28:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dsdTtkhr%2B3Xibnpfrma7TZiKjxebyedCrsztFmsK%2FmYg5vnWPc3g90tsUH9jzAt5H%2FhCNL8HupfUR25XSvALdmz7wLCUYURzrsETDfvm%2FYs9m8Nr1qGmAtVZK8XIiMhfSgUMOX4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-q8vt

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7A5C 0
0 57ms
57ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjDDWPUoeC0bALc6cLL9wSdsvEVFpklU-qthWSeI33t90yjalK_dYc6GR9hOtODAaqTNuiGQlimSs1bGDmp6xBqu7PWMn0uo_vCAe1KdAoUHq87WWLr7dXGmuCHwsWtKYoXxXQzXt_0xM2HnI0E7Wyb7e3sbFBfkBjb7rkv78nQCNSnpsgs7utHz2QOwSv3aUvMhHJ_0FgHHqtmplooQl_RZ_qv5TLdYfdaQ6gG_e5t4u5E8DGM2jEX-O_-GBTNSFLs537eLTOdYPFvrzumndsUzAA2v6wAgouRonHhMtgRQjQrKR_Oe_5cemVpGg0ZiJZiHZgcdWnLfr_o2mivNns0E-2Z_O1oCE7ROK50PZLJQ2UuwnXwy1tgGy79w4XVbR6Uf_ULkajZhIrp3-6cw&sai=AMfl-YRO1cB6rqSKoRj21Tn4vCpOxbUG5uKEqgpBfeHRKx6TXDp612xo4FcIEt8A_zTsRk0Nzpri7mj_mGHsVJY&sig=Cg0ArKJSzBEkOOrtQjqUEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Dec 2023 13:28:52 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7A5C 16 KB
12 KB 74ms
74ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

555358ee1a75b33781d38c4ba26d19461112fdfa72a7f6f4f4917cbfb439a92d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12102
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7A5C 17 KB
6 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 13:28:52 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 34E9 3 KB
3 KB 48ms
48ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=15579&b=prmh1fgf43PHkH4HmtztrMBf9SRTEXQaA9&f=JBeszf5fx45tBH6H7tqCQBGCxSgTbWguA8&c=320&d=50&e=&g=e0be80e24dd0429f194d132811912d85%2F16896158332824084429&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1702992532650&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kc0tctxxeafkaab481y9sc364df9wmx7c2rkpyexs4x366nq41a622jb4wgdgf8dfecz4g0nbb3a3tv5txdhn2zbfwqk8azy3dftfp6k7sknvjfz8b6ydfvws12nsepnxx14fm3m9r93j14918nxgtvzr9ksqt6g2ns4ckt1gx0abg79dhjv0kdvz2tk222syzec5cg7sjm1scf73bsgbj2tfsjxa89rg92fahamvfa43bs9pyh7n80ysqdd3n7zbmtyknq26bj7vp3jjb0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_-JTlJqBZYTMBIKVigPdjqDwDJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAgCIDL1wVbI-qAMByAMCqgTPAU_QK8x4WPxNOsZQhaQFpX_Yq_axQIIUrDI7iHuzRodNh8BLPvv5ephT25a13FRAK8HTt3__Y6c8HOpSC0B6gnXC870pS-Pmu-QDmYl_h8v0XJNHY2ygqa1lvd_vAlvO5ViQEpiXc2vj6J4BqsWVqRBA52bgMSAWF0qdQUcDQOzhAOydnksYH63isibApcwAnfOTZhE85isIPHHh5XaVvbBSe3zgZbkkD-I1jvGILPAQniMCfHee3_I0Xmf4CKyNnVNn74qk1psFtVpmpC0a2oAG6M3OyvrOxsHXAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliIpbPHzZuDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_13Iqwx-xAu05b2ZmEEIzv3423Miw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6d8dd6b64f742b0b3879f56ea08f14d521d7e125999290f46a669000d3734f5

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1kpyqspz84xzrrpk8n5kn6g22qbg54pm14166fdwngp936rbykwfe0bdjsbya7568nk00ehw4m9a96wb808m8b9a5mx8zm001nv0n04xtswvj9djy0kzynyst7qj9yxhct8h0p0zdzs4b3kkptb4mwkmcjen493tzs5knq7vtqtpxb3b5tjtts5mb8pgnb4ke7t3jf61wnxb66wvear7wkd3xpzt8srgmrcq4rsm4n0hhbx5a7wj3m2jay0cmevvmz9c4t3rknmh3cw2ab44naqdxd5zzt41bxe1yswbmrfxev8kwhezgnbhnjtp00mt01x4fnkgqpmx3ezctq5a0czv063c92s4dkqd64bec17yfmkmakpw18w0p78pe9d2s3bzg0z71rr9vwce8w11n44tbt7rf0b5t33z88km62bms2xt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_-JTlJqBZYTMBIKVigPdjqDwDJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAgCIDL1wVbI-qAMByAMCqgTPAU_QK8x4WPxNOsZQhaQFpX_Yq_axQIIUrDI7iHuzRodNh8BLPvv5ephT25a13FRAK8HTt3__Y6c8HOpSC0B6gnXC870pS-Pmu-QDmYl_h8v0XJNHY2ygqa1lvd_vAlvO5ViQEpiXc2vj6J4BqsWVqRBA52bgMSAWF0qdQUcDQOzhAOydnksYH63isibApcwAnfOTZhE85isIPHHh5XaVvbBSe3zgZbkkD-I1jvGILPAQniMCfHee3_I0Xmf4CKyNnVNn74qk1psFtVpmpC0a2oAG6M3OyvrOxsHXAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliIpbPHzZuDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_13Iqwx-xAu05b2ZmEEIzv3423Miw%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 837ffdc15d58bbd3-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 13:28:52 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2E30 13 KB
5 KB 23ms
22ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7940
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 11:16:32 GMT
expires: Wed, 18 Dec 2024 11:16:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 874A 829 B
559 B 34ms
33ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cf99aa70eb3475a435b2784a0aea0bd033ff483f37a44f4fe2a8a0c1199f4983

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0-Vr4Q98t27QWB6gmmrWpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-0-Vr4Q98t27QWB6gmmrWpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 13:28:52 GMT
expires: Tue, 19 Dec 2023 13:28:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5192 3 KB
1 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046725&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992531939&bpp=126&bdt=89&idt=363&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1910587181&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320377%2C95320868%2C95320884&oid=2&pvsid=3459210345517852&tmod=1566219697&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.zho22i8nz53m&fsb=1&dtd=368

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 11:16:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7942
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 11:16:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5192 20 KB
8 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41673
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 01:54:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5192 0
0 29ms
29ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQcoXaZwvDBWH5p5y7CS9QhB6ZPZrPEg6I49uBmYkGag4zWElEmC_dV5jWvOWyGfIGPvW1yShocP_qbbaLfppP7iT9ZNw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046725&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992531939&bpp=126&bdt=89&idt=363&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1910587181&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320377%2C95320868%2C95320884&oid=2&pvsid=3459210345517852&tmod=1566219697&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.zho22i8nz53m&fsb=1&dtd=368
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5192 203 KB
64 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 13:28:52 GMT

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 32EF 2 KB
2 KB 50ms
50ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1kf1zptb81cyqtb8ssv0thbk5zw9my5tr63egxjs3jmmpw8w3q3rgepyarvgwe5yxsvqgyqwmdzg2cntexn4z29dk6m57gmpmee5bj44123bb2zkkw31h32gjdx9z66yp384nm5qbtc655892nta5dxjsr3aqngqaks2gv549kmx6k2ykszxw86knvgbcm9kdrsaa5z9twnyzcp0154dbwf6f01y84a3nej01j1rp1dt28nxzkd535f0z773s396vgs3bg9jeytk8y3z0kqkgmff3dgv1f0mnvmjxt8c814rjeh0mqay36t26t1bnm4185bmwahrg0q119pf66acs8zkfn70gymsr7zy84arp00fnk74bbhbxv097y7x6pa0cw15gevt6ytss3mrxy6yy5yfy1msx2qcdx739ek79ja610f2fg3g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnuUclJqBZdq1GMjq_tMPiLKp0AmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoEzwFP0BlPT7YSxhp0Y6uK5S2nGOiYyNhcJa4TulzoSxtAO6NNyCRnpvhSKW0nXIW9o6XLg-mnXhRc5kGR-NfbKBccutIjnes0FX9Vri9bumYSkIrbc49LGkz4qVSrDuOmxlrYtf3Q0VoFvA0uu1rJ2qImq5eOjmS-R0h8x8A9SUCT6kc-jaVkVeE6-7zNjsYfmu2RW6OpZzLZRunj3yL2GEdxrqcDzbgZk3uVNteEnYrsNrJ_ulLbS4XSxs-VvXb0k3rMOPUjJVSKjH73OvCo6UeABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_5HHx82bgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2PPpR_RtiItbt1fUtZwcYHHWCg5g%26client%3Dca-pub-5884294479391638%26adurl%3D

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5d90c8037ed57df815aced0edd776a42354f3166eb8f65bc660c6ab27e5b13d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 837ffdc19da0bbd3-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 13:28:52 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4F26 1 KB
643 B 22ms
22ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 85162
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Dec 2023 13:49:30 GMT
etag: 48472445140208031
expires: Tue, 19 Dec 2023 13:49:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 34E9 115 KB
14 KB 36ms
34ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579&b=prmh1fgf43PHkH4HmtztrMBf9SRTEXQaA9&f=JBeszf5fx45tBH6H7tqCQBGCxSgTbWguA8&c=320&d=50&e=&g=e0be80e24dd0429f194d132811912d85%2F16896158332824084429&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1702992532650&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kc0tctxxeafkaab481y9sc364df9wmx7c2rkpyexs4x366nq41a622jb4wgdgf8dfecz4g0nbb3a3tv5txdhn2zbfwqk8azy3dftfp6k7sknvjfz8b6ydfvws12nsepnxx14fm3m9r93j14918nxgtvzr9ksqt6g2ns4ckt1gx0abg79dhjv0kdvz2tk222syzec5cg7sjm1scf73bsgbj2tfsjxa89rg92fahamvfa43bs9pyh7n80ysqdd3n7zbmtyknq26bj7vp3jjb0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_-JTlJqBZYTMBIKVigPdjqDwDJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAgCIDL1wVbI-qAMByAMCqgTPAU_QK8x4WPxNOsZQhaQFpX_Yq_axQIIUrDI7iHuzRodNh8BLPvv5ephT25a13FRAK8HTt3__Y6c8HOpSC0B6gnXC870pS-Pmu-QDmYl_h8v0XJNHY2ygqa1lvd_vAlvO5ViQEpiXc2vj6J4BqsWVqRBA52bgMSAWF0qdQUcDQOzhAOydnksYH63isibApcwAnfOTZhE85isIPHHh5XaVvbBSe3zgZbkkD-I1jvGILPAQniMCfHee3_I0Xmf4CKyNnVNn74qk1psFtVpmpC0a2oAG6M3OyvrOxsHXAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliIpbPHzZuDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_13Iqwx-xAu05b2ZmEEIzv3423Miw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=15579&b=prmh1fgf43PHkH4HmtztrMBf9SRTEXQaA9&f=JBeszf5fx45tBH6H7tqCQBGCxSgTbWguA8&c=320&d=50&e=&g=e0be80e24dd0429f194d132811912d85%2F16896158332824084429&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1702992532650&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kc0tctxxeafkaab481y9sc364df9wmx7c2rkpyexs4x366nq41a622jb4wgdgf8dfecz4g0nbb3a3tv5txdhn2zbfwqk8azy3dftfp6k7sknvjfz8b6ydfvws12nsepnxx14fm3m9r93j14918nxgtvzr9ksqt6g2ns4ckt1gx0abg79dhjv0kdvz2tk222syzec5cg7sjm1scf73bsgbj2tfsjxa89rg92fahamvfa43bs9pyh7n80ysqdd3n7zbmtyknq26bj7vp3jjb0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_-JTlJqBZYTMBIKVigPdjqDwDJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAgCIDL1wVbI-qAMByAMCqgTPAU_QK8x4WPxNOsZQhaQFpX_Yq_axQIIUrDI7iHuzRodNh8BLPvv5ephT25a13FRAK8HTt3__Y6c8HOpSC0B6gnXC870pS-Pmu-QDmYl_h8v0XJNHY2ygqa1lvd_vAlvO5ViQEpiXc2vj6J4BqsWVqRBA52bgMSAWF0qdQUcDQOzhAOydnksYH63isibApcwAnfOTZhE85isIPHHh5XaVvbBSe3zgZbkkD-I1jvGILPAQniMCfHee3_I0Xmf4CKyNnVNn74qk1psFtVpmpC0a2oAG6M3OyvrOxsHXAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliIpbPHzZuDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_13Iqwx-xAu05b2ZmEEIzv3423Miw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1061256
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgJzaeDtym%2F0NiDZOV3ivdCdYTGwmPfTZ7e%2Fw7NVAKyJiL2LPWjr0hheWTWoFx1Kg7UpCCHMXQbWMQvva%2BcG%2FB7CHOpVaFa1MhDruvk4xiVPT0DBwxXpY5z%2B6k%2B0M1MiHXcLVtD1XIs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 837ffdc1adbfbbd3-FRA
expires: Wed, 20 Dec 2023 13:28:52 GMT

GET
H3 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 34E9 9 KB
9 KB 37ms
35ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579&b=prmh1fgf43PHkH4HmtztrMBf9SRTEXQaA9&f=JBeszf5fx45tBH6H7tqCQBGCxSgTbWguA8&c=320&d=50&e=&g=e0be80e24dd0429f194d132811912d85%2F16896158332824084429&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1702992532650&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kc0tctxxeafkaab481y9sc364df9wmx7c2rkpyexs4x366nq41a622jb4wgdgf8dfecz4g0nbb3a3tv5txdhn2zbfwqk8azy3dftfp6k7sknvjfz8b6ydfvws12nsepnxx14fm3m9r93j14918nxgtvzr9ksqt6g2ns4ckt1gx0abg79dhjv0kdvz2tk222syzec5cg7sjm1scf73bsgbj2tfsjxa89rg92fahamvfa43bs9pyh7n80ysqdd3n7zbmtyknq26bj7vp3jjb0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_-JTlJqBZYTMBIKVigPdjqDwDJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAgCIDL1wVbI-qAMByAMCqgTPAU_QK8x4WPxNOsZQhaQFpX_Yq_axQIIUrDI7iHuzRodNh8BLPvv5ephT25a13FRAK8HTt3__Y6c8HOpSC0B6gnXC870pS-Pmu-QDmYl_h8v0XJNHY2ygqa1lvd_vAlvO5ViQEpiXc2vj6J4BqsWVqRBA52bgMSAWF0qdQUcDQOzhAOydnksYH63isibApcwAnfOTZhE85isIPHHh5XaVvbBSe3zgZbkkD-I1jvGILPAQniMCfHee3_I0Xmf4CKyNnVNn74qk1psFtVpmpC0a2oAG6M3OyvrOxsHXAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliIpbPHzZuDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_13Iqwx-xAu05b2ZmEEIzv3423Miw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1590927
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 8772
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:13:38 GMT
server: cloudflare
etag: "15b1f39d668aa86c2ba2ba17d94cc733"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=chLHI2Ax6ZTkFZUcGDQBJrnpm2TSkAdrE5sfh4JmzBsNev6%2BI0Wv7lMOdGTkHGmCos6czxSIw2xnHaD%2BqpMc8sAjxqWzfzgosud2GaE6RvvMWd5v57wSG71TPc9xQwCksSF9lhytPnAcIfF7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837ffdc1adc2bbd3-FRA

GET
H3 200 60E988674A375A0D248F79BE73B17558F6DE13BA7BD626BA3ECE3CE45F1E8D4E2A797E05335FDF754A97E81953DCE8924DA57CE77B35FA4F8DC239219DA96769
assets.ad4m.at/ Frame 34E9 28 KB
29 KB 54ms
54ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/60E988674A375A0D248F79BE73B17558F6DE13BA7BD626BA3ECE3CE45F1E8D4E2A797E05335FDF754A97E81953DCE8924DA57CE77B35FA4F8DC239219DA96769
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579&b=prmh1fgf43PHkH4HmtztrMBf9SRTEXQaA9&f=JBeszf5fx45tBH6H7tqCQBGCxSgTbWguA8&c=320&d=50&e=&g=e0be80e24dd0429f194d132811912d85%2F16896158332824084429&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1702992532650&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kc0tctxxeafkaab481y9sc364df9wmx7c2rkpyexs4x366nq41a622jb4wgdgf8dfecz4g0nbb3a3tv5txdhn2zbfwqk8azy3dftfp6k7sknvjfz8b6ydfvws12nsepnxx14fm3m9r93j14918nxgtvzr9ksqt6g2ns4ckt1gx0abg79dhjv0kdvz2tk222syzec5cg7sjm1scf73bsgbj2tfsjxa89rg92fahamvfa43bs9pyh7n80ysqdd3n7zbmtyknq26bj7vp3jjb0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_-JTlJqBZYTMBIKVigPdjqDwDJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAgCIDL1wVbI-qAMByAMCqgTPAU_QK8x4WPxNOsZQhaQFpX_Yq_axQIIUrDI7iHuzRodNh8BLPvv5ephT25a13FRAK8HTt3__Y6c8HOpSC0B6gnXC870pS-Pmu-QDmYl_h8v0XJNHY2ygqa1lvd_vAlvO5ViQEpiXc2vj6J4BqsWVqRBA52bgMSAWF0qdQUcDQOzhAOydnksYH63isibApcwAnfOTZhE85isIPHHh5XaVvbBSe3zgZbkkD-I1jvGILPAQniMCfHee3_I0Xmf4CKyNnVNn74qk1psFtVpmpC0a2oAG6M3OyvrOxsHXAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliIpbPHzZuDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_13Iqwx-xAu05b2ZmEEIzv3423Miw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0471f27843ee42d45cf9b749a57ec4bbc26dd40f961989ed7cfe4e0f24ea6fe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3411285
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 28958
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:06:38 GMT
server: cloudflare
etag: "346e75cff96234b45fe664b527c7c88d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ESVZJmPv%2FRtk8Q7xX4TMeI2pSh0So8hxckbCWRaQmkOTjWLD5280IRaonkZz65R%2FoG8votWmcvRwdCfy471J%2BN04d7oe8bZ7zHMKSUYaLR%2F8dr2DiM70ybuuzssg34JZUcfVCPlnS5SJg0zu"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837ffdc1adc4bbd3-FRA

GET
H2 200 2aed39855b5f46b7d90f959867be60f8
pv.medialead.de/trck/epv/ Frame 34E9 0
326 B 59ms
49ms Image
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidprmh1fgf43PHkH4HmtztrMBf9SRTEXQaA9oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579&b=prmh1fgf43PHkH4HmtztrMBf9SRTEXQaA9&f=JBeszf5fx45tBH6H7tqCQBGCxSgTbWguA8&c=320&d=50&e=&g=e0be80e24dd0429f194d132811912d85%2F16896158332824084429&i=26474&j=41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1702992532650&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kc0tctxxeafkaab481y9sc364df9wmx7c2rkpyexs4x366nq41a622jb4wgdgf8dfecz4g0nbb3a3tv5txdhn2zbfwqk8azy3dftfp6k7sknvjfz8b6ydfvws12nsepnxx14fm3m9r93j14918nxgtvzr9ksqt6g2ns4ckt1gx0abg79dhjv0kdvz2tk222syzec5cg7sjm1scf73bsgbj2tfsjxa89rg92fahamvfa43bs9pyh7n80ysqdd3n7zbmtyknq26bj7vp3jjb0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_-JTlJqBZYTMBIKVigPdjqDwDJDhgYRctqjCivACwI23ARABIABglYKAgJgHggEXY2EtcHViLTU4ODQyOTQ0NzkzOTE2MzjIAQmpAgCIDL1wVbI-qAMByAMCqgTPAU_QK8x4WPxNOsZQhaQFpX_Yq_axQIIUrDI7iHuzRodNh8BLPvv5ephT25a13FRAK8HTt3__Y6c8HOpSC0B6gnXC870pS-Pmu-QDmYl_h8v0XJNHY2ygqa1lvd_vAlvO5ViQEpiXc2vj6J4BqsWVqRBA52bgMSAWF0qdQUcDQOzhAOydnksYH63isibApcwAnfOTZhE85isIPHHh5XaVvbBSe3zgZbkkD-I1jvGILPAQniMCfHee3_I0Xmf4CKyNnVNn74qk1psFtVpmpC0a2oAG6M3OyvrOxsHXAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOliIpbPHzZuDA_oLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_13Iqwx-xAu05b2ZmEEIzv3423Miw%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:52 GMT
attribution-reporting-register-source: {"source_event_id":"17200573720104426","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 2E30 39 KB
15 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 09:20:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 09:20:07 GMT

GET
DATA 200
OK truncated
/ Frame 5192 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 360a5574de6b21c65b045cdfe0700cd23c25cbdbea6320d6f462e078871aabfa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 4F26 0
103 B 40ms
39ms Image
text/plain 2a02:fa8:8806:21::1720
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECOb5_W1ODdp689XXtTmUME&google_cver=1&google_push=AXcoOmSi-mf_kuDfTzyvTAJVLPKjt2l4caI8EwoZr3QkHljxYRsuV4qdv1HRuhfJ_gG3UsWrEmh8bct-tWGpVnwvg7blrcXn9-ze
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046725&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992531939&bpp=126&bdt=89&idt=363&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1910587181&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320377%2C95320868%2C95320884&oid=2&pvsid=3459210345517852&tmod=1566219697&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.zho22i8nz53m&fsb=1&dtd=368
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:21::1720 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:52 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 4F26 43 B
145 B 28ms
27ms Image
image/gif 18.197.41.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEG7nXsMCm1Ilrp-SIaMuO7k&google_cver=1&google_push=AXcoOmT2ePFCRDWRPqCbPQ65hkU8W6IwSJR6LSGjJJzjJ6ugIV31LlroxnJmsOl5aaZTTShFEj6MaskiTj7qiwUNjd3mmemj2NU_
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046725&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992531939&bpp=126&bdt=89&idt=363&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1910587181&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320377%2C95320868%2C95320884&oid=2&pvsid=3459210345517852&tmod=1566219697&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.zho22i8nz53m&fsb=1&dtd=368
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.41.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-41-124.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 dds
rtb.openx.net/sync/ Frame 4F26 43 B
94 B 34ms
33ms Image
image/gif 35.227.252.103
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEMHvu2jOuJ8M-5_SeKs-etg&google_cver=1&google_push=AXcoOmROpylXy06wrs5wF5B-3U0hdNx6g-x2ww4WZw_0cMjlG4JryurP3pJf2z86sduVKGi7x31K04on_-E0inxlX2pSw_-Rzg3nXg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046725&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992531939&bpp=126&bdt=89&idt=363&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1910587181&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320377%2C95320868%2C95320884&oid=2&pvsid=3459210345517852&tmod=1566219697&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.zho22i8nz53m&fsb=1&dtd=368
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:52 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4F26
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENmpximuHD9t1JS9nj6K0ec&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENmpximuHD9t1JS9nj6K0ec&google_hm=ZYGak24RnfZ4sik8VVsHsQAACFAAAAIB&google_nid=index&google_push=AXcoOmRr1r_le49pHWX6yW9rF4Hx-nlbJFaS9...

170 B
188 B

35ms
32ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENmpximuHD9t1JS9nj6K0ec&google_hm=ZYGak24RnfZ4sik8VVsHsQAACFAAAAIB&google_nid=index&google_push=AXcoOmRr1r_le49pHWX6yW9rF4Hx-nlbJFaS9WvSyNqZRAwVai657_r7nkPVEZtEKLp87Fv4pe1wso2XkR7-N-97AFEs6FjRv99PLQ

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gBeb8cBgy%2Bw03Us1vFdOgVBeNt4yjO5ZnFbBgYiJTpYcrdY1lODm9qt%2BiLl%2FlGosy1MHgCWB2RngGdvmPutiP1zs9MQfszpjo4j3eZ7jhnTYeJTdniAR4Q54EeJ7pleCYNMkY9d3eQpMzw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENmpximuHD9t1JS9nj6K0ec&google_hm=ZYGak24RnfZ4sik8VVsHsQAACFAAAAIB&google_nid=index&google_push=AXcoOmRr1r_le49pHWX6yW9rF4Hx-nlbJFaS9WvSyNqZRAwVai657_r7nkPVEZtEKLp87Fv4pe1wso2XkR7-N-97AFEs6FjRv99PLQ
cache-control: no-cache
cf-ray: 837ffdc1dd462671-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4F26
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELcVwzf4LeLPBRzj-lkHnUY&google_cver=1&google_push=AXcoOmSRv0Wpu9AJoLvtV_6STTVM9NbqBiIxvVif8KBVjRGtWtosKSkdsGY4RoNMY0aanFXq9326_2na5cPkvU7nxc_IJRCdUqE9
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSRv0Wpu9AJoLvtV_6STTVM9NbqBiIxvVif8KBVjRGtWtosKSkdsGY4RoNMY0aanFXq9326_2na5cPkvU7nxc_IJRCdUqE...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQwNTU2MDQ5MzgzOTgxMDk3MTgyMQ%3D%3D&google_push=AXcoOmSRv0Wpu9AJoLvtV_6STTVM9NbqBiIxvVif8KBVjRGtWtosKSkd...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQwNTU2MDQ5MzgzOTgxMDk3MTgyMQ%3D%3D&google_push=AXcoOmSRv0Wpu9AJoLvtV_6STTVM9NbqBiIxvVif8KBVjRGtWtosKSkdsGY4RoNMY0aanFXq9326_2na5cPkvU7nxc_IJRCdUqE9

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQwNTU2MDQ5MzgzOTgxMDk3MTgyMQ%3D%3D&google_push=AXcoOmSRv0Wpu9AJoLvtV_6STTVM9NbqBiIxvVif8KBVjRGtWtosKSkdsGY4RoNMY0aanFXq9326_2na5cPkvU7nxc_IJRCdUqE9
date: Tue, 19 Dec 2023 13:28:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 4F26 0
44 B 32ms
32ms Image
text/plain 81.17.55.170
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEOZspfgDP1wnd9m1X3PKOic&google_cver=1&google_push=AXcoOmRYOf6YAF7KpGa_4hsOr6riTTat81oYjQ75SMlUoxVB7lOgfH2gCeDAynmu1Nm-7VI5DVlWggltRAK73qUfMyz0Oj1tlKwm1A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046725&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992531939&bpp=126&bdt=89&idt=363&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1910587181&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320377%2C95320868%2C95320884&oid=2&pvsid=3459210345517852&tmod=1566219697&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.zho22i8nz53m&fsb=1&dtd=368
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.170 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:52 GMT
content-length: 0

GET
H2

200

report
sync.teads.tv/um/ Frame 4F26
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEArmzmPVO-pg...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmR-Tv4HyB7bUoJEqa_oe6z3ZWIxPUXuyHoJZOw28adJYNjqSM6PE8pxqcD-o_DH19oBhgpK_8x4cK5RIxpO14qK9QEh0zXNbDc
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

52ms
52ms

Image
image/gif

2.19.245.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046725&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992531939&bpp=126&bdt=89&idt=363&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1910587181&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320377%2C95320868%2C95320884&oid=2&pvsid=3459210345517852&tmod=1566219697&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.zho22i8nz53m&fsb=1&dtd=368
Protocol: H2
Server: 2.19.245.101 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-245-101.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 19 Dec 2023 13:28:52 GMT
pragma: no-cache
date: Tue, 19 Dec 2023 13:28:52 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4F26 0
12 B 40ms
40ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LSQKqXuMEkmWH7TxfrgPNrCdAUyIAqv10CsBaqpo51YgT0WsJTlsmi7SOkpAS8KEBrSozvaQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:52 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 874A 0
0 65ms
64ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=2417075223100956&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 32EF 115 KB
14 KB 48ms
41ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kf1zptb81cyqtb8ssv0thbk5zw9my5tr63egxjs3jmmpw8w3q3rgepyarvgwe5yxsvqgyqwmdzg2cntexn4z29dk6m57gmpmee5bj44123bb2zkkw31h32gjdx9z66yp384nm5qbtc655892nta5dxjsr3aqngqaks2gv549kmx6k2ykszxw86knvgbcm9kdrsaa5z9twnyzcp0154dbwf6f01y84a3nej01j1rp1dt28nxzkd535f0z773s396vgs3bg9jeytk8y3z0kqkgmff3dgv1f0mnvmjxt8c814rjeh0mqay36t26t1bnm4185bmwahrg0q119pf66acs8zkfn70gymsr7zy84arp00fnk74bbhbxv097y7x6pa0cw15gevt6ytss3mrxy6yy5yfy1msx2qcdx739ek79ja610f2fg3g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnuUclJqBZdq1GMjq_tMPiLKp0AmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoEzwFP0BlPT7YSxhp0Y6uK5S2nGOiYyNhcJa4TulzoSxtAO6NNyCRnpvhSKW0nXIW9o6XLg-mnXhRc5kGR-NfbKBccutIjnes0FX9Vri9bumYSkIrbc49LGkz4qVSrDuOmxlrYtf3Q0VoFvA0uu1rJ2qImq5eOjmS-R0h8x8A9SUCT6kc-jaVkVeE6-7zNjsYfmu2RW6OpZzLZRunj3yL2GEdxrqcDzbgZk3uVNteEnYrsNrJ_ulLbS4XSxs-VvXb0k3rMOPUjJVSKjH73OvCo6UeABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_5HHx82bgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2PPpR_RtiItbt1fUtZwcYHHWCg5g%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kf1zptb81cyqtb8ssv0thbk5zw9my5tr63egxjs3jmmpw8w3q3rgepyarvgwe5yxsvqgyqwmdzg2cntexn4z29dk6m57gmpmee5bj44123bb2zkkw31h32gjdx9z66yp384nm5qbtc655892nta5dxjsr3aqngqaks2gv549kmx6k2ykszxw86knvgbcm9kdrsaa5z9twnyzcp0154dbwf6f01y84a3nej01j1rp1dt28nxzkd535f0z773s396vgs3bg9jeytk8y3z0kqkgmff3dgv1f0mnvmjxt8c814rjeh0mqay36t26t1bnm4185bmwahrg0q119pf66acs8zkfn70gymsr7zy84arp00fnk74bbhbxv097y7x6pa0cw15gevt6ytss3mrxy6yy5yfy1msx2qcdx739ek79ja610f2fg3g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnuUclJqBZdq1GMjq_tMPiLKp0AmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoEzwFP0BlPT7YSxhp0Y6uK5S2nGOiYyNhcJa4TulzoSxtAO6NNyCRnpvhSKW0nXIW9o6XLg-mnXhRc5kGR-NfbKBccutIjnes0FX9Vri9bumYSkIrbc49LGkz4qVSrDuOmxlrYtf3Q0VoFvA0uu1rJ2qImq5eOjmS-R0h8x8A9SUCT6kc-jaVkVeE6-7zNjsYfmu2RW6OpZzLZRunj3yL2GEdxrqcDzbgZk3uVNteEnYrsNrJ_ulLbS4XSxs-VvXb0k3rMOPUjJVSKjH73OvCo6UeABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_5HHx82bgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2PPpR_RtiItbt1fUtZwcYHHWCg5g%26client%3Dca-pub-5884294479391638%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1061256
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ugT%2BstAZZi8Y3GDVhMIJnWLZUQ7gUUeEdbJbOneFLmyQWUPTvYUAH4t0TTZDDFHbScj51ORlpzMLZqSCSEUmhn5djrI1jpdtH9GCG6A2Jh8SlWo2OLJS39nDjVhsYqGRS6Bp1Sd2vIQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 837ffdc20e34bbd3-FRA
expires: Wed, 20 Dec 2023 13:28:52 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 32EF 24 KB
10 KB 49ms
43ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kf1zptb81cyqtb8ssv0thbk5zw9my5tr63egxjs3jmmpw8w3q3rgepyarvgwe5yxsvqgyqwmdzg2cntexn4z29dk6m57gmpmee5bj44123bb2zkkw31h32gjdx9z66yp384nm5qbtc655892nta5dxjsr3aqngqaks2gv549kmx6k2ykszxw86knvgbcm9kdrsaa5z9twnyzcp0154dbwf6f01y84a3nej01j1rp1dt28nxzkd535f0z773s396vgs3bg9jeytk8y3z0kqkgmff3dgv1f0mnvmjxt8c814rjeh0mqay36t26t1bnm4185bmwahrg0q119pf66acs8zkfn70gymsr7zy84arp00fnk74bbhbxv097y7x6pa0cw15gevt6ytss3mrxy6yy5yfy1msx2qcdx739ek79ja610f2fg3g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnuUclJqBZdq1GMjq_tMPiLKp0AmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoEzwFP0BlPT7YSxhp0Y6uK5S2nGOiYyNhcJa4TulzoSxtAO6NNyCRnpvhSKW0nXIW9o6XLg-mnXhRc5kGR-NfbKBccutIjnes0FX9Vri9bumYSkIrbc49LGkz4qVSrDuOmxlrYtf3Q0VoFvA0uu1rJ2qImq5eOjmS-R0h8x8A9SUCT6kc-jaVkVeE6-7zNjsYfmu2RW6OpZzLZRunj3yL2GEdxrqcDzbgZk3uVNteEnYrsNrJ_ulLbS4XSxs-VvXb0k3rMOPUjJVSKjH73OvCo6UeABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_5HHx82bgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2PPpR_RtiItbt1fUtZwcYHHWCg5g%26client%3Dca-pub-5884294479391638%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 533643
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cjnQz%2Bs1WKUD1uHiPfMl4JM1FTL%2F9N5yy1ZFnC80Ni4fuuDJ%2BllKi0oUglxrmcXdZg0rC1fSGQicZlzS3IefgovYO5DzrHUIsFEXovKy43iEuGpW4iL1yxjb4OeAYPvBADUE3RE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 837ffdc20e36bbd3-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 09:14:49 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2E30 0
11 B 21ms
21ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?AohB-Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 32EF 350 B
913 B 93ms
39ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1665153
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKh6r35bJkprRAQMm%2FpdklLbvugUKStUQzfvhJX4EY6ULorSoVAnmzMUBYCr%2BGRv8OUEJfkosdEWppyeQ%2FkQNNlvjDvD3JZU48X%2BYT%2FUVyw23tO7pLUNNhzKFYe07bjkUEgQyZeedQ9jFZTe3cAIg0KC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837ffdc2ca3a1e5a-FRA
expires: Fri, 29 Nov 2024 06:56:19 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 80EC 2 KB
1 KB 40ms
40ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1807716
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 837ffdc27f17bbd3-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Tue, 19 Dec 2023 13:28:52 GMT
expires: Tue, 28 Nov 2023 16:19:58 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WOpsaJ4IGlBVZtXrwKXkzgcyjOemzU%2FK7ltYsXbvSW5Ufja22PodMhb69rdGa6mH3j7YhKM6VOBRIBUsLZwcjaQCymSOornrc7YZ1VOJzEyy27T0blGy43q3bTXRoo2AmwHB4EY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame 32EF 1 KB
2 KB 46ms
45ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8787bd9442b4025409549e4aaa0cf33224a7757bcd429097e3401dad31bc1ce8

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 19 Dec 2023 13:28:52 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tb1Pdzh4%2F7JofS8laTGXQ0V23vdJwuLypMpsrpa%2F02WKWCNW9bGUSHp6r3RPNRjvnt0WHNjTIeolf7tq8FcAFe5VzouYmYwV4AwX0kzNdr7ghcLUytK562sy0KEPYnFF%2BobFcBA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 837ffdc309235d92-FRA
x-backend-server: aa-reachservice-group-europe-west1-q8vt
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 43ms
43ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 837ffdc2b8df5d92-FRA
content-length: 24
content-type: text/plain
date: Tue, 19 Dec 2023 13:28:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HTv85%2FXdHZtOhubdOwj%2BXdrw4MjcB5w%2BAKVM6JXg%2B7wNKfyn1GS1hoMIP1NK6FB3ds%2BWJGkrWfWPDyWjS1yUQQkWLNPTssHRz%2FJLl%2B%2FdlYG2P4HDN7kJ2tutQ7p%2B8czWccShOtg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-q8vt

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5192 0
19 B 64ms
64ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C5y3mlJqBZdq1GMjq_tMPiLKp0AmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoEzAFP0BlPT7YSxhp0Y6uK5S2nGOiYyNhcJa4TulzoSxtAO6NNyCRnpvhSKW0nXIW9o6XLg-mnXhRc5kGR-NfbKBccutIjnes0FX9Vri9bumYSkIrbc49LGkz4qVSrDuOmxlrYtf3Q0VoFvA0uu1rJ2qImq5eOjmS-R0h8x8A9SUCT6kc-jaVkVeE6-7zNjsYfmu2RW6OpZzLZRunj3yL2GEdxrqcDzbgZ0Xm0pAB9GsoksfrpYBtJubzGzGKfk24pE7iFqg23O3iSWaJoejiABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_5HHx82bgwOACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTg4NDI5NDQ3OTM5MTYzOBiZ0iE&sigh=mHW8hekPhEg&uach_m=%5BUACH%5D&cid=CAQSKQAvHhf_fRrbJWsk7y4kepYkIXtOsh901NOe_9diT02l0FpOST1vAYV9GAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046725&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992531939&bpp=126&bdt=89&idt=363&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1910587181&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320377%2C95320868%2C95320884&oid=2&pvsid=3459210345517852&tmod=1566219697&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.zho22i8nz53m&fsb=1&dtd=368
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 19 Dec 2023 13:28:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame 5192 0
11 B 32ms
32ms Image
image/gif 2600:1901:0:76b9::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hntqqcznq8wq0cyehmry4h5pagq20zscxs3pxamntqk8z1t3n2vcrnk1mg1bamm2d9nhz73qtygtsrkt4ps4x041d1axm0ngjqsk3ex4ahne7gxbgzr6hv43x1ggev075dn8reesg3qgshc2vj59me3rsm239swey7ychdz4r343srx17cgnmwzmg36244vy986hdtp0t0pr6wzbjwvhgypq064e8d63vex4sfxs80mb7daqas4hprw0rsgt07gw4yxqqa901skwrsh9cppbhx9q7ystr26ydb9qhqghpg3mchpw0q2rww730rn9gq9372wwyrzxz5g0hr255z3wadx48w9r16r3e42anmr377vb4y73vtcgj5zvbmhwhgk0v0nwhrf80&b=ZYGalAAGGtoEf7VIAApZCJCNxSlEZ2mnXUlv8Q&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5884294479391638&output=html&h=90&slotname=3654094576&adk=1418711512&adf=3173046725&pi=t.ma~as.3654094576&w=728&url=https%3A%2F%2Fwww.xgcartoon.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702992531939&bpp=126&bdt=89&idt=363&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&is_amp=1&correlator=8106&frm=24&ife=3&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1910587181&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C95320377%2C95320868%2C95320884&oid=2&pvsid=3459210345517852&tmod=1566219697&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.zho22i8nz53m&fsb=1&dtd=368
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 19 Dec 2023 13:28:52 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FC67 42 B
64 B 59ms
58ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstCYis5m6JPib6X3F9O7pKFCEJcybaacTqtKS1DkiPyaAx_zf7ty-kuGsG43o82XR0LOZVUnsewT5gBBkXdI53zyv40giEvFHVNo-dwzbx7-siMX5SrAi3ft0SfmeW5JDG_-eh-QLghv1wppE3-zKeD6rHq&sai=AMfl-YSMiRtxLTAg4UN0O3BnCAWhQ9ZMzlCWAqjL-h_yvphOCsJrZSf9Ixj-XAEwmieASo2bxA7DLpThB3lt&sig=Cg0ArKJSzPikbORe6eRtEAE&cid=CAQSGwAvHhf_JgAZ-7TB9qmHJTsLqIvcPVgxzH0IMRgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=807729522&rs=1&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702992531868&rpt=125&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 13:28:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 276A 9 KB
4 KB 49ms
49ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=728&d=90&e=&g=f4bd16a0434b96ec92337ace3b391e14%2F4425640653481459052&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1702992532967&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvetjg4f1j3npvr37srqvz8g64jdgfh2e5jhnwafray6e4kx5w6rfgxp1t9j5kn8fzh8m7yxxtx9ym5x55xmm3e551gjnk4cksaa7vje375bfcbp7zdga1pstpzzhmfyy5hd8rxt1xdfd8c29aa72wzkdq8ry07q76m0bpcr642rrxc41x34q4cfwstj7ge7k3hdcgje1g84cben39e8vs5n8d4cfd0cx8e71fw794v8y6anc4as6et31ctyvan0v74d7eztfykdmwa7nmg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnuUclJqBZdq1GMjq_tMPiLKp0AmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoEzwFP0BlPT7YSxhp0Y6uK5S2nGOiYyNhcJa4TulzoSxtAO6NNyCRnpvhSKW0nXIW9o6XLg-mnXhRc5kGR-NfbKBccutIjnes0FX9Vri9bumYSkIrbc49LGkz4qVSrDuOmxlrYtf3Q0VoFvA0uu1rJ2qImq5eOjmS-R0h8x8A9SUCT6kc-jaVkVeE6-7zNjsYfmu2RW6OpZzLZRunj3yL2GEdxrqcDzbgZk3uVNteEnYrsNrJ_ulLbS4XSxs-VvXb0k3rMOPUjJVSKjH73OvCo6UeABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_5HHx82bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2PPpR_RtiItbt1fUtZwcYHHWCg5g%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb3e01689408cdba8c0cfb38891b6e6a47799a783137bc93abd543f3ee4d9ae6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1kf1zptb81cyqtb8ssv0thbk5zw9my5tr63egxjs3jmmpw8w3q3rgepyarvgwe5yxsvqgyqwmdzg2cntexn4z29dk6m57gmpmee5bj44123bb2zkkw31h32gjdx9z66yp384nm5qbtc655892nta5dxjsr3aqngqaks2gv549kmx6k2ykszxw86knvgbcm9kdrsaa5z9twnyzcp0154dbwf6f01y84a3nej01j1rp1dt28nxzkd535f0z773s396vgs3bg9jeytk8y3z0kqkgmff3dgv1f0mnvmjxt8c814rjeh0mqay36t26t1bnm4185bmwahrg0q119pf66acs8zkfn70gymsr7zy84arp00fnk74bbhbxv097y7x6pa0cw15gevt6ytss3mrxy6yy5yfy1msx2qcdx739ek79ja610f2fg3g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnuUclJqBZdq1GMjq_tMPiLKp0AmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoEzwFP0BlPT7YSxhp0Y6uK5S2nGOiYyNhcJa4TulzoSxtAO6NNyCRnpvhSKW0nXIW9o6XLg-mnXhRc5kGR-NfbKBccutIjnes0FX9Vri9bumYSkIrbc49LGkz4qVSrDuOmxlrYtf3Q0VoFvA0uu1rJ2qImq5eOjmS-R0h8x8A9SUCT6kc-jaVkVeE6-7zNjsYfmu2RW6OpZzLZRunj3yL2GEdxrqcDzbgZk3uVNteEnYrsNrJ_ulLbS4XSxs-VvXb0k3rMOPUjJVSKjH73OvCo6UeABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_5HHx82bgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2PPpR_RtiItbt1fUtZwcYHHWCg5g%26client%3Dca-pub-5884294479391638%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 837ffdc35860bbd3-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 13:28:53 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 276A 115 KB
14 KB 56ms
55ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=728&d=90&e=&g=f4bd16a0434b96ec92337ace3b391e14%2F4425640653481459052&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1702992532967&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvetjg4f1j3npvr37srqvz8g64jdgfh2e5jhnwafray6e4kx5w6rfgxp1t9j5kn8fzh8m7yxxtx9ym5x55xmm3e551gjnk4cksaa7vje375bfcbp7zdga1pstpzzhmfyy5hd8rxt1xdfd8c29aa72wzkdq8ry07q76m0bpcr642rrxc41x34q4cfwstj7ge7k3hdcgje1g84cben39e8vs5n8d4cfd0cx8e71fw794v8y6anc4as6et31ctyvan0v74d7eztfykdmwa7nmg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnuUclJqBZdq1GMjq_tMPiLKp0AmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoEzwFP0BlPT7YSxhp0Y6uK5S2nGOiYyNhcJa4TulzoSxtAO6NNyCRnpvhSKW0nXIW9o6XLg-mnXhRc5kGR-NfbKBccutIjnes0FX9Vri9bumYSkIrbc49LGkz4qVSrDuOmxlrYtf3Q0VoFvA0uu1rJ2qImq5eOjmS-R0h8x8A9SUCT6kc-jaVkVeE6-7zNjsYfmu2RW6OpZzLZRunj3yL2GEdxrqcDzbgZk3uVNteEnYrsNrJ_ulLbS4XSxs-VvXb0k3rMOPUjJVSKjH73OvCo6UeABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_5HHx82bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2PPpR_RtiItbt1fUtZwcYHHWCg5g%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=728&d=90&e=&g=f4bd16a0434b96ec92337ace3b391e14%2F4425640653481459052&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1702992532967&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvetjg4f1j3npvr37srqvz8g64jdgfh2e5jhnwafray6e4kx5w6rfgxp1t9j5kn8fzh8m7yxxtx9ym5x55xmm3e551gjnk4cksaa7vje375bfcbp7zdga1pstpzzhmfyy5hd8rxt1xdfd8c29aa72wzkdq8ry07q76m0bpcr642rrxc41x34q4cfwstj7ge7k3hdcgje1g84cben39e8vs5n8d4cfd0cx8e71fw794v8y6anc4as6et31ctyvan0v74d7eztfykdmwa7nmg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnuUclJqBZdq1GMjq_tMPiLKp0AmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoEzwFP0BlPT7YSxhp0Y6uK5S2nGOiYyNhcJa4TulzoSxtAO6NNyCRnpvhSKW0nXIW9o6XLg-mnXhRc5kGR-NfbKBccutIjnes0FX9Vri9bumYSkIrbc49LGkz4qVSrDuOmxlrYtf3Q0VoFvA0uu1rJ2qImq5eOjmS-R0h8x8A9SUCT6kc-jaVkVeE6-7zNjsYfmu2RW6OpZzLZRunj3yL2GEdxrqcDzbgZk3uVNteEnYrsNrJ_ulLbS4XSxs-VvXb0k3rMOPUjJVSKjH73OvCo6UeABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_5HHx82bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2PPpR_RtiItbt1fUtZwcYHHWCg5g%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1061257
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7C24AXK62Qd9BfnLWvsHVQ1So6brfqgHKdPT07eluTlVy4LzT3ytiukV1dmJgp99GSPrclGy%2BEt%2FFPOtmh9gzBHxA22chNK%2F7v%2Fg9O9LGtW0kZ8zaxe9H9ZrLR2fvDzqfmgpGKSglyA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 837ffdc3a8a6bbd3-FRA
expires: Wed, 20 Dec 2023 13:28:53 GMT

GET
H3 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 276A 8 KB
8 KB 57ms
56ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=728&d=90&e=&g=f4bd16a0434b96ec92337ace3b391e14%2F4425640653481459052&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1702992532967&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvetjg4f1j3npvr37srqvz8g64jdgfh2e5jhnwafray6e4kx5w6rfgxp1t9j5kn8fzh8m7yxxtx9ym5x55xmm3e551gjnk4cksaa7vje375bfcbp7zdga1pstpzzhmfyy5hd8rxt1xdfd8c29aa72wzkdq8ry07q76m0bpcr642rrxc41x34q4cfwstj7ge7k3hdcgje1g84cben39e8vs5n8d4cfd0cx8e71fw794v8y6anc4as6et31ctyvan0v74d7eztfykdmwa7nmg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnuUclJqBZdq1GMjq_tMPiLKp0AmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoEzwFP0BlPT7YSxhp0Y6uK5S2nGOiYyNhcJa4TulzoSxtAO6NNyCRnpvhSKW0nXIW9o6XLg-mnXhRc5kGR-NfbKBccutIjnes0FX9Vri9bumYSkIrbc49LGkz4qVSrDuOmxlrYtf3Q0VoFvA0uu1rJ2qImq5eOjmS-R0h8x8A9SUCT6kc-jaVkVeE6-7zNjsYfmu2RW6OpZzLZRunj3yL2GEdxrqcDzbgZk3uVNteEnYrsNrJ_ulLbS4XSxs-VvXb0k3rMOPUjJVSKjH73OvCo6UeABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_5HHx82bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2PPpR_RtiItbt1fUtZwcYHHWCg5g%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 417623
cf-polished: qual=85, origFmt=jpeg, origSize=12951
alt-svc: h3=":443"; ma=86400
content-length: 7758
cf-bgj: imgq:85,h2pri
last-modified: Fri, 20 Oct 2023 22:22:01 GMT
server: cloudflare
etag: "12e3523b35b31c7ddfe7c77dcdb14a34"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJIriq1dWV8m02gVjm6IKi6FZRDSsWN1sr30nwOAQNBS7842nYKQ2CAjdNbs6CYMHFHtP%2BdI8nh5cndWMUyG2OBG5Y5xrzqSJHApKNfFkEXFu3Emml4haXwdF9TwKfGQeUHMUFiHdFDNWyT3"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837ffdc3a8a7bbd3-FRA

GET
H3 200 F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 276A 20 KB
21 KB 35ms
35ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=728&d=90&e=&g=f4bd16a0434b96ec92337ace3b391e14%2F4425640653481459052&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1702992532967&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvetjg4f1j3npvr37srqvz8g64jdgfh2e5jhnwafray6e4kx5w6rfgxp1t9j5kn8fzh8m7yxxtx9ym5x55xmm3e551gjnk4cksaa7vje375bfcbp7zdga1pstpzzhmfyy5hd8rxt1xdfd8c29aa72wzkdq8ry07q76m0bpcr642rrxc41x34q4cfwstj7ge7k3hdcgje1g84cben39e8vs5n8d4cfd0cx8e71fw794v8y6anc4as6et31ctyvan0v74d7eztfykdmwa7nmg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnuUclJqBZdq1GMjq_tMPiLKp0AmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoEzwFP0BlPT7YSxhp0Y6uK5S2nGOiYyNhcJa4TulzoSxtAO6NNyCRnpvhSKW0nXIW9o6XLg-mnXhRc5kGR-NfbKBccutIjnes0FX9Vri9bumYSkIrbc49LGkz4qVSrDuOmxlrYtf3Q0VoFvA0uu1rJ2qImq5eOjmS-R0h8x8A9SUCT6kc-jaVkVeE6-7zNjsYfmu2RW6OpZzLZRunj3yL2GEdxrqcDzbgZk3uVNteEnYrsNrJ_ulLbS4XSxs-VvXb0k3rMOPUjJVSKjH73OvCo6UeABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_5HHx82bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2PPpR_RtiItbt1fUtZwcYHHWCg5g%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8be82f349b2994d7f0ed7fcba5e50ffb8a960f135e513b34730af4578cab9883

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 419663
cf-polished: qual=85, origFmt=jpeg, origSize=23329
alt-svc: h3=":443"; ma=86400
content-length: 20802
cf-bgj: imgq:85,h2pri
last-modified: Tue, 31 Oct 2023 16:54:32 GMT
server: cloudflare
etag: "e320c43993ae8577c544483e96756c59"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhI%2Bparf7X%2FOnp1bB8HZmjX2udaqBk3r2f8Ji2Ku35lwPviGsjqnKuJtKJ6VZ8tQYQSoUlIocn4jV06AleIQqNFN%2BhZN02CCgFCxJU%2BartBWeYfH3Umovzk1GT21T%2BVuSOvZ32yi9YYR0Iav"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837ffdc3a8a9bbd3-FRA

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 276A
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKTX-MfNm4MDFc-T_QcddFUF7w;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023121914285391436430793X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Ne...

49 B
1 KB

151ms
37ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023121914285391436430793X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023121914285391436430793X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=728&d=90&e=&g=f4bd16a0434b96ec92337ace3b391e14%2F4425640653481459052&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1702992532967&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvetjg4f1j3npvr37srqvz8g64jdgfh2e5jhnwafray6e4kx5w6rfgxp1t9j5kn8fzh8m7yxxtx9ym5x55xmm3e551gjnk4cksaa7vje375bfcbp7zdga1pstpzzhmfyy5hd8rxt1xdfd8c29aa72wzkdq8ry07q76m0bpcr642rrxc41x34q4cfwstj7ge7k3hdcgje1g84cben39e8vs5n8d4cfd0cx8e71fw794v8y6anc4as6et31ctyvan0v74d7eztfykdmwa7nmg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnuUclJqBZdq1GMjq_tMPiLKp0AmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoEzwFP0BlPT7YSxhp0Y6uK5S2nGOiYyNhcJa4TulzoSxtAO6NNyCRnpvhSKW0nXIW9o6XLg-mnXhRc5kGR-NfbKBccutIjnes0FX9Vri9bumYSkIrbc49LGkz4qVSrDuOmxlrYtf3Q0VoFvA0uu1rJ2qImq5eOjmS-R0h8x8A9SUCT6kc-jaVkVeE6-7zNjsYfmu2RW6OpZzLZRunj3yL2GEdxrqcDzbgZk3uVNteEnYrsNrJ_ulLbS4XSxs-VvXb0k3rMOPUjJVSKjH73OvCo6UeABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_5HHx82bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2PPpR_RtiItbt1fUtZwcYHHWCg5g%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 19 Dec 2023 13:28:53 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023121914285391436430793X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023121914285391436430793X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
date: Tue, 19 Dec 2023 13:28:53 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 276A 4 KB
5 KB 34ms
33ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=728&d=90&e=&g=f4bd16a0434b96ec92337ace3b391e14%2F4425640653481459052&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1702992532967&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvetjg4f1j3npvr37srqvz8g64jdgfh2e5jhnwafray6e4kx5w6rfgxp1t9j5kn8fzh8m7yxxtx9ym5x55xmm3e551gjnk4cksaa7vje375bfcbp7zdga1pstpzzhmfyy5hd8rxt1xdfd8c29aa72wzkdq8ry07q76m0bpcr642rrxc41x34q4cfwstj7ge7k3hdcgje1g84cben39e8vs5n8d4cfd0cx8e71fw794v8y6anc4as6et31ctyvan0v74d7eztfykdmwa7nmg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnuUclJqBZdq1GMjq_tMPiLKp0AmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoEzwFP0BlPT7YSxhp0Y6uK5S2nGOiYyNhcJa4TulzoSxtAO6NNyCRnpvhSKW0nXIW9o6XLg-mnXhRc5kGR-NfbKBccutIjnes0FX9Vri9bumYSkIrbc49LGkz4qVSrDuOmxlrYtf3Q0VoFvA0uu1rJ2qImq5eOjmS-R0h8x8A9SUCT6kc-jaVkVeE6-7zNjsYfmu2RW6OpZzLZRunj3yL2GEdxrqcDzbgZk3uVNteEnYrsNrJ_ulLbS4XSxs-VvXb0k3rMOPUjJVSKjH73OvCo6UeABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_5HHx82bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2PPpR_RtiItbt1fUtZwcYHHWCg5g%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 416479
cf-polished: qual=85, origFmt=jpeg, origSize=7258
alt-svc: h3=":443"; ma=86400
content-length: 4294
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 09:56:16 GMT
server: cloudflare
etag: "679602b08629bcaaabfcfad4e68fe53a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yth%2BQOVvKpKExhU9AiTmI34lRx2ERx5TOD%2FCNww0kLc5KuxjR%2BEJEtFYOxiqyfgZ%2BQvhchbQVkwCihsAqCuoM05LekS4HdOSpklPzGZ21MGfd6YWpMxypL8obbilJ6EQb2thDtAXXnaO2YN%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837ffdc3a8aabbd3-FRA

GET
H3 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 276A 15 KB
16 KB 33ms
32ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=728&d=90&e=&g=f4bd16a0434b96ec92337ace3b391e14%2F4425640653481459052&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1702992532967&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvetjg4f1j3npvr37srqvz8g64jdgfh2e5jhnwafray6e4kx5w6rfgxp1t9j5kn8fzh8m7yxxtx9ym5x55xmm3e551gjnk4cksaa7vje375bfcbp7zdga1pstpzzhmfyy5hd8rxt1xdfd8c29aa72wzkdq8ry07q76m0bpcr642rrxc41x34q4cfwstj7ge7k3hdcgje1g84cben39e8vs5n8d4cfd0cx8e71fw794v8y6anc4as6et31ctyvan0v74d7eztfykdmwa7nmg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnuUclJqBZdq1GMjq_tMPiLKp0AmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoEzwFP0BlPT7YSxhp0Y6uK5S2nGOiYyNhcJa4TulzoSxtAO6NNyCRnpvhSKW0nXIW9o6XLg-mnXhRc5kGR-NfbKBccutIjnes0FX9Vri9bumYSkIrbc49LGkz4qVSrDuOmxlrYtf3Q0VoFvA0uu1rJ2qImq5eOjmS-R0h8x8A9SUCT6kc-jaVkVeE6-7zNjsYfmu2RW6OpZzLZRunj3yL2GEdxrqcDzbgZk3uVNteEnYrsNrJ_ulLbS4XSxs-VvXb0k3rMOPUjJVSKjH73OvCo6UeABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_5HHx82bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2PPpR_RtiItbt1fUtZwcYHHWCg5g%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3324894
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 15521
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:09:52 GMT
server: cloudflare
etag: "269bd58060bc660c3aec98b388bae571"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=los%2FDlFBNdAwL2OLge%2BwgO%2BmKieO%2FY2fEz3Q3JNA2KDT6pSE6JYIOTr3k45kLmnQDpDTWIx03N%2BWUJMdSDSyBBzFArPu9AuUnpYWamyDryg4jEDV3Oqlxx7ay8x3FiSx8c9MBy1EnpGEfFc7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837ffdc3a8abbbd3-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 276A 43 B
704 B 52ms
52ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneid2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcgoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=728&d=90&e=&g=f4bd16a0434b96ec92337ace3b391e14%2F4425640653481459052&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1702992532967&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvetjg4f1j3npvr37srqvz8g64jdgfh2e5jhnwafray6e4kx5w6rfgxp1t9j5kn8fzh8m7yxxtx9ym5x55xmm3e551gjnk4cksaa7vje375bfcbp7zdga1pstpzzhmfyy5hd8rxt1xdfd8c29aa72wzkdq8ry07q76m0bpcr642rrxc41x34q4cfwstj7ge7k3hdcgje1g84cben39e8vs5n8d4cfd0cx8e71fw794v8y6anc4as6et31ctyvan0v74d7eztfykdmwa7nmg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnuUclJqBZdq1GMjq_tMPiLKp0AmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoEzwFP0BlPT7YSxhp0Y6uK5S2nGOiYyNhcJa4TulzoSxtAO6NNyCRnpvhSKW0nXIW9o6XLg-mnXhRc5kGR-NfbKBccutIjnes0FX9Vri9bumYSkIrbc49LGkz4qVSrDuOmxlrYtf3Q0VoFvA0uu1rJ2qImq5eOjmS-R0h8x8A9SUCT6kc-jaVkVeE6-7zNjsYfmu2RW6OpZzLZRunj3yL2GEdxrqcDzbgZk3uVNteEnYrsNrJ_ulLbS4XSxs-VvXb0k3rMOPUjJVSKjH73OvCo6UeABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_5HHx82bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2PPpR_RtiItbt1fUtZwcYHHWCg5g%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Dec 2023 13:28:53 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 276A 2 KB
2 KB 56ms
56ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=728&d=90&e=&g=f4bd16a0434b96ec92337ace3b391e14%2F4425640653481459052&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1702992532967&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvetjg4f1j3npvr37srqvz8g64jdgfh2e5jhnwafray6e4kx5w6rfgxp1t9j5kn8fzh8m7yxxtx9ym5x55xmm3e551gjnk4cksaa7vje375bfcbp7zdga1pstpzzhmfyy5hd8rxt1xdfd8c29aa72wzkdq8ry07q76m0bpcr642rrxc41x34q4cfwstj7ge7k3hdcgje1g84cben39e8vs5n8d4cfd0cx8e71fw794v8y6anc4as6et31ctyvan0v74d7eztfykdmwa7nmg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnuUclJqBZdq1GMjq_tMPiLKp0AmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoEzwFP0BlPT7YSxhp0Y6uK5S2nGOiYyNhcJa4TulzoSxtAO6NNyCRnpvhSKW0nXIW9o6XLg-mnXhRc5kGR-NfbKBccutIjnes0FX9Vri9bumYSkIrbc49LGkz4qVSrDuOmxlrYtf3Q0VoFvA0uu1rJ2qImq5eOjmS-R0h8x8A9SUCT6kc-jaVkVeE6-7zNjsYfmu2RW6OpZzLZRunj3yL2GEdxrqcDzbgZk3uVNteEnYrsNrJ_ulLbS4XSxs-VvXb0k3rMOPUjJVSKjH73OvCo6UeABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_5HHx82bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2PPpR_RtiItbt1fUtZwcYHHWCg5g%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 419633
cf-polished: origFmt=png, origSize=2170
alt-svc: h3=":443"; ma=86400
content-length: 1662
cf-bgj: imgq:85,h2pri
last-modified: Mon, 13 Nov 2023 08:38:25 GMT
server: cloudflare
etag: "4721aa7c2d5fa652c8092463f9a485bd"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P3fhORQBe3L1REfV%2BhUFMlbO%2F1Bvbjvo7vDu08hRrppzUnnp5yqKeYvCsHsqn58SCmWNZTFEVc3snsv6AkLANVdimA6FF98Hq3oA%2Ft%2BXTe2y097BIZPJCkCvGaewFjsLXtnXVLpidb4%2F6HsQ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837ffdc3a8acbbd3-FRA

GET
H3 200 B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame 276A 23 KB
23 KB 35ms
34ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=728&d=90&e=&g=f4bd16a0434b96ec92337ace3b391e14%2F4425640653481459052&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1702992532967&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gvetjg4f1j3npvr37srqvz8g64jdgfh2e5jhnwafray6e4kx5w6rfgxp1t9j5kn8fzh8m7yxxtx9ym5x55xmm3e551gjnk4cksaa7vje375bfcbp7zdga1pstpzzhmfyy5hd8rxt1xdfd8c29aa72wzkdq8ry07q76m0bpcr642rrxc41x34q4cfwstj7ge7k3hdcgje1g84cben39e8vs5n8d4cfd0cx8e71fw794v8y6anc4as6et31ctyvan0v74d7eztfykdmwa7nmg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnuUclJqBZdq1GMjq_tMPiLKp0AmQ4YGEXLaoworwAsCNtwEQASAAYJWCgICYB4IBF2NhLXB1Yi01ODg0Mjk0NDc5MzkxNjM4yAEJqQIAiAy9cFWyPqgDAcgDAqoEzwFP0BlPT7YSxhp0Y6uK5S2nGOiYyNhcJa4TulzoSxtAO6NNyCRnpvhSKW0nXIW9o6XLg-mnXhRc5kGR-NfbKBccutIjnes0FX9Vri9bumYSkIrbc49LGkz4qVSrDuOmxlrYtf3Q0VoFvA0uu1rJ2qImq5eOjmS-R0h8x8A9SUCT6kc-jaVkVeE6-7zNjsYfmu2RW6OpZzLZRunj3yL2GEdxrqcDzbgZk3uVNteEnYrsNrJ_ulLbS4XSxs-VvXb0k3rMOPUjJVSKjH73OvCo6UeABoKGjrL8sNmW-gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_5HHx82bgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2PPpR_RtiItbt1fUtZwcYHHWCg5g%2526client%253Dca-pub-5884294479391638%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3218999
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 23392
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:08:23 GMT
server: cloudflare
etag: "faa9f958d13ef03f911b71f117846705"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNXOcGrtgU%2BTE9dd6BGdk%2FrjKl2%2Fw71ECavqMLJS%2Fz7pPYKntsdkzDfe5giyPkv%2BeHqTMIUVLxvT%2BDkiEi%2Fg5C0fmCmQhMQQykvesIFGFML%2BoJKrZOXUSNB31ftk4C409NBDPT1%2F2joHl2Kb"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 837ffdc3a8adbbd3-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 276A 43 B
704 B 57ms
57ms Image
image/gif 104.102.45.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-45-165.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Dec 2023 13:28:53 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8C8D 0
0 57ms
57ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=3070742680505491&bg=!fH-lfzDNAAY3kmNgF5I7ADQBe5WfOClg137LUmRp9Cwm0CyGl3ChchOqXGIkWLyEV9ak3hixDNldWjrchyYJLWSIY0CYAgAAADVSAAAAAmgBB5kDQ3ZML0De6AxVcRCPr6nU_wHQBZ0KNyyubuKbPZgXPqghvD_2HjKkdvtDPRitZa1v8TVFvH4sKcqcDCihX5ZNqa-z_Ndv9I6hc6VIlRhdekzc4HEDZXAC_TtsKYKqlzWPJXsFh0cJho63bnbSAMyH5_OtHHxAfY6kwK5A3w0_URUW_NPnnp0GW0vix_Fk4zMH61Ip2tZnwMBHcYHr8TdnNhfoxAKczCal_uoitRuYiC0Fzxb6iw1XMDgfLKnxEQ3AXO_I-tszNChSEgFHs_hkm1MZ9dqbFY1MASqpYA4ztP2O2qa8gdE4v8F_h9gxFRgeN2_dxUO_BOnesWOEZKe-UHXqR5r0z9DlKDzpwQdTSHMC6WsaTFGlUXDJFpNwHw1Ar1By2JB-QHHA1LbjhcvpMv7YKQeSiF8Cdn0sc5gOMhm8Ef9XjNT8XvxRDwt3GSEVFV90qIkD6drvhE5CJqsEOJVOEgt4W79lViQppv7HQEjsjrKsp8mvqvy6HWoZOqNnWaqElA_0YHqVh9V5KfLgvdVh8Os_B8BFqwpauC9lZR2-RKXIbK3keAjiIlrvt9pG-X2ct1KmDA1vJ7ko5Xzr9vZgpVINR9NV4Q05805WDsIgR_rK6iOcOSl6XgADVWct69LTRT6Spg8hoIJbkPVoo2_fUXV04Pc4pNwEIGpWEZYYbh-jceOfbfBxw0zKa-nR7w4Kk1imamym4lN4AgeMxuNeEfCHcrwtpFM6HcWceZa89Jw5jJI9H9PjQ4AVej55pnxFO6sm8LkjdNu2CK0Pxt6jy5uCk-5i9wvjy9Qxn6SYki0QJmcisn8QxzwOQLqghfQBoEFxjVYXCfnXLYiXVjudfUynXIL2XyQVuSSMKjlgIgY03RDaHkZbEy5GGTn0gS52U1u5RQmiSVtyTpzR6y4RjVxN_dHN-dIcq5lclilDjPiL3v99yqlGwANcsc7dyQ1qtIkQwdS_Z1dg4-VDPe1zqicowy2x0clROo2DKAJZyrSufAKsVnVLN1GsEahOogTHR3-4UZ7V36WrRSmMGrU7Uh1wIqsLmZT_c0qLQHK4TK2HuojnDVVxMrurnjGZvqBP5U6UwNx9pkV-FnbNnNIbuzA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7A5C 0
0 57ms
57ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=2417075223100956&bg=!2tml2ZbNAAY3kmNgF5I7ADQBe5WfOGmnhq9wOtXBBhT5wU2oEoVl7TP7L32JxR9bWiHE9m7QfN-aBu6sYKMiu6VyiDMTAgAAAE9SAAAAAmgBBwoAEvyDsxR1KVIITRhzts7DDrkCzZkDMZx0xFBYWJi2-EgEHr6ZFgeu0DirppPqSvM4PbpxwOmiUTkrcuWVG26eldIrZ-MvYiZ9DReNNmon-2TYm9YFHUIZEI28MCSHqjsJtCMCBnOxbUmXdzWcjgJ6PVKqO_uGNbnSegfvxeanlT_AFtNUsd823FowIgvXX73A0K4x5Bfx85BUYKQgjlizEZxGPF_9JUSTRK--agYly4ZAqSw99gdO26c6SYFI2ZHg8pzZaSKi6nzBTzq1CjCSdSrqght-6VYA_ryWiBDUk2X5tNrC5bVVgtJUl6uitF-vgClWKDp7-if8hA1MTm85xiENDGekK-9uitCVWbQ7-b2XyElZ-SE_iAaTrh3fV07moVXqOXH7nr4g4DaFZWzc2EWx4Pu9TTkbyJSP_OVKU-gZtJyojvMIe9udfjHeU7xaPM5wCFSxEDT7kqlScNN-OG5I_CAA0lFFoJe1R3bwafyi0xbUrka7YByUgrjhieGgTBGaIP2CJ02LhReMNkv07lv6x4paDHh0a3QwwhLcB2Ma6d1FA_di-oG4HHEOrzpibFlPezrGzWR1XnIK5cAUD8a0ayP5AtXYRHNgs48FUEdjkm18QkduEio9Ye_qoY335iF5Yd7tOJEze-hh8DCTljfrKuwAbeLxuesHssPBmI0Rqg66k1OuiWqbJ4lGjWjxS_lKvJjY-z2dvIG_eayLKWZJZDU_pHVoWil8TurdGqAHuHCeX3U9zs2LJJYwU-auLpfEXAstuzuqa5CP5cNd9tfklWAXTEgWnHJ2E1fYQee_QZ-GJdlH3INIVAmk4QMXfLXJVYiO9sohGjoPqwfMdCFIMuiZNf9_dmshKSf7Vr08Eg3SPDVfot7SZbw3elhD0R0hWU2sxUD04SqEQpFY0IaM7f75xil8l9gFFJ3B_B0bTNUsCCCLkiB7K-3lTtdeIFKuegn-Zl-E1k8tsOvnBulx6Et1m7UTGiWet2ciLyuO_lPMQN5ojfHAxUNVbZLzixDD2pzWSaDFfi-xho8xSqYO4iL-r0fW7Ue0VJ2q5Li3S-vfgD7vPHZBkTsmQNLBptxm9IIPh30O8qIRuh065wqWX_uC8do
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 518D 0
0 58ms
57ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvik-ywuw8pHsKxYFi39GnswhoqEh3921PF2GwHNvm20MvCxkRO9M9Kx_dYNXNT5QBod3Fs1qqPFSsKFxlnuNZwIGW1uZWAn4WDt4CJFFYAcgB8viyDXpMgA8iajFEpnhUhMFSvTRLUb6FF7tC3mtge9PpdCTCi7eJFfQXQBbmDrrObo-mcIkkWzFHKBuPXldJixz3CiqVeAAnUllI5MmQOHKyOip4a6Rz9juT9-uOY58531Mm6qh6-_g2d2DEzxtYl2ZVtjH7gj38gM2kVP6VxJ9cutoCS3cozf4Vdcu11AQ5vgYXspeJ_vNJyxMEn2Ytuw2Cm4RyAsFsUxEKHmtLLMQhXe225nbEC5va1KY23BPIAIpjDXg9v4Q&sai=AMfl-YSqe0aEkhCU-ftocXLr6qc-u5-NcYZQcUOfWR6BnUzqnh1EBRwfn1fFqk_xv4zJtF3DwHfZz-8e_ml_usE&sig=Cg0ArKJSzBt-d67jFGKLEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Dec 2023 13:28:53 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 518D 16 KB
12 KB 76ms
76ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19888d6e7f13b481a6a95bc5d00969aeb468613457829c0ee8f94f6cb7ad6597

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12368
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 518D 17 KB
6 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 13:28:53 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 864A 13 KB
5 KB 25ms
24ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7941
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 11:16:32 GMT
expires: Wed, 18 Dec 2024 11:16:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BA96 829 B
559 B 35ms
35ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9e45e14864102b4e5e2f0abfb41f5955935ace3eb38e0a4e4efc5eb56c626fd3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cP7UlBYNz2mprw0NLDpi5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-cP7UlBYNz2mprw0NLDpi5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 13:28:53 GMT
expires: Tue, 19 Dec 2023 13:28:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 busibuyunbusibuxingriyu-huzhongqingwen.jpg
static-a.xgcartoon.com/coverw/ 647 KB
648 KB 59ms
59ms Image
image/png 2606:4700:20::681a:3f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-a.xgcartoon.com/coverw/busibuyunbusibuxingriyu-huzhongqingwen.jpg?w=780&h=376&q=100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c29d9d7d70e09ecfe8c51e3c07be9bdd998fb54bb06dcea093925795aa88bcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xgcartoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:53 GMT
cf-cache-status: HIT
last-modified: Sun, 08 Oct 2023 09:10:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65716
etag: "29FDCD97573C8AECC3F9FDC25BEB2256"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c4XyV9U6%2FykvxSGCilyp43Kfqw7nNlN94oaE2aeYPdlazVFXsd%2F%2FNidAubIJSJTatQxtFUSlJK24zb6QJZpt4qDgn%2FjZExN5FaOkPOkcYpPsmCUT2%2BSSG0vO%2F%2FPol2nVKaBluxU1AfWHHrQbs0G0V4RYi3A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
cf-ray: 837ffdc76b383723-FRA
content-length: 662475
expires: Thu, 21 Dec 2023 00:05:43 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 864A 39 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 09:20:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 09:20:07 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BA96 0
0 54ms
54ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=3459210345517852&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 864A 0
11 B 21ms
21ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?iS-SDA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:28:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 518D 0
0 57ms
57ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=3459210345517852&bg=!wMOlw4zNAAY3kmNgF5I7ADQBe5WfOPDIk5ZymRqWB6BDZtvt9n1cbzLvzqbY_zeHI8ndWA6AKlYDmkpYQO9JY8c34r_5AgAAADpSAAAAAmgBB5kDPwYy9jqQnK0r-iQHXedmOFaXv0JFr5p2Q0xLMjUUG-PI4a7pIxFsI4Ssxtvv9W8xBPQ9-77XYKABzSXyUYQ-N3AJAa_YkiRzOTucxzM0gsvh1TawjbwPa0J7XbWM08mhfjcdyb7aLXl3cbTUKuQUeuzkjJkXyfFxRZtjKlZSr4jfUkM3NL1P-bTsYE2CZECSuFUd6puL9jHEFen89QFuXEWdvDUydoiTJbSHZgWcJTxM3rgm1PLwafliOicK9Qq-PqHIvxVDLYINA48UO_VZm5Nkn0cjOAgxm1gnd0d5QPWlff3rcyyblMy7M3_ouSOYIZ2To_iRiF8sSeg_j2l2lQxuAN-AF6nmPKUEk3mPw1rI6k89wGdi_3HjL6APF5DHDOfK2gGvuhKKZhpChDXhwdFijPc4oL4thFau4R2vEZY3vucR_G0hZxumhFh1hRiDYNXaaBlXxjkgrkkWYfkijk8ZEjm2VWci1vI9XqZ6ehh-1X8gcL8qFFTgRnvOyYHEHWRSt2Wmbw8HltykZLAwFdSCvmIONHiTn_0EeQtnVxrveaEdDYxLXPYb8qh4EdHsHht4ij7ECKZVUIptfiSGEI4IJqNMaGta1sQWdyEVzf362ZZJdebBAIR74sU77zBusBfgZ9o2uZUM_LWvXWS-bd5wc4JsdIbgL7UAX3cARPWzR2bNCRKN3L691eaIvZX-9REMd6epLZTXHjLLh8cNkX5DvojzvUCI4-KJEQSbBGiNrZchaHLyqFpoFzcAsVRDdQxigugdQBR4xrVU86lHURjtC2mwUmJgCz2NzUXxO1h6HeEN76c3eGifFpD1O5vHXr--0zAXsY7SqZQbmTTVwziy8PuMfQV248px4huu5j3ewt0dRfC6GzlUm1dIKmlw1Q3YrqwY6KvmMUzmyI_jDZhxA8PlInsYvwswPYHfXil-_2rbe_kW3aGLAzwdei1hmF4a3fYfQboXawc3m3GFxKm1rnmhF46_ffhhnp4QnfolO083QqKZZH1NVnZQVwEvWQmMnbftWBFMcOvVrbvUQEI1kN7zosVDB6oOiHS_vxKtb4ilb-a6s8BcNRRiqtUIlTpJjYAq18s-pQxo58Sv1A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ad4m.at/cookie-frame.html	1970-01-20 17:46:24	Name: userId Value: YaNcyAiODUg_IAmSxf_-FAKF920KxQF9
.statcounter.com/	1970-01-21 02:39:12	Name: is_unique Value: sc12916097.1702992528.0
.statcounter.com/	1970-01-21 02:39:12	Name: is_visitor_unique Value: 1702992528290893982
.xgcartoon.com/	1970-01-21 01:48:48	Name: _ga Value: amp-l6rm70s8209U5GbTzsbPTg
.doubleclick.net/	1970-01-21 02:24:48	Name: IDE Value: AHWqTUnAORx_Cp4ndWUzHfQ_OhjuC_BG_Q-d24NtBwtLUdZg3WBut4QGguOZHr_yazg
.doubleclick.net/	1970-01-20 17:03:13	Name: test_cookie Value: CheckForPermission
.googleadservices.com/	1970-01-20 19:12:48	Name: ar_debug Value: 1
.quantserve.com/	1970-01-20 19:12:48	Name: d Value: EGsBCQHZKoEA
.quantserve.com/	1970-01-21 02:33:26	Name: mc Value: 65819a93-2586f-6f0a5-1f514
pixel.rubiconproject.com/	1970-01-20 19:12:48	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-21 01:48:48	Name: CMID Value: ZYGak24RnfZ4sik8VVsHsQAA
.casalemedia.com/	1970-01-20 19:12:48	Name: CMPS Value: 2128
.casalemedia.com/	1970-01-20 19:12:48	Name: CMPRO Value: 2128
.lijit.com/	1970-01-21 01:48:48	Name: ljt_reader Value: H2OopGZHFL2Y1Z6PRDCVZbru
.yahoo.com/	1970-01-21 01:49:10	Name: A3 Value: d=AQABBJOagWUCEDP13hOEC-oXhEbGOTwqCbcFEgEBAQHsgmWLZQAAAAAA_eMAAA&S=AQAAAnGiVVZ2GoUJKIvRFby11c0
.csync.loopme.me/	1970-01-20 19:14:14	Name: viewer_token Value: 8c00e809-1747-432b-a00d-0f655c169d8c
.adform.net/	1970-01-20 17:47:50	Name: C Value: 1
.1rx.io/	1970-01-21 01:48:48	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-55c12365-48ab-4514-8b37-6dbc05cf5842-003%22%7D
.adform.net/	1970-01-20 18:29:36	Name: uid Value: 4867205461565039760
.targeting.unrulymedia.com/	1970-01-21 01:48:48	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-55c12365-48ab-4514-8b37-6dbc05cf5842-003%22%7D
.adnxs.com/	1970-01-20 19:12:48	Name: uuid2 Value: 7043672771662233101
.simpli.fi/	1970-01-21 01:50:14	Name: suid Value: BD3554EA92ED4A3CBBF6CD013D5E4A81
.3lift.com/	1970-01-20 19:12:48	Name: tluid Value: 1405560493839810971821
.awin1.com/	1970-01-20 17:06:05	Name: awpv14702 Value: 412871\|1702992533\|8d66f7e0-9e72-11ee-8661-22610dd0df18
.awin1.com/	1970-01-20 17:06:05	Name: awpv20044 Value: 412871\|1702992533\|8d679420-9e72-11ee-a9f2-22382f104756
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 415363:2904924
.doubleclick.net/	1970-01-20 21:22:24	Name: APC Value: AfxxVi7_sB3kEEoCbIcARdQoyM5ga25KY6ltNiiJq7W953Ntc4DiWQ
.o2online.de/	1970-01-20 17:13:17	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTcwMjk5MjUzM3ZsZWExZGUyMDIzMTIxOTE0Mjg1MzkxNDM2NDMwNzkzWDEyMDIxMVYxMjI2MTMyNzAyTVN2aWV3b25laWRZWDFIcmYxNXNwQnBIVkg5SGV0UXRSUjhjQVQxVDZtSHJvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTNfQmxhY2tGcmlkYXlQdXNoMTIwMjEx
.o2online.de/	1970-01-20 17:13:17	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 17:13:17	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023121914285391436430793X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTcwMjk5MjUzM3ZsZWExZGUyMDIzMTIxOTE0Mjg1MzkxNDM2NDMwNzkzWDEyMDIxMVYxMjI2MTMyNzAyT

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
javascript	warning	URL: https://www.xgcartoon.com/ Message: The resource https://d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad4m.at
ap.lijit.com
as.ad4m.at
assets.ad4m.at
c.statcounter.com
c1.adform.net
cdn.ampproject.org
cm.g.doubleclick.net
cms.quantserve.com
csync.loopme.me
d8bf1ebe7aa6cd40d240e36496db6653.safeframe.googlesyndication.com
dclk-match.dotomi.com
eb2.3lift.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
match.360yield.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.o2online.de
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
pv.medialead.de
region1.google-analytics.com
rtb.openx.net
s.ad.smaato.net
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-a.xgcartoon.com
static-de.ad4mat.net
sync.1rx.io
sync.targeting.unrulymedia.com
sync.teads.tv
tpc.googlesyndication.com
um.simpli.fi
www.awin1.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
www.xgcartoon.com
x.bidswitch.net
104.102.45.165
104.20.94.138
13.248.245.213
142.250.181.230
142.250.185.66
142.250.186.66
167.233.13.224
169.150.222.217
172.64.151.101
18.197.41.124
185.89.210.122
2.19.245.101
2001:4860:4802:32::36
216.52.2.91
2600:1901:0:76b9::
2600:9000:211e:3600:1b:5138:8a40:93a1
2606:4700:20::681a:3f3
2606:4700:20::ac43:444e
2606:4700:20::ac43:4a81
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:800::200e
2a00:1450:4001:808::2001
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::200a
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2003
2a00:1450:4001:830::200e
2a02:fa8:8806:21::1720
2a05:d018:d29:3601:18eb:9096:ecfc:cea8
3.33.220.150
34.255.77.250
35.204.158.49
35.214.241.154
35.227.252.103
37.157.5.132
46.228.174.117
51.75.86.98
69.173.144.139
81.17.55.170
84.200.5.215
91.121.248.44
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
010f461391b368b9db73665c02faecb01e104c05ab65e2c36cc01ef856da0429
0154da7354c2bc2bce4b0e9bcaa8b9f755668dc8df2d4a10c2e1bdfe875f1aa3
0201b79c190132252c7b83b308c3eedf1ae9703c843f79e1dc0e16bd999647c8
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09ff515b348a4ce7cdd1d76d114395a8702e8f438157fadf05239ad980bb416a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cc4300a9fffaf77f0abe572bc905ccd085437d5f6511057f2078caecace10ed
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
0dc8d4c8057500621917b3d88c33f534d917b03234c4716c04ca483e3dfdd69c
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f04ba1b77511a11124ca2b976fc47318dec9399e257157ac6fcec78d15225fe
10a9496c968fb01e420759b953e1c683c7620261d4d04ae9a290d42dd63d4455
10e358711eab7bbdacde3e4d3eb925d04438f07358f0dad5d22a8818fc9771c7
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
13e6a7a86b66aec6cc0cf1441a042fa7beaedbab5dc996b0341301518a1f55af
14c55deaf7ebe64eb047f2deeff0f12615193ff170e0693bebd2b51991751bf0
1550cde0e7d219960e9cb08513b187557f36f8492494b8aa84722533baa675c4
1917b964380fc9d01d1e73a79c4d7cd4c0e9ae2a34ae63ddbcd65cea655e9a06
19888d6e7f13b481a6a95bc5d00969aeb468613457829c0ee8f94f6cb7ad6597
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1ce64723f400800084733cca3c44b432a1e33fe5df837915a477dab99dea9152
1e2aa31ea0b4c14103915ba7d906536f68d021c22d3038b36c145bc2e6a2cc1d
1e6be9fc4ce7407c9c61a5b6ef8f57827eb630a17ca2c3915a16195bcf511add
1fa1f27152e0d87361b0db046cae89137d3f1be8c804a2b77885e2c2ca1c8425
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
24d55fd10e1f583d982282c0aa2808f8ec3c926196acae4d30825087631aabfa
2661dcb6bfa9b71c39c54788bde5ea88003db9f7384c04e66d6f7926fdba8894
26e4b525d5e224065fb46cee16b16e7056c7820d2136e1d8203c9dbb28b6bb1e
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
2a8cec5afdf87e0d08cb3cfbca43bf398f6efcc02dad18b2fdd7003bbcd01669
2d701f54286b5f0fb34fabb487e3bebcd361e2e2807ceeaf2d3738f0efb8bd90
2dfc3120b346b740f323485e3711448804353c1c5c213ec822a6ff76e0c7b8ad
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f41cdc29fad9db0b0ff1c365d9cee36da396346538b001d566a66f261be39df
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
326db4ba0a99427d55bb9b9c42decc77d1d07a925a3c0bede1ad8e1f511c82f3
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34abd1b18255edb3600bc9af8c9ddee862998331a1e1eff341ccd221d74c5c5f
3523fe0bfc26b6aea6ba24d933045d533972c56d98371a9ad2f952afa3af4465
360a5574de6b21c65b045cdfe0700cd23c25cbdbea6320d6f462e078871aabfa
388033aa75c99cb1710580cdc2d21cce0125ddbfbf182abeb442368a7fbd5b7a
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254
3c54442f21c2cbd18f8e6e2508129e77dab00b67022621679202cfe3b9baa4e9
3c8ff803e96d4d73b55b0454c35abe2a4344296878079358b87714a7db9e55bd
3f76bba7ff73fea1eeb20feb2309d526f21735db6048f54be6c503266ae9e7ef
3fefd09345b668fc2c8be2e1dac0e5fdad0e037db84b07962c0ef5ddb6c804b8
41060dd159c926287487f50a2d8e583c8c72e6121d1f5ffdc626dc6cf6bf4efa
417823dde6bd23c1c42930a1a36e850148e826c50bed34988c797c33b89b3d88
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7
44d3841af6833efbffb0cffba7ad72c14c7e398d2ad9a600bff96f888dde894d
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
45aff63862b7a85a48741e816ce3b9fdc7e2ea725e1f5989ceb47f502381a4d2
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4caa391874afacd6b0d5d2a894882403a726b3a1a3aadb9eb7cf7e320bd5d3fa
4d7e3dba795cc58a5bedbef6783f9e5151f51447f01b9e85e54bd16fb762cc15
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
505587c1162ef2d4af495312c860628d42fdd2b3f5536834468b6c7ed186f070
521f6fc33d7ede7524e5263c613a5db8df62c4a73a16a8147fdb385a88ec5350
538b02504c41e14ccce9818aeaaf9ee6e917db20ba4548fd10bb1c28dd3f25c6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54eda68a8d6e9cf6039971639882c4b78f652fd47545a11a66bffc39df959e40
555358ee1a75b33781d38c4ba26d19461112fdfa72a7f6f4f4917cbfb439a92d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
57bd5fc8348c295a6a6aa58634a6850f1539ce4468bf2b7ee3c9cc1db0cacbef
5af2b3c44d498d4ca737d2fbc0acdc882fc81ec81afc4c1b7d8548f9b52f64a2
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3
5e09c998e379bc6ac5ddad2d706661a56e0b51300324636a5bd092cb3981e46b
5ed841005c6fd7c9bd183a289bb9e7bc9c7a85e90d370bfb9eb42f440b7ede73
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
601aaa461c3b2b6a2d547ec3e1aa50b3daeffae324f0212c5c0cfb4bb4adda12
60e5a59bd06924e897f3f8170823db5fa4919204438357172aa470e442232aeb
610bdc4a664ee94aa9cc90f26d530b23ce49a6ec6827aeeb6d6101b2da641e84
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
628c59f981225e7474edcf942e8ee8cccb89278b83750e4c8006aa75d7f9dc52
64a281ee45c0817256e309187dff138182cf054a8f78696be585c0496491354f
657f06943a34735f0a25f30c9ea05c15e24c0985bbdb771e615182b03e03fa9d
658763708a45d3b028477e7bde12bf3da7292317c8f82c01131600f89052ef53
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6d1059934fa071ca8d63cb01c99ecfe94266ce25f9e4896c91dae81fd10afde5
702b9456ddc2e5e24be3f79379ba52e66bc7e8db235469a7c53f2c3b327ae57d
72e0e53345dad9730c52f80ac573b1103553bf860bdb97e682d214825211d766
753107f53fa7b6669aea9980a59cbbe59f0d21ded66bd2dabe9ddbc24ddcb2b6
780f26a815b945503629646bb8be45faa9545284bdb98e00c98f3ce1e67a10bd
7a509cdf4895ab4f5b828241f2d2f4725570e1e641df0c1878a230c19250d567
7a5e8e47f8c822a6b6949d92a6ae8666a793ba1f1a208f19b9cc696d560852cc
7a9476ddc842ed2592539716ef20aa025c571793b66f9c23ac206d11aa52e76f
7a9b1eb15c0ab4bd7c37458f34ecce3d1fafc4c7837bc8d406af18cf1a6ce2f8
7abe4ef543f967bd6fbc94fc40b81fd8a19428d105ba4d20d6f31783e81f74b7
7afc83eb08fc8099f9cb39d16020db192e883ed05c7a17bd8f498bb245d6a655
7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b
7ea7fca64b1f5e4f08b3a996a528b5cb1d3305956dec7502ee9c4f59f1c8762e
80482b65d7f8fd2e9450e2de517ce6dbbb1ceff20eed1d71688306fac53de8d2
8102bbc40c56e9c1d59491b9b7c02a1547c0f98558c57cc275447173ad2d836a
83af0c09a4f51158ec41f22995415aad509db6ef38d91c7feda2503acf5c49f6
847677e364f632a14b284e72e3b92d136e77486f4efccb0e81aa6d62432994cf
873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d
874d0e0e601ca825c511edf171d530a06c8deb3899a707649e2888170b2c19b1
8787bd9442b4025409549e4aaa0cf33224a7757bcd429097e3401dad31bc1ce8
878a2cd75957206fa5958be9c549e0b8f9adf16b6ae5aa305b1405649f2d84a5
89f365a523630bea5ea3533ec5c06b7db2297d14ccf662fe90aeba69d9ac3158
8be82f349b2994d7f0ed7fcba5e50ffb8a960f135e513b34730af4578cab9883
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec3a4c85938a71f6fc02dc2073ab916112d8b5f3e4dee081c43d4ffca2fe35f
903e80743f2a6631edd7d0bf3d209a3b8d301d76f82c8c47537bd4bfe8f98b65
9166139867849f520e589e2539331b7a59c0e2bd96b52c277d15461643b2ce9a
93737113c851f8b04daa3b1b47c0e1aa9788ba2cbe7cd2c2dd3d6e8757c39104
94aea748a7ee24920e714e2e7f90b23d48298e7a79ae1c666308e020ab157a3f
94b0aa179f9950baa8375f953ee4a03b1606d0945ff3159dafa2c8bdcbb2d59f
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
989f8a7168be5e4fed8f3f3510943cd0d9be975efb198199462728197c655d25
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c29d9d7d70e09ecfe8c51e3c07be9bdd998fb54bb06dcea093925795aa88bcd
9c87438af538355fb31763dfc58e09aee52c9096b0f3ce6b3909a35b2a589141
9cf8320abe90f0b566bbb7997c1d5269403a16be82145d4935efd96c369878f7
9e45e14864102b4e5e2f0abfb41f5955935ace3eb38e0a4e4efc5eb56c626fd3
9ef4d8e305ba6d28a0b9efb307e16112274ace9cbc43c0a760913eb9a0881c30
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a14fd36928728c88d7c81e40044847c8be0cde9c08c02f0b1b39c14b60d6ae65
a343a1840f00a5db5891891069d57a2af26f4c1b80be9098252cadcca0b4e6bb
a415b8130a9cd81b507e813b53561f24dec0e3669a38e1e4490a81b7027f693d
a48564d04daf471e99a45c9da8bf6ce686ad25ff3398a3685343734e958231b2
a6d8dd6b64f742b0b3879f56ea08f14d521d7e125999290f46a669000d3734f5
a9044c1f5517e5d398e6fae473f109c1087a5ed6f35a193affc79931a2dc85d6
a97d3325c01891167615327fef9cd173ac264f69bf526c15af006ad27f99eaf5
ac8272370661a40dc8ae8a029a8375a1c23666109a4b715aa358891ede14493a
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad8677457876f632db38d31886a4f65dfeb50037c421ed20a9918fe60293585c
afae2eac90554df2efe3fce7d0734924c3d2a81ee2dd8f8b64c56441f4611f52
b23d7439f60c81cc5409857887f4a7cc80a331aea9994a6378d4f498ceda6ffc
b3be69c4d77cd568b0c2d360918d62e86b33abfe1b08a2bb2c6993235a67d264
b41b08a177a2b27244894854a59687a06593f89f5d691f5ee2151d6a0927a919
b497840fdc78d638af40eccc2c9fd9006670503964b7b8d7d84c5f8062ef25d4
b60fdc02fa9ab4b53af7333760bb384dbc620ead72c41c04aacb9cae6e1485a0
b7a1f2d2b3af5842dc4b63539230c2fdfef285afd76c1304d327daa0b51cd575
b960232209a48625cdde26c939de1bcfcbe82d31a7ee6960addfb3ecb34897f6
bb22b6f1eaa16879c8550599bc09f556bba897ecd3826a49db742558c1e0751a
be1cd6cb66959a3d68138dd4bdbd4204a1727baaac5f234ff53d1c01a8fc133c
beb41f5f31d4b2911ad91b5b7b05131f006837a6c2bba64dc0659266107431f3
bf9b056ab56944f3ca3595b79ce510cdddeb83dcea2844e4b6ad145e39cbb3dd
bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447
c251151f6df0f04292170afa5523a6ee15f38209ad18b920c1ece28581e4dbab
c3654fdc8bbe4f55644ae047081eda8ce9e5532dedfb86df23519fb6e7b5419e
c47d3627bd81682d8314d37d4e5f1f025ac1cb3be92bfff56bdc214791576555
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
c59cff9a64bddf2deaea3effeb952babb3a012d05e7b1d3ecde5212f7c17b9a7
c5d90c8037ed57df815aced0edd776a42354f3166eb8f65bc660c6ab27e5b13d
c68d446f318242cb483c1404fb248a100ef152a579492b23752b4427954a096a
c93dd298a227decbcbc5fcc458c787f081db10425e322950458c08e0656384d7
cbb41d948989c5c65e69966c145618e2db14c247ba6b92a6bb7bc62eb29ad634
cf0f0a43ed82770f16a1fb17aded6b8bf2370393fad9176e14f4a2e49b2338bb
cf99aa70eb3475a435b2784a0aea0bd033ff483f37a44f4fe2a8a0c1199f4983
d10cfef260ae720a44f10e8ae68267aafe5037ea7ecdaf8b0acc2ba5aa2971b9
d203cdd85598d9b239cea8b7a4de019002720afc086f326f045c1778507fef0e
d272a62db237475ced121d23058f0a3856f59d43ca636903c5206fe12417fb71
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8
d42553a5c5c21454807af7cec2bc459c0dcb08728f1175db01d196b2bdfc8bf0
d50653c6b567749e8af96b01371c0830a1ab0731ac3e13230bc12913e00c4f52
dbe3013729bca638627e9135239ffc5fc470a365a744031ca2d3ddf6c8fdb129
dca1a0dc1f2b52f18cf46789de016d2937b1829b3f2db9a19aa78f31a9694e5a
e0435079f9a4a1280a9ccfbb593d29768c3f96b4cd7b0c6ee2134f820b5f65cf
e0471f27843ee42d45cf9b749a57ec4bbc26dd40f961989ed7cfe4e0f24ea6fe
e23b6f4539643a37f0d615a630a76fc48571ebb8b0a9219ad38b4827a60ee18c
e23fcb09cb87d27821c6b9acc0dcd98ba11d0586c31798356bfd15fdd88e1f57
e2b80247038739299b71545084dc4ebff2edd21e6f1ffafe013376bb2e92c4be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40d97b983b5756bf934b6b97d8d3fbb7cd719406bf82fee6e8a2c1acced376d
e51caf5c4f4e84fbdb340685b602bea060d4d87fab53f01f6a6f7ccb80cc489e
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f7a2b24b5d82e66cac5922b1722e8eaba43fe6e89aeeec08119ed9bb28adb1
f33a2f5f25c391fc75150a3034ebd6ac072945f97ecb572df2ba5ace685c023f
f4620eb8558321711185c5cf37ba11012a3d67617ab55060ce2ab0c7ebb1a5dc
f59a24724025aaa808fdcb5db803d2127feba310c2acf9acb0e5365b9a2b8809
f6e1cc877a10a8eb6972d29ff997fcba4280ce42b896f3909cd932ba02fd5bfb
f8d1dcfecd75072e5d920d31a9965c616a7a09d98ecd25071e3d62b2aff4329b
f9482ef22ac0ff1fe12c7df21d2142a15aa40b0b58b746887ed7357324f26d9c
fa3ecba51fcbe3806a57d12638c9e2760902fef8faa7bfc5b4e0214ed36848b7
fb3e01689408cdba8c0cfb38891b6e6a47799a783137bc93abd543f3ee4d9ae6
fe364619ca5af89c1517dc71bb790c4b2fc8ad68e40828b73d35c01a057f2820
fe773bf6d489549e8867fecbcf67da262edd5d5530424ff2f151e82feb528d2c
ff146c82166afe0cf2e272fad7c1949b5cb6fbecffd3a5837d85a176f1759951

www.xgcartoon.com Open in urlscan Pro 169.150.222.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

393 Requests

93 %HTTPS

47 %IPv6

39 Domains

52 Subdomains

36 IPs

10 Countries

7727 kBTransfer

15506 kBSize

30 Cookies

1 Outgoing links

Page URL History

Redirected requests

393 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.xgcartoon.com Open in urlscan Pro
169.150.222.217 Public Scan

Screenshot
Live screenshot

Full Image

393
Requests

93 %
HTTPS

47 %
IPv6

39
Domains

52
Subdomains

36
IPs

10
Countries

7727 kB
Transfer

15506 kB
Size

30
Cookies

393 HTTP transactions
6 data transactions