www.xanje.com Open in urlscan Pro
54.164.219.188 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.xanje.com/
Effective URL:
https://www.xanje.com/
Submission: On December 04 via api (December 4th 2023, 4:35:49 am UTC) from US — Scanned from DE

Summary HTTP 83 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 18 domains to perform 83 HTTP transactions. The main IP is 54.164.219.188, located in United States and belongs to AMAZON-AES, US. The main domain is www.xanje.com.
TLS certificate: Issued by R3 on October 23rd 2023. Valid for: 3 months.

This is the only time www.xanje.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 33	54.164.219.188 54.164.219.188	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
10	2600:9000:225... 2600:9000:2250:8600:0:cbc4:f200:21	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 7	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 4	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
6	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
2 2	213.155.156.182 213.155.156.182	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
83	16

33 54.164.219.188 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-219-188.compute-1.amazonaws.com

www.xanje.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.xanje.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:2250:8600:0:cbc4:f200:21 (United States)

ASN16509 (AMAZON-02, US)

d3v3o5zb6nsk3s.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Loerrach, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.243 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.182 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.86.98 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	xanje.com 1 redirects www.xanje.com media.xanje.com	2 MB
16	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	335 KB
13	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	47 KB
10	cloudfront.net d3v3o5zb6nsk3s.cloudfront.net	281 KB
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4497	653 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 560	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2218	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	90 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 714	388 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550	363 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428	587 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 49153	611 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	64 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6765	455 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	80 KB
83	18

	Domain	Requested by
23	media.xanje.com	www.xanje.com
10	d3v3o5zb6nsk3s.cloudfront.net	www.xanje.com
10	www.xanje.com	1 redirects www.xanje.com
8	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
8	pagead2.googlesyndication.com	www.xanje.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
7	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com pagead2.googlesyndication.com googleads.g.doubleclick.net
6	cm.g.doubleclick.net	googleads.g.doubleclick.net
4	www.google.com	1 redirects www.xanje.com googleads.g.doubleclick.net tpc.googlesyndication.com
2	www.googleadservices.com
2	d5p.de17a.com	2 redirects
2	c1.adform.net	2 redirects
2	connect.facebook.net	www.xanje.com connect.facebook.net
1	onetag-sys.com	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	dsp.adfarm1.adition.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	www.googletagservices.com	googleads.g.doubleclick.net
1	www.google.de	www.xanje.com
1	www.facebook.com	www.xanje.com
1	www.googletagmanager.com	www.xanje.com
83	22

This site contains no links.

Subject Issuer	Validity	Valid
xanje.com R3	`2023-10-23` - `2024-01-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-12` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.xanje.com/
Frame ID: 283886ABA6F7D60D4995AE135932A307
Requests: 54 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Frame ID: 748C30FB97144E44C5A38AFECF8C4073
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0072996079416371&output=html&adk=1812271804&adf=3025194257&lmt=1701664543&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fwww.xanje.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701664543626&bpp=4&bdt=636&idt=91&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3400382713895&frm=20&pv=2&ga_vid=1194342982.1701664544&ga_sid=1701664544&ga_hid=44668136&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C31078297%2C44807406%2C44807763%2C44808148%2C44808284%2C44809071%2C21065725&oid=2&pvsid=645690844379622&tmod=653871787&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=106
Frame ID: F27CE308860512CA6BE36623D02A676D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0072996079416371&output=html&h=280&slotname=1749340919&adk=1534352776&adf=2804077573&pi=t.ma~as.1749340919&w=728&fwrn=4&fwrnh=100&lmt=1701664543&rafmt=3&format=728x280&url=https%3A%2F%2Fwww.xanje.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701664543630&bpp=3&bdt=640&idt=105&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3400382713895&frm=20&pv=1&ga_vid=1194342982.1701664544&ga_sid=1701664544&ga_hid=44668136&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1305&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C31078297%2C44807406%2C44807763%2C44808148%2C44808284%2C44809071%2C21065725&oid=2&pvsid=645690844379622&tmod=653871787&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=109
Frame ID: 0CA3DF0D14BC4F39EA0981282C85DB1A
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E7C1FD24554CA548888FE63443A579A5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 625BA70F348957CD3B2905431D59F843
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: C9866DC457451D9643EF12BEDF6145BC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 714E87B0681729A29258799C14C62356
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 597788B8861553B3BA4621EC5A76FC37
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home | Xanje

Page URL History Show full URLs

http://www.xanje.com/ HTTP 301
https://www.xanje.com/ Page URL

Detected technologies

Livewire (Web frameworks) Expand

Overall confidence: 100%
Detected patterns

livewire(?:\.min)?\.js

Stimulus (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-controller

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

83
Requests

92 %
HTTPS

55 %
IPv6

18
Domains

22
Subdomains

16
IPs

5
Countries

2575 kB
Transfer

4363 kB
Size

16
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.xanje.com/ HTTP 301
https://www.xanje.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 63

https://a.tribalfusion.com/i.match?p=b6&u=CAESEN_w-BJ6qUlkCbRXLrXCru0&google_cver=1&google_push=AXcoOmQoABQcwWcbBMzUzKkui1fAO8W6GAtFEF0q8H6IjOJ-fps0OWBM1RByx3jCZH4jmFKsFceZjd1hovxKfHfsLdDLiMk23eu9OKU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQoABQcwWcbBMzUzKkui1fAO8W6GAtFEF0q8H6IjOJ-fps0OWBM1RByx3jCZH4jmFKsFceZjd1hovxKfHfsLdDLiMk23eu9OKU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEN_w-BJ6qUlkCbRXLrXCru0&google_cver=1&google_push=AXcoOmQoABQcwWcbBMzUzKkui1fAO8W6GAtFEF0q8H6IjOJ-fps0OWBM1RByx3jCZH4jmFKsFceZjd1hovxKfHfsLdDLiMk23eu9OKU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQoABQcwWcbBMzUzKkui1fAO8W6GAtFEF0q8H6IjOJ-fps0OWBM1RByx3jCZH4jmFKsFceZjd1hovxKfHfsLdDLiMk23eu9OKU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 64

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEA1S6wv3dPFgMt0oDYWYL7U&google_cver=1&google_push=AXcoOmRiIlo4hNCPffkgUHA1hRzpnIJsfCxNr9yQX7Nz-0UJyRo7q37HiujkSzzRrf4DbP1Ut1PHCvsx5sqL79qdTA5PMJaLsbd7J00 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRiIlo4hNCPffkgUHA1hRzpnIJsfCxNr9yQX7Nz-0UJyRo7q37HiujkSzzRrf4DbP1Ut1PHCvsx5sqL79qdTA5PMJaLsbd7J00&google_hm=8bzuOZx1QuCbMzjETOrmM4k

Request Chain 65

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGUPWXypyBOUDeKL3yymjBc&google_cver=1&google_push=AXcoOmQPuyWXduvTXG5MmaPikba93FEgVGNwgbt7zX0R0E_3xQQmWoaHzo-ugD_-86cU4yArSueGNFTn22BVk2kuSkMiDLLa9cZIoGk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwODU5MzU2NTI0NzUzNTI2Mw%3D%3D&google_push=AXcoOmQPuyWXduvTXG5MmaPikba93FEgVGNwgbt7zX0R0E_3xQQmWoaHzo-ugD_-86cU4yArSueGNFTn22BVk2kuSkMiDLLa9cZIoGk

Request Chain 66

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKMRNSDP3c9Q2zUaGpraofA&google_cver=1&google_push=AXcoOmRFLZ79iTbGrVPgLBjc7VX8b4p1SbXEjrApDoHh9g1UcSFnhE6rr-KSukOYK9B24EbJH7_FJLtT7CaSKogcykxTVjPZVbEZh-Q HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKMRNSDP3c9Q2zUaGpraofA&google_cver=1&google_push=AXcoOmRFLZ79iTbGrVPgLBjc7VX8b4p1SbXEjrApDoHh9g1UcSFnhE6rr-KSukOYK9B24EbJH7_FJLtT7CaSKogcykxTVjPZVbEZh-Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njg5NjQyODUxMzAzMjI2NTMwNw&google_push=AXcoOmRFLZ79iTbGrVPgLBjc7VX8b4p1SbXEjrApDoHh9g1UcSFnhE6rr-KSukOYK9B24EbJH7_FJLtT7CaSKogcykxTVjPZVbEZh-Q

Request Chain 67

https://d5p.de17a.com/cookies/google?google_gid=CAESEJwU197qmCVDhrBqTX3n_Sk&google_cver=1&google_push=AXcoOmT4hPpzsO-wByFo-qlQwBSVVNfrwyy4b7n2AVyapLQhwJ8NtiKwMko_YAXCC9XhLc_ooNWfdcvHcvN76DEsurT99B6lL7asXyA HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJwU197qmCVDhrBqTX3n_Sk&google_cver=1&google_push=AXcoOmT4hPpzsO-wByFo-qlQwBSVVNfrwyy4b7n2AVyapLQhwJ8NtiKwMko_YAXCC9XhLc_ooNWfdcvHcvN76DEsurT99B6lL7asXyA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmT4hPpzsO-wByFo-qlQwBSVVNfrwyy4b7n2AVyapLQhwJ8NtiKwMko_YAXCC9XhLc_ooNWfdcvHcvN76DEsurT99B6lL7asXyA

Request Chain 69

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEEU0fYPVoMvApzdBlkPk_JI&google_cver=1&google_push=AXcoOmTViwqNnolXET5qqVQXn0MedvKP2FWWUOQodv0sky24EjhR_ZWyznQRoTBMaqcOzcGMcQdyIaAu9shyrT4OtQFgMsZUSmReHJo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTViwqNnolXET5qqVQXn0MedvKP2FWWUOQodv0sky24EjhR_ZWyznQRoTBMaqcOzcGMcQdyIaAu9shyrT4OtQFgMsZUSmReHJo

Request Chain 72

https://googleads.g.doubleclick.net/pagead/adview?ai=CFgcNH1dtZcG7LuOpx_APo-G08ALe-4K_dLXZr6H8Ed7nkKORQBABIL70ug5glfKLgpgHoAHHhYm1AcgBAqkChxZyOYpCsj6oAwHIA8kEqgTIAU_Q5n3kqlEtFsGkkvYnj9yhXk1CuE7rw4GIoc6pAxGLBZ5ho1xgmQCBn7YfvkUu5zYFIIus5OhLmOudfnL3XoJOLaH-wQjwJf28GQRpFa2Kdic2IGUd4alygQjokrTxvpiiczVaUaIUV6d1mN4QFm04AWvskPqURlFnpbHmOKr6k8Cq_4-TzfqACazC6DoMy-sa7R46f4s8eGq2u7U-x6fsQVzZrEDIOLeWXQy0fs_ao7MN6MHWP5nffarOZSE4dAMRLy-2iIJ5wASdh9_IvQSIBYWhpttMkgUECAQYAZIFBAgFGASgBgKAB6H69soCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQqKkG0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljHqaG1-vSCA5oJJmh0dHBzOi8vdGhlbWVra2l0cy5jb20vdG9jYS1saWZlLXdvcmxkgAoByAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC2BMN0BUBmBYBgBcBshccChoIABIUcHViLTAwNzI5OTYwNzk0MTYzNzEYAA&sigh=gjEaOJhr4y4&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNbi5_oVQN2ngYAV8VgEANLc_l_8DVxgiO0oT5JfqEr5BYP8wbgaikpNo0rF_9C2jNIKYEJqcRNBgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22612413325719949490%22,%22debug_reporting%22:true,%22destination%22:%22https://themekkits.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22379732679%22],%224%22:[%2212-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212293726376989251873%22}&andc=true

83 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.xanje.com/
Redirect Chain

http://www.xanje.com/
https://www.xanje.com/

39 KB
9 KB

377ms
174ms

Document
text/html

54.164.219.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.164.219.188 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-219-188.compute-1.amazonaws.com
Software: nginx /
Resource Hash: d9bc7cf8567414b465464735a712195e7f2a02d20b106a405fbecbebc5be947b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 04:35:42 GMT
server: nginx
vary: Accept-Encoding Origin
x-ratelimit-limit: 100
x-ratelimit-remaining: 99

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Mon, 04 Dec 2023 04:35:42 GMT
Location: https://www.xanje.com/
Server: nginx

GET
H2 200 main.css
www.xanje.com/dist/css/ 129 KB
27 KB 106ms
105ms Stylesheet
text/css 54.164.219.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xanje.com/dist/css/main.css?id=3c607176fe8098a91644be27066dd8c8
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.164.219.188 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-219-188.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 7b89475ef5f86f77fe0f58d8c51d30385811d0a57923df0c23a99a36bc1631ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:35:43 GMT
content-encoding: gzip
last-modified: Sat, 02 Dec 2023 01:39:28 GMT
server: nginx
etag: W/"656a8ad0-205bc"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 theme-autumn.css
www.xanje.com/dist/css/themes/ 2 KB
883 B 209ms
208ms Stylesheet
text/css 54.164.219.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xanje.com/dist/css/themes/theme-autumn.css?id=08fe329d9612936eceb07a9ecfc40d4a
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.164.219.188 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-219-188.compute-1.amazonaws.com
Software: nginx /
Resource Hash: edbdc5071d020a1dbe00ec621e71abd01ef285ba88c64ea32c7d8ccedccd5d32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:35:43 GMT
content-encoding: gzip
last-modified: Sat, 02 Dec 2023 01:39:28 GMT
server: nginx
etag: W/"656a8ad0-8ae"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 corejs.min.js Show response
media.xanje.com/lib/js/ 153 KB
47 KB 407ms
301ms Script
application/javascript 54.164.219.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://media.xanje.com/lib/js/corejs.min.js
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.164.219.188 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-219-188.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 61c524d7ba6087fbc33c00ef4ba532d4e2f7f3c716a469f7cfb367be28d20895

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Dec 2023 04:35:43 GMT
content-encoding: gzip
last-modified: Sat, 07 May 2022 23:32:23 GMT
server: nginx
etag: W/"62770187-262ce"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public
expires: Wed, 03 Jan 2024 04:35:43 GMT

GET
H2 200 timeago.min.js Show response
media.xanje.com/lib/js/ 2 KB
1 KB 148ms
145ms Script
application/javascript 54.164.219.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://media.xanje.com/lib/js/timeago.min.js
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.164.219.188 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-219-188.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b13bab0e2d9eb4b37d0a99d4228082f72e62ca76f6aabfeea3a409ab3a0eee60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Dec 2023 04:35:43 GMT
content-encoding: gzip
last-modified: Sun, 01 May 2022 23:32:30 GMT
server: nginx
etag: W/"626f188e-77b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000, public
expires: Wed, 03 Jan 2024 04:35:43 GMT

GET
H2 200 global.js Show response
www.xanje.com/dist/js/ 434 KB
131 KB 210ms
209ms Script
application/javascript 54.164.219.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xanje.com/dist/js/global.js?id=98cc588c58ad5860bcce97a6b6d7c276
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.164.219.188 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-219-188.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 7d234ba8b353cfb341e2a74b060df22e1621b735b28763db9e0289a4bc130139

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:35:43 GMT
content-encoding: gzip
last-modified: Sat, 02 Dec 2023 01:39:28 GMT
server: nginx
etag: W/"656a8ad0-6c853"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 faux-strays.js Show response
www.xanje.com/dist/js/ 73 KB
28 KB 308ms
307ms Script
application/javascript 54.164.219.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xanje.com/dist/js/faux-strays.js?id=38f6b3b3578657a931ae2818c0c32fba
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.164.219.188 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-219-188.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2aac422bb90d27a8d93e2905267ba7372d4959e438f7501ea62176aceb9277fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:35:43 GMT
content-encoding: gzip
last-modified: Sat, 02 Dec 2023 01:39:28 GMT
server: nginx
etag: W/"656a8ad0-1237d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 231 KB
80 KB 66ms
26ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1058054429

Requested by

Host: www.xanje.com
URL: https://www.xanje.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ed97fe2f319b6fe8d85cb73c87350fd20d25c3c971ce8270e113a0b43660ebc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:35:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81963
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Dec 2023 04:35:43 GMT

GET
H2 200 homepage.css
www.xanje.com/dist/css/ 995 B
539 B 209ms
208ms Stylesheet
text/css 54.164.219.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xanje.com/dist/css/homepage.css?id=df2c4a22b5edad859f25bdcdbee45213
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.164.219.188 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-219-188.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5429d5e1999d8beb1ef40d8010d4314004f960b053c1499a3b11e09a2afd3cca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:35:43 GMT
content-encoding: gzip
last-modified: Sat, 02 Dec 2023 01:39:28 GMT
server: nginx
etag: W/"656a8ad0-3e3"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 communitymeter.css
www.xanje.com/dist/css/ 584 B
464 B 209ms
209ms Stylesheet
text/css 54.164.219.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xanje.com/dist/css/communitymeter.css?id=ee35c3b2727f2a58615d16d0d0f9db63
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.164.219.188 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-219-188.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 60821ef3b270a92c0403e02600b3b4c64d18ce15aa71672d6559705076bf0117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:35:43 GMT
content-encoding: gzip
last-modified: Sat, 02 Dec 2023 01:39:28 GMT
server: nginx
etag: W/"656a8ad0-248"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 banner-november2.png
media.xanje.com/homepage/ 991 KB
993 KB 407ms
301ms Image
image/png 54.164.219.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.xanje.com/homepage/banner-november2.png
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.164.219.188 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-219-188.compute-1.amazonaws.com
Software: nginx /
Resource Hash: aa8626c229428ba73b452477db09c53c7b64231f394abde29b7346e116264d64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Dec 2023 04:35:43 GMT
last-modified: Fri, 03 Nov 2023 20:37:05 GMT
server: nginx
etag: "654559f1-f7d2a"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1015082
expires: Wed, 03 Jan 2024 04:35:43 GMT

GET
H2 200 10.png
media.xanje.com/items/ 12 KB
12 KB 406ms
301ms Image
image/png 54.164.219.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.xanje.com/items/10.png
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.164.219.188 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-219-188.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 7e84707e2890f6230f3b06828b56a73f058f90322e0363d17a39a82a43d5c352

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Dec 2023 04:35:43 GMT
last-modified: Thu, 26 Jan 2017 10:48:41 GMT
server: nginx
etag: "5889d409-30f8"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 12536
expires: Wed, 03 Jan 2024 04:35:43 GMT

GET
H2 200 79.png
media.xanje.com/items/ 14 KB
14 KB 209ms
209ms Image
image/png 54.164.219.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.xanje.com/items/79.png
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.164.219.188 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-219-188.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 7a371b88a9f0728c09475916374c232743d93afe14c783ee4f4ea2f3626fe0a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Dec 2023 04:35:43 GMT
last-modified: Thu, 26 Jan 2017 10:54:54 GMT
server: nginx
etag: "5889d57e-36c3"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 14019
expires: Wed, 03 Jan 2024 04:35:43 GMT

GET
H2 200 84.png
media.xanje.com/items/ 14 KB
14 KB 147ms
144ms Image
image/png 54.164.219.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.xanje.com/items/84.png
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.164.219.188 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-219-188.compute-1.amazonaws.com
Software: nginx /
Resource Hash: f94a10196d8c14f75358410a6fb0b810c2c7b23ca199b8e940a7942c0f081f1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Dec 2023 04:35:43 GMT
last-modified: Thu, 26 Jan 2017 10:54:54 GMT
server: nginx
etag: "5889d57e-3649"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 13897
expires: Wed, 03 Jan 2024 04:35:43 GMT

GET
H2 200 pet_58944740_shop_1.png
d3v3o5zb6nsk3s.cloudfront.net/ 10 KB
11 KB 345ms
292ms Image
image/png 2600:9000:2250:8600:0:cbc4:f200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3v3o5zb6nsk3s.cloudfront.net/pet_58944740_shop_1.png
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8600:0:cbc4:f200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 352eae01725fc6f306561c54d5be5177a0e450e8aa61ebba065e2c03776e56c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Dec 2023 04:35:43 GMT
via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 04:34:06 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
etag: "656d56be-28d7"
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public
accept-ranges: bytes
timing-allow-origin: www.xanje.com, backstage.xanje.com
content-length: 10455
x-amz-cf-id: soTHz7pNQmbkQ3JJiV_ZgJQWPNd0CbaKQRknKpxDnc5MdEaZX2W8jA==

GET
H2 200 pet_58944739_shop_1.png
d3v3o5zb6nsk3s.cloudfront.net/ 15 KB
15 KB 437ms
384ms Image
image/png 2600:9000:2250:8600:0:cbc4:f200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3v3o5zb6nsk3s.cloudfront.net/pet_58944739_shop_1.png
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8600:0:cbc4:f200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 0f969e481bd43cb1b129b4d7a4d6d404dc66d10ed3f1c9170e26445e7415af3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Dec 2023 04:35:43 GMT
via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 04:34:06 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
etag: "656d56be-3b18"
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public
accept-ranges: bytes
timing-allow-origin: www.xanje.com, backstage.xanje.com
content-length: 15128
x-amz-cf-id: WFyvG5YrTOtDNSsyNzASObrwhCm4k9d3jONa-rko_mD7UO9DhadUkg==

GET
H2 200 pet_58944738_shop_1.png
d3v3o5zb6nsk3s.cloudfront.net/ 11 KB
11 KB 344ms
291ms Image
image/png 2600:9000:2250:8600:0:cbc4:f200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3v3o5zb6nsk3s.cloudfront.net/pet_58944738_shop_1.png
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8600:0:cbc4:f200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: bfd3e5ca5c204c50b8a1227a5727d1ff0f7c36a1a8760071290cb08510e15721

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Dec 2023 04:35:43 GMT
via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 04:34:06 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
etag: "656d56be-2b17"
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public
accept-ranges: bytes
timing-allow-origin: www.xanje.com, backstage.xanje.com
content-length: 11031
x-amz-cf-id: ILpC_ZAmGbQLZR0dhWcAmyatFSleTQ9WVs8x7wF0Xb3J6voEx6HI0A==

GET
H2 200 pet_58944737_shop_1.png
d3v3o5zb6nsk3s.cloudfront.net/ 15 KB
15 KB 447ms
395ms Image
image/png 2600:9000:2250:8600:0:cbc4:f200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3v3o5zb6nsk3s.cloudfront.net/pet_58944737_shop_1.png
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8600:0:cbc4:f200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 97e118c223f4480ab898a49d7414b600483d62046315c849d382e723e1a88107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Dec 2023 04:35:43 GMT
via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 04:34:06 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
etag: "656d56be-3af6"
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public
accept-ranges: bytes
timing-allow-origin: www.xanje.com, backstage.xanje.com
content-length: 15094
x-amz-cf-id: 2OC6wLusVirhrUAQr-wSjofuP0Pev8SAdsBKv1Hh5UqWZ7rK66u2Hg==

GET
H2 200 pet_58944736_shop_1.png
d3v3o5zb6nsk3s.cloudfront.net/ 15 KB
15 KB 512ms
459ms Image
image/png 2600:9000:2250:8600:0:cbc4:f200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3v3o5zb6nsk3s.cloudfront.net/pet_58944736_shop_1.png
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8600:0:cbc4:f200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 4bccce74dca3debe8cd5e2dd29494d0d2bfa0f53fcfbdf8ce2e651d76f6bac61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Dec 2023 04:35:43 GMT
via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 04:34:06 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
etag: "656d56be-3a0f"
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public
accept-ranges: bytes
timing-allow-origin: www.xanje.com, backstage.xanje.com
content-length: 14863
x-amz-cf-id: QPzlWUlGTr8Pa7MdxNNhu6xj3VY94IndMo9j4zyULJ-Mv1ZCOoNsFw==

GET
H2 200 pet_58944735_shop_1.png
d3v3o5zb6nsk3s.cloudfront.net/ 18 KB
19 KB 430ms
395ms Image
image/png 2600:9000:2250:8600:0:cbc4:f200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3v3o5zb6nsk3s.cloudfront.net/pet_58944735_shop_1.png
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8600:0:cbc4:f200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 80062eed5815817c8a7facf7bdb4ba10762fbf9394a2b944fd60faa0947f747f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Dec 2023 04:35:43 GMT
via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 04:34:06 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
etag: "656d56be-48ea"
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public
accept-ranges: bytes
timing-allow-origin: www.xanje.com, backstage.xanje.com
content-length: 18666
x-amz-cf-id: VcTpsyIuSbOw1nJAnNO4XxLq7S3Q01TmE2k6GKj_a5GTc0V8rrN7kQ==

GET
H2 200 pet_58944733_shop_1.png
d3v3o5zb6nsk3s.cloudfront.net/ 18 KB
18 KB 409ms
409ms Image
image/png 2600:9000:2250:8600:0:cbc4:f200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3v3o5zb6nsk3s.cloudfront.net/pet_58944733_shop_1.png
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8600:0:cbc4:f200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 8fba1c751399bb36ca85b331cb770b25e3411e1dc7658a23c8d1f2ab51de9432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Dec 2023 04:35:43 GMT
via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 04:34:06 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
etag: "656d56be-46b8"
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public
accept-ranges: bytes
timing-allow-origin: www.xanje.com, backstage.xanje.com
content-length: 18104
x-amz-cf-id: y44EySji368OQBwWGlpz2kHp7Hex8v0qef3eL1bqqovGQzpf5UCwiA==

GET
H2 200 pet_58944732_shop_1.png
d3v3o5zb6nsk3s.cloudfront.net/ 15 KB
15 KB 391ms
391ms Image
image/png 2600:9000:2250:8600:0:cbc4:f200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3v3o5zb6nsk3s.cloudfront.net/pet_58944732_shop_1.png
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8600:0:cbc4:f200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b99b547a867dab7ba77e6e3bf5a9719683c96dd33e22c2aaaf2f402c9ed81acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Dec 2023 04:35:43 GMT
via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 04:34:06 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
etag: "656d56be-3a9b"
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public
accept-ranges: bytes
timing-allow-origin: www.xanje.com, backstage.xanje.com
content-length: 15003
x-amz-cf-id: zBYn0UJibHWwQPl8vZsFEgA7fEipV9x0lEDH7nsYK7ALP26XKOyX3A==

GET
H2 200 library.png
media.xanje.com/home/activities/ 2 KB
2 KB 316ms
314ms Image
image/png 54.164.219.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.xanje.com/home/activities/library.png
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.164.219.188 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-219-188.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 00c2c022890c5c47c22eb60e80561173d20923c9d6aef7f5df1d72c0cb8e5a9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Dec 2023 04:35:43 GMT
last-modified: Fri, 29 Sep 2023 16:35:25 GMT
server: nginx
etag: "6516fccd-6dc"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1756
expires: Wed, 03 Jan 2024 04:35:43 GMT

GET
H2 200 guides.png
media.xanje.com/home/activities/ 2 KB
2 KB 316ms
315ms Image
image/png 54.164.219.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.xanje.com/home/activities/guides.png
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.164.219.188 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-219-188.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b84830e778e1508eedc5b84f42fe497dcf5d423771f24e4df6334b1628e5aa6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Dec 2023 04:35:43 GMT
last-modified: Fri, 29 Sep 2023 16:35:26 GMT
server: nginx
etag: "6516fcce-645"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1605
expires: Wed, 03 Jan 2024 04:35:43 GMT

GET
H2 200 forums.png
media.xanje.com/home/activities/ 2 KB
2 KB 318ms
317ms Image
image/png 54.164.219.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.xanje.com/home/activities/forums.png
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.164.219.188 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-219-188.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4dcdb8146ca0b6d03ee33b2b73224254754788c090e7aa84fdcbf00e36267aca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Dec 2023 04:35:43 GMT
last-modified: Fri, 29 Sep 2023 16:35:26 GMT
server: nginx
etag: "6516fcce-615"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1557
expires: Wed, 03 Jan 2024 04:35:43 GMT

GET
H2 200 oasis.png
media.xanje.com/home/activities/ 1 KB
2 KB 130ms
128ms Image
image/png 54.164.219.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.xanje.com/home/activities/oasis.png
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.164.219.188 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-219-188.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1640bdabf2a82f3903eb4f341158c7de369c4cb155c2fbd03d2a253b9b6e3aab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Dec 2023 04:35:43 GMT
last-modified: Fri, 29 Sep 2023 17:08:46 GMT
server: nginx
etag: "6517049e-5ed"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1517
expires: Wed, 03 Jan 2024 04:35:43 GMT

GET
H2 200 meadow.png
media.xanje.com/home/activities/ 1 KB
2 KB 317ms
316ms Image
image/png 54.164.219.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.xanje.com/home/activities/meadow.png
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.164.219.188 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-219-188.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ec2b69e729e36b8c6fae08af4fabc92af9e8efe1ab729d3ea495eeba2f346288

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Dec 2023 04:35:43 GMT
last-modified: Fri, 29 Sep 2023 16:35:24 GMT
server: nginx
etag: "6516fccc-58a"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1418
expires: Wed, 03 Jan 2024 04:35:43 GMT

GET
H2 200 garden.png
media.xanje.com/home/activities/ 1 KB
2 KB 316ms
315ms Image
image/png 54.164.219.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.xanje.com/home/activities/garden.png
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.164.219.188 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-219-188.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e17fe05806b65dbdcdc7f5a36033ca95d77825fe8dd31b6ad31ab8dd999337a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Dec 2023 04:35:43 GMT
last-modified: Fri, 29 Sep 2023 16:35:26 GMT
server: nginx
etag: "6516fcce-547"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1351
expires: Wed, 03 Jan 2024 04:35:43 GMT

GET
H2 200 explore.png
media.xanje.com/home/activities/ 2 KB
2 KB 318ms
317ms Image
image/png 54.164.219.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.xanje.com/home/activities/explore.png
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.164.219.188 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-219-188.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5fceb99a6f31ed7032a62c5192eb728130a026916fa86daaebbdecedb81d60d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Dec 2023 04:35:43 GMT
last-modified: Fri, 29 Sep 2023 16:35:25 GMT
server: nginx
etag: "6516fccd-664"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1636
expires: Wed, 03 Jan 2024 04:35:43 GMT

GET
H2 200 market.png
media.xanje.com/home/activities/ 1 KB
1 KB 130ms
128ms Image
image/png 54.164.219.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.xanje.com/home/activities/market.png
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.164.219.188 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-219-188.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8721ee8f343b9be27e9e0a5137bc712761bcc661eacf3fd26cb339313c1cc9bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Dec 2023 04:35:43 GMT
last-modified: Fri, 29 Sep 2023 16:35:25 GMT
server: nginx
etag: "6516fccd-4f5"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1269
expires: Wed, 03 Jan 2024 04:35:43 GMT

GET
H2 200 wheel.png
media.xanje.com/home/activities/ 1 KB
2 KB 317ms
315ms Image
image/png 54.164.219.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.xanje.com/home/activities/wheel.png
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.164.219.188 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-219-188.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4077393a5ee14f5fbb1631d09cf7ff16b244dcfc884b6c3bd8972ee4e1f71873

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Dec 2023 04:35:43 GMT
last-modified: Fri, 29 Sep 2023 16:35:25 GMT
server: nginx
etag: "6516fccd-53c"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1340
expires: Wed, 03 Jan 2024 04:35:43 GMT

GET
H2 200 lotto.png
media.xanje.com/home/activities/ 2 KB
2 KB 318ms
317ms Image
image/png 54.164.219.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.xanje.com/home/activities/lotto.png
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.164.219.188 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-219-188.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 9b95e777c9bd90476b106935aa4f80be8da9d37b6978dd1478def12d843dc72e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Dec 2023 04:35:43 GMT
last-modified: Fri, 29 Sep 2023 16:35:26 GMT
server: nginx
etag: "6516fcce-71a"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1818
expires: Wed, 03 Jan 2024 04:35:43 GMT

GET
H2 200 games.png
media.xanje.com/home/activities/ 2 KB
2 KB 317ms
316ms Image
image/png 54.164.219.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.xanje.com/home/activities/games.png
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.164.219.188 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-219-188.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3716c5fcb84cc471e628d2ab917de579b049ad10f23cb8c49dfcdc1d7c044be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Dec 2023 04:35:43 GMT
last-modified: Fri, 29 Sep 2023 17:06:57 GMT
server: nginx
etag: "65170431-618"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1560
expires: Wed, 03 Jan 2024 04:35:43 GMT

GET
H2 200 pet_54217581_medium_3.png
d3v3o5zb6nsk3s.cloudfront.net/ 84 KB
84 KB 422ms
387ms Image
image/png 2600:9000:2250:8600:0:cbc4:f200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3v3o5zb6nsk3s.cloudfront.net/pet_54217581_medium_3.png
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8600:0:cbc4:f200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 0363a7743d2d778ca10c5d9827cb2d02dfcd465c5eb21e4e4383d19d2e7048a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Dec 2023 04:35:43 GMT
via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
last-modified: Sun, 03 Dec 2023 03:03:22 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
etag: "656beffa-14e89"
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public
accept-ranges: bytes
timing-allow-origin: www.xanje.com, backstage.xanje.com
content-length: 85641
x-amz-cf-id: lVmlgIRoNZfglxcbwvGnAKytSO3VikuUzcIBGW_YO0O0dQkWnedWFw==

GET
H2 200 pet_2969217_medium_3.png
d3v3o5zb6nsk3s.cloudfront.net/ 78 KB
78 KB 413ms
379ms Image
image/png 2600:9000:2250:8600:0:cbc4:f200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3v3o5zb6nsk3s.cloudfront.net/pet_2969217_medium_3.png
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8600:0:cbc4:f200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 54ea77ce4e4b83b976f6be8a78cbca3c56eec5dbfaa92862ba7cf7e70243ffa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Dec 2023 04:35:43 GMT
via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 04:34:06 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
etag: "656d56be-13644"
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public
accept-ranges: bytes
timing-allow-origin: www.xanje.com, backstage.xanje.com
content-length: 79428
x-amz-cf-id: WFlNQBg7OLLjvlnuSIwlsFJKpnfFIvsYoZRjg-Va11xoLwsdP5ACPA==

GET
H2 200 racing-test.js Show response
www.xanje.com/dist/js/ 0
127 B 146ms
143ms Script
application/javascript 54.164.219.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xanje.com/dist/js/racing-test.js?id=d41d8cd98f00b204e9800998ecf8427e
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.164.219.188 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-219-188.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:35:43 GMT
last-modified: Sat, 02 Dec 2023 01:39:28 GMT
server: nginx
accept-ranges: bytes
etag: "656a8ad0-0"
content-length: 0
content-type: application/javascript; charset=utf-8

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
52 KB 70ms
34ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0072996079416371

Requested by

Host: www.xanje.com
URL: https://www.xanje.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdae7351f4415cc23e12754ab8f2d66dc7edf5ec59163a0b7f164778194fd2d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:35:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52713
x-xss-protection: 0
server: cafe
etag: 8700990663441930036
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 04:35:43 GMT

GET
H2 200 livewire.js Show response
www.xanje.com/vendor/livewire/ 156 KB
41 KB 147ms
144ms Script
application/javascript 54.164.219.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xanje.com/vendor/livewire/livewire.js?id=de3fca26689cb5a39af4
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.164.219.188 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-219-188.compute-1.amazonaws.com
Software: nginx /
Resource Hash: db7fc4a5fe60fb79b594ddd13b6839a6c688b65fbe73421698194f67841fce2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:35:43 GMT
content-encoding: gzip
last-modified: Sun, 03 Dec 2023 14:33:35 GMT
server: nginx
etag: W/"656c91bf-2704e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 slurp.mp3 Show response
media.xanje.com/events/mysterious_portal/ 8 KB
8 KB 521ms
311ms XHR
audio/mpeg 54.164.219.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://media.xanje.com/events/mysterious_portal/slurp.mp3
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/dist/js/global.js?id=98cc588c58ad5860bcce97a6b6d7c276
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.164.219.188 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-219-188.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4171271ea9151ca85863edb399ea141fd74f7581ce2ad7c081875649b88d4844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Dec 2023 04:35:43 GMT
last-modified: Sat, 21 Oct 2023 02:19:40 GMT
server: nginx
etag: "6533353c-1e1a"
content-type: audio/mpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 7706
expires: Wed, 03 Jan 2024 04:35:43 GMT

GET
H2 200 slurp.mp3 Show response
media.xanje.com/events/mysterious_portal/ 8 KB
8 KB 520ms
311ms XHR
audio/mpeg 54.164.219.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://media.xanje.com/events/mysterious_portal/slurp.mp3
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/dist/js/global.js?id=98cc588c58ad5860bcce97a6b6d7c276
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.164.219.188 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-219-188.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4171271ea9151ca85863edb399ea141fd74f7581ce2ad7c081875649b88d4844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Dec 2023 04:35:43 GMT
last-modified: Sat, 21 Oct 2023 02:19:40 GMT
server: nginx
etag: "6533353c-1e1a"
content-type: audio/mpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 7706
expires: Wed, 03 Jan 2024 04:35:43 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 28ms
7ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.xanje.com
URL: https://www.xanje.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 04 Dec 2023 04:35:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: XeKpMcSPSKOV9n8TYLpwdoNiWlEdF2zpD6YyK0tLL2L6iIgKXWH5RmbwNlC48vGGzOPY0zDfGZ3iQpvZux6+fQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bg-1.png
media.xanje.com/themes/autumn/ 101 KB
101 KB 130ms
128ms Image
image/png 54.164.219.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.xanje.com/themes/autumn/bg-1.png
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/dist/css/themes/theme-autumn.css?id=08fe329d9612936eceb07a9ecfc40d4a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.164.219.188 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-219-188.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 42e8d15ace08877564983aebfd6d07cd99bf2d473fa9d1d958343b85bbe721db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Dec 2023 04:35:43 GMT
last-modified: Wed, 20 Sep 2023 17:51:33 GMT
server: nginx
etag: "650b3125-192a4"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 103076
expires: Wed, 03 Jan 2024 04:35:43 GMT

GET
H2 200 logo-full.png
media.xanje.com/themes/autumn/ 135 KB
136 KB 229ms
227ms Image
image/png 54.164.219.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.xanje.com/themes/autumn/logo-full.png
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/dist/css/themes/theme-autumn.css?id=08fe329d9612936eceb07a9ecfc40d4a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.164.219.188 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-219-188.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8f6cec9d8eae43fd9f7b8c6965104bec6a54962837f26ded39541e274c9e4cd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Dec 2023 04:35:43 GMT
last-modified: Wed, 20 Sep 2023 18:08:09 GMT
server: nginx
etag: "650b3509-21cc2"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 138434
expires: Wed, 03 Jan 2024 04:35:43 GMT

GET
H2 200 viga-v7-latin-regular.woff2
media.xanje.com/fonts/ 8 KB
8 KB 301ms
103ms Font
application/font-woff2 54.164.219.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://media.xanje.com/fonts/viga-v7-latin-regular.woff2
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/dist/css/main.css?id=3c607176fe8098a91644be27066dd8c8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.164.219.188 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-219-188.compute-1.amazonaws.com
Software: nginx /
Resource Hash: fe26e5f82ec7257e558028e5ab1d3560b48b8fe4f9a3bc0897b8069db53046d3

Request headers

Referer: https://www.xanje.com/
Origin: https://www.xanje.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Dec 2023 04:35:43 GMT
last-modified: Tue, 16 Apr 2019 08:59:50 GMT
server: nginx
etag: "5cb59986-2044"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 8260
expires: Wed, 03 Jan 2024 04:35:43 GMT

GET
H2 200 fontawesome-webfont.woff2
media.xanje.com/fonts/ 75 KB
76 KB 404ms
206ms Font
application/font-woff2 54.164.219.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://media.xanje.com/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.xanje.com
URL: https://www.xanje.com/dist/css/main.css?id=3c607176fe8098a91644be27066dd8c8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.164.219.188 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-219-188.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.xanje.com/
Origin: https://www.xanje.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Dec 2023 04:35:43 GMT
last-modified: Mon, 21 Nov 2016 18:45:14 GMT
server: nginx
etag: "583340ba-12d68"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 77160
expires: Wed, 03 Jan 2024 04:35:43 GMT

GET
H2 200 1468726683254073 Show response
connect.facebook.net/signals/config/ 139 KB
36 KB 64ms
64ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1468726683254073?v=2.9.138&r=stable&domain=www.xanje.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8f7d09f253b4660f2903c6a8008106fce607cfcb953cb73fffec2de4e21884a7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 04 Dec 2023 04:35:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: ca0Y5i5ggMS+KdJdTd/rECo2X8subfgy/HsYF+H9bHrEJFFVjFdgusr0NBysKIrypnuLwuldxEbIgkO0YZRx4g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1058054429/ 3 KB
1 KB 84ms
25ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1058054429/?random=1701664543581&cv=11&fst=1701664543581&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9166103437&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.xanje.com%2F&hn=www.googleadservices.com&frm=0&tiba=Home%20%7C%20Xanje&auid=1892288915.1701664544&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1058054429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69140d55e600742a91578d700440baf58b4482c4971896e89526f65d9e1a7933

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 04:35:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1251
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/ 398 KB
135 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0072996079416371&plah=www.xanje.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0072996079416371

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78779d2a28f0746e8901d627a1c6ae406f643d7ea17a2b402ef411ebe35803a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:35:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137677
x-xss-protection: 0
server: cafe
etag: 17422032238605774060
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 04:35:43 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame 748C 9 KB
4 KB 32ms
23ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0072996079416371

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xanje.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 26698
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 21:10:45 GMT
etag: 12051592065903069241
expires: Sun, 17 Dec 2023 21:10:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 23ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1468726683254073&ev=PageView&dl=https%3A%2F%2Fwww.xanje.com%2F&rl=&if=false&ts=1701664543668&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701664543666.1527837828&cs_est=true&ler=empty&it=1701664543539&coo=false&rqm=GET

Requested by

Host: www.xanje.com
URL: https://www.xanje.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 04 Dec 2023 04:35:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/1058054429/ 42 B
455 B 103ms
24ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1058054429/?random=1701664543581&cv=11&fst=1701662400000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9166103437&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.xanje.com%2F&frm=0&tiba=Home%20%7C%20Xanje&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNKRVeZJIdDkgsIi6oChYWvTBcZhLjww&random=597546037&rmt_tld=0&ipr=y

Requested by

Host: www.xanje.com
URL: https://www.xanje.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 04:35:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1058054429/ 42 B
455 B 77ms
39ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1058054429/?random=1701664543581&cv=11&fst=1701662400000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v9166103437&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.xanje.com%2F&frm=0&tiba=Home%20%7C%20Xanje&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNKRVeZJIdDkgsIi6oChYWvTBcZhLjww&random=597546037&rmt_tld=1&ipr=y

Requested by

Host: www.xanje.com
URL: https://www.xanje.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 04:35:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F27C 0
315 B 198ms
197ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0072996079416371&output=html&adk=1812271804&adf=3025194257&lmt=1701664543&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fwww.xanje.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701664543626&bpp=4&bdt=636&idt=91&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3400382713895&frm=20&pv=2&ga_vid=1194342982.1701664544&ga_sid=1701664544&ga_hid=44668136&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C31078297%2C44807406%2C44807763%2C44808148%2C44808284%2C44809071%2C21065725&oid=2&pvsid=645690844379622&tmod=653871787&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=106

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0072996079416371&plah=www.xanje.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xanje.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 04:35:43 GMT
expires: Mon, 04 Dec 2023 04:35:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0CA3 104 KB
40 KB 410ms
409ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0072996079416371&output=html&h=280&slotname=1749340919&adk=1534352776&adf=2804077573&pi=t.ma~as.1749340919&w=728&fwrn=4&fwrnh=100&lmt=1701664543&rafmt=3&format=728x280&url=https%3A%2F%2Fwww.xanje.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701664543630&bpp=3&bdt=640&idt=105&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3400382713895&frm=20&pv=1&ga_vid=1194342982.1701664544&ga_sid=1701664544&ga_hid=44668136&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1305&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C31078297%2C44807406%2C44807763%2C44808148%2C44808284%2C44809071%2C21065725&oid=2&pvsid=645690844379622&tmod=653871787&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=109

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a23b28decf8baaf24216aaa60998ab6f3268ca59599ae68844dbe5c82794e145

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xanje.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40157
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 04:35:44 GMT
expires: Mon, 04 Dec 2023 04:35:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4476079671955314268
tpc.googlesyndication.com/daca_images/simgad/ Frame 0CA3 55 KB
56 KB 68ms
31ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/4476079671955314268

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0072996079416371&output=html&h=280&slotname=1749340919&adk=1534352776&adf=2804077573&pi=t.ma~as.1749340919&w=728&fwrn=4&fwrnh=100&lmt=1701664543&rafmt=3&format=728x280&url=https%3A%2F%2Fwww.xanje.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701664543630&bpp=3&bdt=640&idt=105&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3400382713895&frm=20&pv=1&ga_vid=1194342982.1701664544&ga_sid=1701664544&ga_hid=44668136&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1305&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C31078297%2C44807406%2C44807763%2C44808148%2C44808284%2C44809071%2C21065725&oid=2&pvsid=645690844379622&tmod=653871787&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a017095b6603c202cb6b3ea609007e0f6513eeb446bd22fd907fa05cce9724a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 22:43:23 GMT
x-content-type-options: nosniff
age: 366741
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56822
x-xss-protection: 0
last-modified: Tue, 26 Sep 2023 21:43:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 28 Nov 2024 22:43:23 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 0CA3 24 KB
9 KB 52ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58334
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 12:23:30 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E7C1 143 B
166 B 15ms
13ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0072996079416371&output=html&h=280&slotname=1749340919&adk=1534352776&adf=2804077573&pi=t.ma~as.1749340919&w=728&fwrn=4&fwrnh=100&lmt=1701664543&rafmt=3&format=728x280&url=https%3A%2F%2Fwww.xanje.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701664543630&bpp=3&bdt=640&idt=105&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3400382713895&frm=20&pv=1&ga_vid=1194342982.1701664544&ga_sid=1701664544&ga_hid=44668136&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1305&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C31078297%2C44807406%2C44807763%2C44808148%2C44808284%2C44809071%2C21065725&oid=2&pvsid=645690844379622&tmod=653871787&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=109
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1882
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 04:04:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 0CA3 3 KB
1 KB 66ms
30ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 19:25:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33006
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 19:25:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 625B 1 KB
643 B 14ms
14ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63814
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 10:52:10 GMT
etag: 48472445140208031
expires: Mon, 04 Dec 2023 10:52:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 0CA3 20 KB
9 KB 49ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:31:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21849
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 22:31:35 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0CA3 0
0 22ms
20ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRS5_foqFClx2pQSZjcTRKGPjgHufAe-5tbWOG_ggQn-BnsrKdiTK0F-kSdCEFyAs5weNdRbqlxQkDEHJQC5uVuyepQtA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0072996079416371&output=html&h=280&slotname=1749340919&adk=1534352776&adf=2804077573&pi=t.ma~as.1749340919&w=728&fwrn=4&fwrnh=100&lmt=1701664543&rafmt=3&format=728x280&url=https%3A%2F%2Fwww.xanje.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701664543630&bpp=3&bdt=640&idt=105&shv=r20231129&mjsv=m202311280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3400382713895&frm=20&pv=1&ga_vid=1194342982.1701664544&ga_sid=1701664544&ga_hid=44668136&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1305&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C31078297%2C44807406%2C44807763%2C44808148%2C44808284%2C44809071%2C21065725&oid=2&pvsid=645690844379622&tmod=653871787&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CpeoEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0CA3 202 KB
64 KB 64ms
29ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 04:35:44 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 0CA3 36 KB
15 KB 51ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 20:00:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14781
x-xss-protection: 0
server: cafe
etag: 13719831398043079576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 20:00:45 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E7C1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

26ms
26ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 04:35:44 GMT
expires: Mon, 04 Dec 2023 04:35:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 04:35:44 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 625B
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEN_w-BJ6qUlkCbRXLrXCru0&google_cver=1&google_push=AXcoOmQoABQcwWcbBMzUzKkui1fAO8W6GAtFEF0q8H6IjOJ-fps0OWBM1RByx3jCZH4jmFKsFceZjd1hovxKfHfsLdDLiMk23eu9O...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEN_w-BJ6qUlkCbRXLrXCru0&google_cver=1&google_push=AXcoOmQoABQcwWcbBMzUzKkui1fAO8W6GAtFEF0q8H6IjOJ-fps0OWBM1RByx3jCZH4jmFKsFceZjd1hovxKfHfsLdDLiMk23eu...

43 B
455 B

1104ms
1085ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEN_w-BJ6qUlkCbRXLrXCru0&google_cver=1&google_push=AXcoOmQoABQcwWcbBMzUzKkui1fAO8W6GAtFEF0q8H6IjOJ-fps0OWBM1RByx3jCZH4jmFKsFceZjd1hovxKfHfsLdDLiMk23eu9OKU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQoABQcwWcbBMzUzKkui1fAO8W6GAtFEF0q8H6IjOJ-fps0OWBM1RByx3jCZH4jmFKsFceZjd1hovxKfHfsLdDLiMk23eu9OKU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 04:35:45 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8301582b98ce190f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 04:35:44 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 58
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEN_w-BJ6qUlkCbRXLrXCru0&google_cver=1&google_push=AXcoOmQoABQcwWcbBMzUzKkui1fAO8W6GAtFEF0q8H6IjOJ-fps0OWBM1RByx3jCZH4jmFKsFceZjd1hovxKfHfsLdDLiMk23eu9OKU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQoABQcwWcbBMzUzKkui1fAO8W6GAtFEF0q8H6IjOJ-fps0OWBM1RByx3jCZH4jmFKsFceZjd1hovxKfHfsLdDLiMk23eu9OKU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 830158297f9f190f-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 625B
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEA1S6wv3dPFgMt0oDYWYL7U&google_cver=1&google_push=AXcoOmRiIlo4hNCPffkgUHA1hRzpnIJsfCxNr9yQX7Nz-0UJyRo7q37HiujkSzzRrf4DbP1Ut1PHCvsx5sq...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRiIlo4hNCPffkgUHA1hRzpnIJsfCxNr9yQX7Nz-0UJyRo7q37HiujkSzzRrf4DbP1Ut1PHCvsx5sqL79qdTA5PMJaLsbd7J00&google_hm=8bzuOZx1QuCbMzjET...

170 B
232 B

33ms
33ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRiIlo4hNCPffkgUHA1hRzpnIJsfCxNr9yQX7Nz-0UJyRo7q37HiujkSzzRrf4DbP1Ut1PHCvsx5sqL79qdTA5PMJaLsbd7J00&google_hm=8bzuOZx1QuCbMzjETOrmM4k

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 04:35:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 04:35:43 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRiIlo4hNCPffkgUHA1hRzpnIJsfCxNr9yQX7Nz-0UJyRo7q37HiujkSzzRrf4DbP1Ut1PHCvsx5sqL79qdTA5PMJaLsbd7J00&google_hm=8bzuOZx1QuCbMzjETOrmM4k
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 625B
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGUPWXypyBOUDeKL3yymjBc&google_cver=1&google_push=AXcoOmQPuyWXduvTXG5MmaPikba93FEgVGNwgbt7zX0R0E_3xQQmWoaHzo-ugD_-86cU4yArSueGNFTn22BVk2...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwODU5MzU2NTI0NzUzNTI2Mw%3D%3D&google_push=AXcoOmQPuyWXduvTXG5MmaPikba93FEgVGNwgbt7zX0R0E_3xQQmWoaHzo-ugD_-86cU4yArSueGNFTn22BVk2kuSk...

170 B
329 B

34ms
34ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwODU5MzU2NTI0NzUzNTI2Mw%3D%3D&google_push=AXcoOmQPuyWXduvTXG5MmaPikba93FEgVGNwgbt7zX0R0E_3xQQmWoaHzo-ugD_-86cU4yArSueGNFTn22BVk2kuSkMiDLLa9cZIoGk

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 04:35:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwODU5MzU2NTI0NzUzNTI2Mw%3D%3D&google_push=AXcoOmQPuyWXduvTXG5MmaPikba93FEgVGNwgbt7zX0R0E_3xQQmWoaHzo-ugD_-86cU4yArSueGNFTn22BVk2kuSkMiDLLa9cZIoGk
Date: Mon, 04 Dec 2023 04:35:44 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 625B
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKMRNSDP3c9Q2zUaGpraofA&google_cver=1&google_push=AXcoOmRFLZ79iTbGrVPgLBjc7VX8b4p1SbXEjrApDoHh9g1UcSFnhE6rr-KSukOYK9B24EbJH7_FJLtT...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKMRNSDP3c9Q2zUaGpraofA&google_cver=1&google_push=AXcoOmRFLZ79iTbGrVPgLBjc7VX8b4p1SbXEjrApDoHh9g1UcSFnhE6rr-KSukOYK9B24EbJH7_...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njg5NjQyODUxMzAzMjI2NTMwNw&google_push=AXcoOmRFLZ79iTbGrVPgLBjc7VX8b4p1SbXEjrApDoHh9g1UcSFnhE6rr-KSukOYK9B24EbJH7_FJL...

170 B
232 B

34ms
33ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njg5NjQyODUxMzAzMjI2NTMwNw&google_push=AXcoOmRFLZ79iTbGrVPgLBjc7VX8b4p1SbXEjrApDoHh9g1UcSFnhE6rr-KSukOYK9B24EbJH7_FJLtT7CaSKogcykxTVjPZVbEZh-Q

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 04:35:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 04:35:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njg5NjQyODUxMzAzMjI2NTMwNw&google_push=AXcoOmRFLZ79iTbGrVPgLBjc7VX8b4p1SbXEjrApDoHh9g1UcSFnhE6rr-KSukOYK9B24EbJH7_FJLtT7CaSKogcykxTVjPZVbEZh-Q
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 625B
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEJwU197qmCVDhrBqTX3n_Sk&google_cver=1&google_push=AXcoOmT4hPpzsO-wByFo-qlQwBSVVNfrwyy4b7n2AVyapLQhwJ8NtiKwMko_YAXCC9XhLc_ooNWfdcvHcvN76DEsurT99B6...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJwU197qmCVDhrBqTX3n_Sk&google_cver=1&google_push=AXcoOmT4hPpzsO-wByFo-qlQwBSVVNfrwyy4b7n2AVyapLQhwJ8NtiKwMko_YAXCC9XhLc_ooNWfdcvHcvN76DEsurT99...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmT4hPpzsO-wByFo-qlQwBSVVNfrwyy4b7n2AVyapLQhwJ8NtiKwMko_YAXCC9XhLc_ooNWfdcvHcvN76DEsurT99B6lL7asXyA

170 B
232 B

35ms
35ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmT4hPpzsO-wByFo-qlQwBSVVNfrwyy4b7n2AVyapLQhwJ8NtiKwMko_YAXCC9XhLc_ooNWfdcvHcvN76DEsurT99B6lL7asXyA

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 04:35:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmT4hPpzsO-wByFo-qlQwBSVVNfrwyy4b7n2AVyapLQhwJ8NtiKwMko_YAXCC9XhLc_ooNWfdcvHcvN76DEsurT99B6lL7asXyA
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 625B 43 B
363 B 49ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQHN6PmmkQInOfG0ewo_kgvsXdIWSCtbLw9iZbuF4vxNYa-4AqB-AO82cO6ahRcAc1NIiKbrYpfdbUG_GsTq4i_I3FjKAq_KTg&google_gid=CAESEH9fJ_7FyK5x4_lUeOKihRg&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 04:35:43 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 231633
expires: Mon, 04 Dec 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 625B
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEEU0fYPVoMvApzdBlkPk_JI&google_cver=1&google_push=AXcoOmTViwqNnolXET5qqVQXn0MedvKP2FWWUOQodv0sky24EjhR_ZWyznQRoTBMaqcOzcGMcQdyIaAu9shy...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTViwqNnolXET5qqVQXn0MedvKP2FWWUOQodv0sky24EjhR_ZWyznQRoTBMaqcOzcGMcQdyIaAu9shyrT4OtQFgMsZUSmReHJo

170 B
232 B

34ms
34ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTViwqNnolXET5qqVQXn0MedvKP2FWWUOQodv0sky24EjhR_ZWyznQRoTBMaqcOzcGMcQdyIaAu9shyrT4OtQFgMsZUSmReHJo

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 04:35:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTViwqNnolXET5qqVQXn0MedvKP2FWWUOQodv0sky24EjhR_ZWyznQRoTBMaqcOzcGMcQdyIaAu9shyrT4OtQFgMsZUSmReHJo
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 625B 0
139 B 72ms
31ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KYrE133RB1OQpvDOIcgFt3PCWnbW3cY8JFbrb3MUEgEzt_7u6ORfE0xbA_kQX3hGKv40ip

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:35:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 0CA3 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f90e73a7c02d60d49a1edb35ac98011d21ff8ff8d1efc8c4d2cc7dc8b1de24df

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 0CA3
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CFgcNH1dtZcG7LuOpx_APo-G08ALe-4K_dLXZr6H8Ed7nkKORQBABIL70ug5glfKLgpgHoAHHhYm1AcgBAqkChxZyOYpCsj6oAwHIA8kEqgTIAU_Q5n3kqlEtFsGkkvYnj9yhXk1CuE7rw4G...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22612413325719949490%22,%22debug_reporting%22:true,%22destination%22:%22https://themekkits.com%22,%22event_report_window%22:...

0
0

112ms
49ms

Fetch
text/css

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22612413325719949490%22,%22debug_reporting%22:true,%22destination%22:%22https://themekkits.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22379732679%22],%224%22:[%2212-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212293726376989251873%22}&andc=true

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:35:44 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"612413325719949490","debug_reporting":true,"destination":"https://themekkits.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["379732679"],"4":["12-04"],"6":["true"]},"priority":"500","source_event_id":"12293726376989251873"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Dec 2023 04:35:44 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Dec 2023 04:35:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"612413325719949490","debug_reporting":true,"destination":"https://themekkits.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["379732679"],"4":["12-04"],"6":["true"]},"priority":"500","source_event_id":"12293726376989251873"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 102ms
50ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7de7792ded4290c47ad3fd867a9bd8d2d69056974777ffdb98b1a86941a6b6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:35:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12367
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame C986 51 KB
19 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:47:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 373680
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 20:47:44 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 104ms
48ms Preflight
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 04:35:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 30ms
27ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Dec 2023 04:35:44 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 714E 13 KB
5 KB 18ms
14ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xanje.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 32729
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 19:30:15 GMT
expires: Mon, 02 Dec 2024 19:30:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5977 829 B
560 B 62ms
61ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1c56d7307529445f798561f77e2658862615d8fc861487576528c93f7700efc0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8g9w6GKjq6bdqhjyKo5Rrg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.xanje.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-8g9w6GKjq6bdqhjyKo5Rrg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 04:35:44 GMT
expires: Mon, 04 Dec 2023 04:35:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 714E 39 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Dec 2024 12:58:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5977 0
0 48ms
48ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=645690844379622&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 714E 0
10 B 13ms
13ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?8AWftw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 04:35:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 54ms
54ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=645690844379622&bg=!JySlJGvNAAY3kmNgF5I7ADQBe5WfOK1CL1DPo-Cce8Wta8W8C1lh1__j9DD-asnsmH7dd9b67dhWqNgq_hZVqi1QvktJAgAAAEtSAAAAA2gBBwoAofAf963wKT8327QM-3S0Nr5FAawk31gcUEU2qC4HaD10T-Zk6fpL1atnDzaTH56ar8KLpbTKQrXnjrp_bQYbWkqXVTBek_KH6FoSgAZ03U5FD2AQlx7tWyiSeqB9D9m6AssVmpHiTmQAuQXmAv3eM_BQSSUD4ZXO_akt2zPvskUKUQUWX736-AL5N0MtWApdex2Udn-bcNsc7BehgbCXpp5pmQKwfpzVE5HbEhNg6GcDTv9G79L1l4Ef7oq8gIs9536ry8Bcrc_ALY7N2maV2ZS35XzrM-1C-btLFn1wjndedWCAhLauCeJbAg8KAAyC2b7xs4BSSX4IgDyFthM0oAgESADCS1-lcAvlGWQUf6-taXtQrPZCK8KZNrbnmDjqQ-LivoZdjk0jCVbUFn-TISAH3YiCJfbdrvSHa6q_mUlphX8r4v0NvrgrAB4NMlABOZCL6ETZ2vy8mDsx9Cn8M5ghlDkLabmiK_2fDDFHw5wSXPkQG6Jl3d-adchYVBFR_yQ7y5MFAM0UlQG99Fn49YUQVhuans3uL7uWw-z5nuOEzXrrXTd6n1huc7wQxQk8liYqYlfn_sgdB6fzjvEZ-nEwP39ajtnmV8TcnCL2XJMIP2T5I3blZwPX4JZycild3KHASwg1spLnO6JUbBmGcJUBuNf4DAZrDNm_Idv0W0ZQF7Znx790iB4rMSzglTE3jw9NciY0vc0O0b2z5ISzuN1n4YQMWBqPxrFkTDQ4VCAqpyGWw5HiK2_s13o9IcFzybJ0SICagcH_c3GMRI0o8HZww3MtCvSZSYSkRbbauC0dyMj-UnhhkEgiXo_HKyJ2ugm2TXDS5RW9YtiaO4UYVxEZYITErT3ayk_sNUZSwmpIeA7aQJ3dJs_cGVZ9ngMLHRP-jfb4u4RJHERBV7o9tdrDmSPfFFGhaEL3cIAm9JFwEMAN3yPNpqHzWPb0bvJy4q3Y09McXqCeunKxx9QKBCdefD5jLL2_FveWl_0COmkGy4Fg8ZYr4FStaSLe9bENUmnmGtnP2LlrAGBL7pSsE79fDGnwcSaz9FbGU4q31yRBt_4FGtsnnLhalNUBM_CiZOqB6HQ9ZhEU-lq9m7zU-bXhYSsgmOHRo62uN52NOPQ2mb3UwA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xanje.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.xanje.com/	1970-01-20 17:24:16	Name: XSRF-TOKEN Value: eyJpdiI6IllvNmNFZ2diK3F5aWhoWXFHSHl5MHc9PSIsInZhbHVlIjoidDYwdzJMNWhsNy9hbmhhQnZhQ2t2bkhRR0RKTldqRm9hcUpiVmxFbFBmS1lKd0h1THdpUW14N3FJUkxiSXBYODU0eVA2dVZ1QmZKTDFmOFE1bHBtRzNaT3RkbHBORERvc3dtZ09LU1ZXMGFUdGJFU3puNDR2T3ZlTlUvMkNGZFUiLCJtYWMiOiJjOWYwZmEyMzE5ZmUwOTViN2U1YjQ1YjIwZWMzNTU3NDhhNzg0ZDJjNDFiYmIxYzJjMjFhOTQ2NTRiNDRkZGMzIiwidGFnIjoiIn0%3D
.xanje.com/	1970-01-20 17:24:16	Name: xanje_session Value: eyJpdiI6InVaYlNJRjhWUjF3WGRWUlZhQUhXenc9PSIsInZhbHVlIjoiVGZ1aWlkQ1dFZERad3NvUkNmeUE3TFRncURwRTlFcm5RbXRGZ1VUWk1xMi9aR1gxRmo3NWlvVCt4RUgydGpJT0tPcWdFR1QwcTZMMys3WWVDUmZMcUZ6YlEvU0xIbUs4aWhubkF3OVdrdnM4amE5a1dQTlZhZnpHOUZjV0c3dSsiLCJtYWMiOiI1MjVjYjE2OThlZTcxZTM0ZGNhMzc2ZGVlNThhMTZmYjU5Mzg4MjA2M2VjZjY0YzgyMmNiOWI0Mzk5OWZiMWQ5IiwidGFnIjoiIn0%3D
.xanje.com/	1970-01-20 18:50:40	Name: _gcl_au Value: 1.1.1892288915.1701664544
.xanje.com/	1970-01-20 18:50:40	Name: _fbp Value: fb.1.1701664543666.1527837828
.doubleclick.net/	1970-01-21 02:02:40	Name: IDE Value: AHWqTUkBCrfXJWthVVDzDAllw10G9xkzoecAaOCk1571H7QXRe7bEyf8M11MOWP8qmA
.xanje.com/	1970-01-21 02:02:40	Name: __gads Value: ID=d0134a280274193e:T=1701664543:RT=1701664543:S=ALNI_Mbk9BO_Op2dRi9j5TzKIo41QnNAFA
.xanje.com/	1970-01-21 02:02:40	Name: __gpi Value: UID=00000d0318a55aec:T=1701664543:RT=1701664543:S=ALNI_Mbz8Tcyc-0JtBDpAKZBMRigj5MGbg
.doubleclick.net/	1970-01-20 16:41:08	Name: DSID Value: NO_DATA
.adfarm1.adition.com/	1970-01-20 18:50:40	Name: UserID1 Value: 7308593565247535263
.ctnsnet.com/	1970-01-21 01:26:40	Name: cid_f1bcee399c7542e09b3338c44ceae633 Value: 1
.ctnsnet.com/	1970-01-21 01:26:40	Name: gid_CAESEA1S6wv3dPFgMt0oDYWYL7U Value: 1
.adform.net/	1970-01-20 17:25:42	Name: C Value: 1
.de17a.com/	1970-01-21 01:19:28	Name: guid Value: 1.4429146979490463043
.adform.net/	1970-01-20 18:07:28	Name: uid Value: 6896428513032265307
.googleadservices.com/	1970-01-20 18:50:40	Name: ar_debug Value: 1
.tribalfusion.com/	1970-01-20 18:50:40	Name: ANON_ID Value: avntAZctMPmFUTgUpySVotCOkhv92iBkr4E4meyQjr9qFnhHc0mNdNgjT2x4sxdyF8VOdhKRWWg27jJDTJC0R9jSFBkcaxrZdr

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.xanje.com/dist/js/global.js?id=98cc588c58ad5860bcce97a6b6d7c276(Line 1) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
c1.adform.net
cm.g.doubleclick.net
connect.facebook.net
d3v3o5zb6nsk3s.cloudfront.net
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
media.xanje.com
onetag-sys.com
pagead2.googlesyndication.com
s.tribalfusion.com
tpc.googlesyndication.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.xanje.com
142.250.185.66
142.250.186.162
178.250.1.9
213.155.156.182
2600:9000:2250:8600:0:cbc4:f200:21
2606:4700::6812:18ad
2a00:1450:4001:809::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
35.186.193.173
37.157.6.243
51.75.86.98
54.164.219.188
85.114.159.118
00c2c022890c5c47c22eb60e80561173d20923c9d6aef7f5df1d72c0cb8e5a9f
0363a7743d2d778ca10c5d9827cb2d02dfcd465c5eb21e4e4383d19d2e7048a8
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f969e481bd43cb1b129b4d7a4d6d404dc66d10ed3f1c9170e26445e7415af3d
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
1640bdabf2a82f3903eb4f341158c7de369c4cb155c2fbd03d2a253b9b6e3aab
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1c56d7307529445f798561f77e2658862615d8fc861487576528c93f7700efc0
2aac422bb90d27a8d93e2905267ba7372d4959e438f7501ea62176aceb9277fd
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
352eae01725fc6f306561c54d5be5177a0e450e8aa61ebba065e2c03776e56c0
3a017095b6603c202cb6b3ea609007e0f6513eeb446bd22fd907fa05cce9724a
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
4077393a5ee14f5fbb1631d09cf7ff16b244dcfc884b6c3bd8972ee4e1f71873
4171271ea9151ca85863edb399ea141fd74f7581ce2ad7c081875649b88d4844
42e8d15ace08877564983aebfd6d07cd99bf2d473fa9d1d958343b85bbe721db
4bccce74dca3debe8cd5e2dd29494d0d2bfa0f53fcfbdf8ce2e651d76f6bac61
4dcdb8146ca0b6d03ee33b2b73224254754788c090e7aa84fdcbf00e36267aca
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5429d5e1999d8beb1ef40d8010d4314004f960b053c1499a3b11e09a2afd3cca
54ea77ce4e4b83b976f6be8a78cbca3c56eec5dbfaa92862ba7cf7e70243ffa5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5fceb99a6f31ed7032a62c5192eb728130a026916fa86daaebbdecedb81d60d9
60821ef3b270a92c0403e02600b3b4c64d18ce15aa71672d6559705076bf0117
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c524d7ba6087fbc33c00ef4ba532d4e2f7f3c716a469f7cfb367be28d20895
69140d55e600742a91578d700440baf58b4482c4971896e89526f65d9e1a7933
78779d2a28f0746e8901d627a1c6ae406f643d7ea17a2b402ef411ebe35803a0
7a371b88a9f0728c09475916374c232743d93afe14c783ee4f4ea2f3626fe0a3
7b89475ef5f86f77fe0f58d8c51d30385811d0a57923df0c23a99a36bc1631ab
7d234ba8b353cfb341e2a74b060df22e1621b735b28763db9e0289a4bc130139
7e84707e2890f6230f3b06828b56a73f058f90322e0363d17a39a82a43d5c352
80062eed5815817c8a7facf7bdb4ba10762fbf9394a2b944fd60faa0947f747f
8721ee8f343b9be27e9e0a5137bc712761bcc661eacf3fd26cb339313c1cc9bd
8f6cec9d8eae43fd9f7b8c6965104bec6a54962837f26ded39541e274c9e4cd5
8f7d09f253b4660f2903c6a8008106fce607cfcb953cb73fffec2de4e21884a7
8fba1c751399bb36ca85b331cb770b25e3411e1dc7658a23c8d1f2ab51de9432
97e118c223f4480ab898a49d7414b600483d62046315c849d382e723e1a88107
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b95e777c9bd90476b106935aa4f80be8da9d37b6978dd1478def12d843dc72e
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
a23b28decf8baaf24216aaa60998ab6f3268ca59599ae68844dbe5c82794e145
a7de7792ded4290c47ad3fd867a9bd8d2d69056974777ffdb98b1a86941a6b6c
aa8626c229428ba73b452477db09c53c7b64231f394abde29b7346e116264d64
b13bab0e2d9eb4b37d0a99d4228082f72e62ca76f6aabfeea3a409ab3a0eee60
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
b84830e778e1508eedc5b84f42fe497dcf5d423771f24e4df6334b1628e5aa6f
b99b547a867dab7ba77e6e3bf5a9719683c96dd33e22c2aaaf2f402c9ed81acf
bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059
bfd3e5ca5c204c50b8a1227a5727d1ff0f7c36a1a8760071290cb08510e15721
d9bc7cf8567414b465464735a712195e7f2a02d20b106a405fbecbebc5be947b
db7fc4a5fe60fb79b594ddd13b6839a6c688b65fbe73421698194f67841fce2b
e17fe05806b65dbdcdc7f5a36033ca95d77825fe8dd31b6ad31ab8dd999337a8
e3716c5fcb84cc471e628d2ab917de579b049ad10f23cb8c49dfcdc1d7c044be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ec2b69e729e36b8c6fae08af4fabc92af9e8efe1ab729d3ea495eeba2f346288
ed97fe2f319b6fe8d85cb73c87350fd20d25c3c971ce8270e113a0b43660ebc4
edbdc5071d020a1dbe00ec621e71abd01ef285ba88c64ea32c7d8ccedccd5d32
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f90e73a7c02d60d49a1edb35ac98011d21ff8ff8d1efc8c4d2cc7dc8b1de24df
f94a10196d8c14f75358410a6fb0b810c2c7b23ca199b8e940a7942c0f081f1c
fdae7351f4415cc23e12754ab8f2d66dc7edf5ec59163a0b7f164778194fd2d7
fe26e5f82ec7257e558028e5ab1d3560b48b8fe4f9a3bc0897b8069db53046d3

www.xanje.com Open in urlscan Pro 54.164.219.188 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

83 Requests

92 %HTTPS

55 %IPv6

18 Domains

22 Subdomains

16 IPs

5 Countries

2575 kBTransfer

4363 kBSize

16 Cookies

0 Outgoing links

Page URL History

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.xanje.com Open in urlscan Pro
54.164.219.188 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

92 %
HTTPS

55 %
IPv6

18
Domains

22
Subdomains

16
IPs

5
Countries

2575 kB
Transfer

4363 kB
Size

16
Cookies

83 HTTP transactions
1 data transactions